Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! (https://www.trojaner-board.de/148765-windows-7-neue-e-mail-adresse-erstellt-gleich-spoof-mail-bekommen-ebay-raet-trojaner-check.html)

Vater Sohn 27.01.2014 20:36
Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!
 
Hallo alle zusammen und schon mal Danke für´s helfen.. :daumenhoc

Ich habe vor kurzem eine neue E-mail Adresse eingerichtet (eine zweit/unter Mail meiner Haupt E-Mail adresee). Ich Brauche sie nur als Adresse für einen Verein. (Wollte nicht meine Haupt Adresse angeben)

Kurz danach habe ich dann Spoof Mails von Ebay(Fake) und PayPal(Fake) bekommen.
Ebay rät dazu nach Trojanern zu suchen.

Also nach einrichten der Mail Adresse Spoof Mails bekommen.
Von zeit zu zeit kommt es auch vor das nach dem PC Start nichts geht.. Browser , Mail programm Starten aber denn erscheint " Keine Rückmeldung" nach einem Neustart ist alles ok!

Ich wüßte aber nicht was ich falsch gemacht habe!! Da mein Sohn aber auch den PC zum Spielen nutzt bin ich mir nicht sicher... Ich hoffe ihr könnt helfen..

Ich bin keine leuchte am PC und bitte bei fehlern um nachsicht. Sollte mein Sohn fehler gemacht haben teilt mir das bitte per Mail mit ich werde das dann mit ihm klären..

DANKE...



Ich habe versucht die Logs in Code einzufügen habe dann eine fehlermeldung bekommen (Text zu Lang) .
Jetzt als Anhang eingefügt.
Hoffe das war richtig so ?

schrauber 27.01.2014 23:16
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Vater Sohn 28.01.2014 18:20
Hallo schrauber,

ich hoffe ich mache es jetzt richtig...

Defogger

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:51 on 27/01/2014 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014
Ran by Admin (administrator) on ADMIN-PC on 27-01-2014 19:04:08
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Mozilla Corporation) C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Admin\Desktop\Tor Browser\Tor\tor.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-26] (AVM Berlin)
HKCU\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
MountPoints2: I - I:\LaunchU3.exe -a
MountPoints2: {5132780b-3953-11e1-b452-90fba62bc3cb} - I:\setup.exe
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7810&r=17360110ln0597y263m25yh411cl4s
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = hxxp://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=DE&install_date=20130323&user_guid=47BF190103454A438DAB3E559A1FE70D&machine_id=2e58b8b5997ea2b7d8d4aa7ea3d2fa9a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://startsear.ch/?aff=1&src=sp&cf=ba3dfcf2-fcd0-11e0-b7ad-90fba62bc3cb&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {8BFD13C4-6B9B-4D79-80E6-65FEAE90B4A1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=3a841be2-e9e4-43b3-8bdf-7bb43ffbf429&apn_sauid=0A2D11D3-53B3-45D5-A49D-D4D9E14347F4
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
SearchScopes: HKCU - {B224AA02-F7C8-3A2B-859F-560B80767E4A} URL = hxxp://kl.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=876&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.5.0&install_country=DE&install_date=20130323&user_guid=47BF190103454A438DAB3E559A1FE70D&machine_id=2e58b8b5997ea2b7d8d4aa7ea3d2fa9a&browser=IE&os=win&os_version=6.1-x64-SP1&iesrc={referrer:source}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog9 01 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 14 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF user.js: detected! => C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll (vShare.tv )
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: QuickStores-Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\quickstores@quickstores.de [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome:
=======
CHR HomePage: hxxp://search.linkury.com/
CHR DefaultSearchKeyword: search.linkury.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:5731629158&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll (vShare.tv )
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll (vShare.tv )
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (vshare plugin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj [2011-11-08]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [kpionmjnkbpcdpcflammlgllecmejgjj] - C:\Program Files (x86)\vShare.tv plugin\vshareplg.crx [2011-08-31]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2011-08-31]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [x]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]
U5 UnlockerDriver5; C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-27 19:04 - 2014-01-27 19:04 - 00000000 ____D C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-27 18:48 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 16:36 - 2014-01-27 18:55 - 00004005 _____ C:\Windows\avmacc.log
2014-01-26 16:30 - 2014-01-27 18:52 - 00000224 _____ C:\Windows\setupact.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000808 _____ C:\Windows\PFRO.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000000 _____ C:\Windows\setuperr.log
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\ProgramData\Babylon
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-23 20:15 - 2014-01-23 20:15 - 00675594 _____ C:\ProgramData\SPL451C.tmp
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ C:\Users\Admin\Downloads\2591617_hd.flv
2013-12-29 17:30 - 2013-12-29 17:31 - 00000000 ____D C:\ProgramData\PMS
2013-12-29 17:29 - 2013-12-29 17:30 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server


==================== One Month Modified Files and Folders =======

2014-01-27 19:04 - 2014-01-27 19:04 - 00000000 ____D C:\FRST
2014-01-27 19:01 - 2013-01-26 09:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-01-27 19:01 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-27 19:01 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-27 18:57 - 2012-11-27 17:10 - 01126733 _____ C:\Windows\WindowsUpdate.log
2014-01-27 18:55 - 2014-01-26 16:36 - 00004005 _____ C:\Windows\avmacc.log
2014-01-27 18:54 - 2010-02-26 13:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-27 18:53 - 2013-08-28 17:00 - 00000368 _____ C:\Windows\Tasks\B Lyrics Update.job
2014-01-27 18:53 - 2010-08-29 11:20 - 00000382 _____ C:\Windows\Tasks\Registry Reviver64-Admin-Startup.job
2014-01-27 18:53 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-27 18:52 - 2014-01-26 16:30 - 00000224 _____ C:\Windows\setupact.log
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-27 18:51 - 2010-02-08 10:13 - 00000000 ____D C:\Users\Admin
2014-01-27 18:48 - 2014-01-27 18:46 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-27 18:25 - 2011-08-01 17:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2014-01-26 20:34 - 2010-02-26 13:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-26 20:14 - 2012-04-04 11:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-26 18:01 - 2013-01-26 09:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-01-26 16:30 - 2014-01-26 16:30 - 00000808 _____ C:\Windows\PFRO.log
2014-01-26 16:30 - 2014-01-26 16:30 - 00000000 _____ C:\Windows\setuperr.log
2014-01-26 09:57 - 2010-10-08 13:57 - 01746432 ___SH C:\Users\Admin\Desktop\Thumbs.db
2014-01-26 09:44 - 2013-10-25 16:34 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\Users\Admin\AppData\Local\Babylon
2014-01-26 08:00 - 2014-01-26 08:00 - 00000000 ____D C:\ProgramData\Babylon
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2014-01-25 18:14 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 18:14 - 2012-04-04 11:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 18:14 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-23 20:15 - 2014-01-23 20:15 - 00675594 _____ C:\ProgramData\SPL451C.tmp
2014-01-23 20:11 - 2010-01-07 06:55 - 00769136 _____ C:\Windows\system32\perfh007.dat
2014-01-23 20:11 - 2010-01-07 06:55 - 00175866 _____ C:\Windows\system32\perfc007.dat
2014-01-23 20:11 - 2009-07-14 06:13 - 01816162 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-16 17:57 - 2009-07-14 05:45 - 05002968 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-10 17:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-10 17:28 - 2012-01-14 09:04 - 00283213 _____ C:\Windows\SysWOW64\TVersityMediaServer.log
2013-12-29 17:31 - 2013-12-29 17:30 - 00000000 ____D C:\ProgramData\PMS
2013-12-29 17:30 - 2013-12-29 17:29 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2013-12-28 13:58 - 2013-01-10 16:58 - 00003340 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000
2013-12-28 13:58 - 2013-01-10 16:58 - 00003206 _____ C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000


Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\DeltaTB.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 08:28

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---




Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014
Ran by Admin at 2014-01-27 19:05:11
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
7-Zip 9.20 (x32 Version:  - )
Acer eRecovery Management (x32 Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (x32 Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0812 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3014 - Acer Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 1.1 - Adobe Systems Incorporated)
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version:  - )
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (x32 Version: 1.0.0 - Advanced Micro Devices, Inc.)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Application Profiles (x32 Version: 2.0.4232.33935 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4301.35982 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4315.34200 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4331.36041 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4385.36018 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4469.34733 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4674.34053 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
Audacity 1.2.6 (x32 Version:  - )
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AVM FRITZ!Box Dokumentation (x32 Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (x32 Version:  - AVM Berlin)
AVS Update Manager 1.0 (x32 Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (x32 Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (x32 Version:  - Online Media Technologies Ltd.)
Battlefield 2(TM) (x32 Version:  - )
Battlefield 2: Special Forces (x32 Version:  - )
Battlefield 3™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.1.7 - EA Digital Illusions CE AB)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (Version: 2.0.0.36 - Apple Inc.)
Borderlands (x32 Version: 1.0.295 - 2K Games)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1026.2246.39002 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.10 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (x32 Version:  - DownloadHelper)
ConvertXtoDVD 4.1.19.365 (x32 Version: 4.1.19.365 - )
Counter-Strike (x32 Version:  - Valve)
Counter-Strike: Global Offensive Beta (x32 Version:  - )
Counter-Strike: Source (x32 Version:  - Valve)
Counter-Strike: Source Beta (x32 Version:  - )
Creative Audio-Systemsteuerung (x32 Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (x32 Version: 5.00 - )
Creative Software AutoUpdate (x32 Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (x32 Version:  - Creative Technology Limited)
Dairy Dash (x32 Version:  - Oberon Media)
Darkest Hour: Europe '44-'45 (x32 Version:  - Darkest Hour Team)
DashCommand (x32 Version: 3.0.1 - Palmer Performance Engineering)
Day of Defeat (x32 Version:  - Valve)
Dead Island (x32 Version:  - Techland)
Dead Space (x32 Version:  - EA Redwood Shores)
Deathmatch Classic (x32 Version:  - Valve)
DebugMode Wax 2.0 (x32 Version:  - )
Defraggler (Version: 2.16 - Piriform)
DH Driver Cleaner Professional Edition (x32 Version: Version 1.5 - Ruud Ketelaars)
DiRT 2 (x32 Version:  - Codemasters)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
DivxToDVD 0.5.2b (x32 Version: 0.5.2b - VSO-Software SARL)
Dream Day First Home (x32 Version:  - Oberon Media)
DVDx 4.0 Open Edition (x32 Version: 4.0 (Open Edition) - labDV)
eBay Worldwide (x32 Version: 2.1.0703 - OEM)
Eraser 6.0.10.2620 (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (x32 Version:  - )
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
EVEMon (x32 Version: 1.8.4.4125 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (x32 Version: 5.50 - Lavalys, Inc.)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3 - Andre Wiethoff)
Excel Protection Remover (x32 Version:  - )
EXIFeditor (x32 Version: 1.0.0 - kiwi.software.NET)
Exif-Viewer 2.50  (x32 Version: 2.50 - Ralf Bibinger)
FileZilla Client 3.5.3 (HKCU Version: 3.5.3 - FileZilla Project)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0 - MAGIX AG)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b - Xiph.org)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25) - Martijn de Visser)
Free Video to MP3 Converter version 3.5 (x32 Version:  - DVDVideoSoft Limited.)
FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.0.2 - AVM Berlin)
FRITZ!DSL64 (Version: 2.04.03 - AVM Berlin)
FRITZ!Fernzugang (Version: 1.2.6 - AVM Berlin)
Futuremark SystemInfo (x32 Version: 4.0.0.0 - Futuremark Corporation)
GameShadow (x32 Version: 2.03.0000 - GameShadow Ltd)
GetRight (x32 Version:  - Headlight Software, Inc.)
GFI LANguard 9.0 ReportPack (x32 Version: 9.0.2009.0709 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) Hidden
GFI ReportCenter Framework (x32 Version: 3.6.2009.0630 - GFI Software Ltd)
GIMP 2.6.10 (Version: 2.6.10 - The GIMP Team)
Google Earth (x32 Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Prix Legends (x32 Version:  - )
Granny In Paradise (x32 Version:  - Oberon Media)
GRID (x32 Version: 1.00.0000 - Codemasters)
GTR Evolution (x32 Version:  - SimBin Studios)
Half-Life (x32 Version:  - Valve)
Half-Life 2 (x32 Version:  - Valve)
Half-Life 2: Deathmatch (x32 Version:  - Valve)
Half-Life 2: Episode One (x32 Version:  - Valve)
Half-Life 2: Episode Two (x32 Version:  - Valve)
Half-Life 2: Lost Coast (x32 Version:  - Valve)
Half-Life Deathmatch: Source (x32 Version:  - Valve)
Half-Life: Blue Shift (x32 Version:  - Gearbox)
Hama Cromo Pad (x32 Version: 1.00.0000 - GASIA)
Hitman: Sniper Challenge (x32 Version:  - IO Interactive)
HOMEFRONT (x32 Version:  - THQ)
Host OpenAL (x32 Version: 1.00 - Creative Technology Limited)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (x32 Version: 1 - Microsoft Corporation)
Hotkey Utility (x32 Version: 1.00.3004 - Acer Incorporated)
iArt 3 (x32 Version:  - iPodSoft)
iCloud (Version: 3.1.0.40 - Apple Inc.)
ICQ7.2 (x32 Version: 7.2 - ICQ)
Identity Card (x32 Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImTOO Video Converter Ultimate 6 (x32 Version: 6.8.0.1101 - ImTOO)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (x32 Version: 6.0.350 - Oracle)
JDownloader 2 (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (x32 Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Left 4 Dead (x32 Version:  - Valve)
Left 4 Dead 2 (x32 Version:  - Valve)
Left 4 Dead Authoring Tools (x32 Version:  - Valve)
Lexmark  (x32 Version: 1.0.0.0 - )
Lexmark 5600-6600 Series (Version:  - Lexmark International, Inc.)
Lexmark 5600-6600 Series (x32 Version:  - Lexmark International, Inc.)
Lidl-Fotos (x32 Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Metro 2033 (x32 Version:  - THQ)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Picture It!-Bibliothek 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (x32 Version:  - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 de) (x32 Version: 24.0.1 - Mozilla)
Mp3tag v2.50 (x32 Version: v2.50 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Mumble and Murmur (x32 Version: 1.2.2 - Mumble)
Music Manager (HKCU Version:  - Google, Inc.)
MyPhoneExplorer (x32 Version: 1.8.0 - F.J. Wechselberger)
MyWinLocker (x32 Version: 3.1.72.0 - Egis Technology Inc.)
Need For Speed™ World (x32 Version: 1.0.0.659 - Electronic Arts)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero Burning ROM 10 (x32 Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (x32 Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (x32 Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
Nero Update (x32 Version: 1.0.0018 - Nero AG)
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No More Room in Hell (x32 Version:  - No More Room in Hell Team)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NVIDIA Drivers (Version: 1.7 - )
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OnlineFotoservice (x32 Version:  - )
OpenAL (x32 Version:  - )
Origin (x32 Version: 8.5.0.4550 - Electronic Arts, Inc.)
PageshotsPro 1.0.0 (x32 Version: 1.0.0 - PageshotsPro)
particleIllusion 3.0.4 (x32 Version: 3.0.4 - wondertouch LLC)
PAYDAY: The Heist (x32 Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (x32 Version: 3.8 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (x32 Version:  - Valve)
PS3 Media Server (x32 Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RACE 07 (x32 Version:  - SimBin Studios)
Race: The WTCC Game (x32 Version:  - SimBin Studios)
Rapture3D 2.3.26 Game (x32 Version:  - Blue Ripple Sound)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (Version: 1.44 - Piriform)
Red Orchestra: Ostfront 41-45 (x32 Version:  - Tripwire Interactive)
RESIDENT EVIL 5 (x32 Version: 1.0.0.129 - CAPCOM CO., LTD.)
Ricochet (x32 Version:  - Valve)
S.T.A.L.K.E.R. - Shadow of Chernobyl (x32 Version: 1.0000 - THQ)
Saitek SD6 Programming Software 6.6.6.9 (Version: 6.6.6.9 - Saitek)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0 - Microsoft Corporation)
ShadowExplorer 0.8 (x32 Version: 0.8.430.0 - ShadowExplorer.com)
Sierra Utilities (x32 Version:  - )
Silent Hunter 4 Wolves of the Pacific (x32 Version: 1.03.0000 - Ubisoft)
SIW version 2010.07.14 (x32 Version: 2010.07.14 - Topala Software Solutions)
SmartCopy (x32 Version:  - Northstar Systems Corp.)
SmartLauncher (x32 Version:  - Northstar Systems Corp.)
Sniper: Ghost Warrior (x32 Version:  - City Interactive S.A.)
Sound Blaster X-Fi (x32 Version: 1.0 - )
Source SDK (x32 Version:  - Valve)
Source SDK Base 2007 (x32 Version:  - Valve)
Speccy (Version: 1.10 - Piriform)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Defender 4 (x32 Version:  - Oberon Media)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (x32 Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Sweet Home 3D version 3.3 (x32 Version:  - eTeks)
TCPEye 1.0 (x32 Version:  - Free Software Relase)
Team Fortress Classic (x32 Version:  - Valve)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (x32 Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Tom Clancy's H.A.W.X (x32 Version: 1.02.00000 - Ubisoft)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Trust Tablet Driver (x32 Version:  - )
TVAnts 1.0 (x32 Version:  - )
TVersity Codec Pack 1.7 (x32 Version: 1.7 - TVersity Inc.)
TVersity Media Server 1.9.7 (x32 Version: 1.9.7 - TVersity)
Überwachungstool für die Intel® Turbo-Boost-Technologie (Version: 1.0.115.11 - Intel)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
UltraMon (Version: 3.0.10 - Realtime Soft Ltd)
Unlocker 1.9.1 (x32 Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.3.5500.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VMLite Workstation (Version: 3.2.6 - VMLite)
vShare.tv plugin 1.3 (x32 Version: 1.3 - vShare.tv, Inc.) <==== ATTENTION
Welcome Center (x32 Version: 1.00.3005 - Acer Incorporated)
WinCDEmu (x32 Version: 3.6 - Bazis)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR (Version:  - )
World of Padman (x32 Version: 1.1 - Padworld Entertainment)
XBMC (HKCU Version:  - Team XBMC)
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

26-01-2014 12:34:43 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-01-24 17:34 - 00005320 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com
127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 hxxp://www.nero.com/rus/support-cust...istration.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 hxxp://www.nero.com/eng/support.html...b47525e97a3b80
127.0.0.1 hxxp://www.nero.com/eng/store-upgrad...b47525e97a3b80
127.0.0.1 hxxp://www.nero.com/eng/support-cust...b47525e97a3b80
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 hxxp://www.nero.com/eng/store-upgrad...7pPYNNBYCFbXkg
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 activation@nero.com
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html.
127.0.0.1 legal@nero.com
127.0.0.1 support.nero.com
127.0.0.1 nero.net
127.0.0.1 nero.com
127.0.0.1 Nero - CD DVD Burning, Video Editing Software, Backup Software - Official Site
127.0.0.1 activate.nero.com
127.0.0.1 www.activate.nero.com
127.0.0.1 nero.de
127.0.0.1 Die Nehls-Roszak Werbung GmbH

There are 112 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0115A5A6-E64A-403E-ACAA-CC03CCEA8961} - System32\Tasks\{BEC36182-3C31-41AF-903B-DA5417E01792} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {0286D2A2-1E63-4032-841E-4B977FBD7810} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {03720371-86AE-43B6-B7F3-CCCD57810264} - System32\Tasks\{1C5F50C9-41C0-4A0A-A6B2-3E2F0B13CB70} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {1564EC25-AE28-46D9-8059-13CA9E8BCFA4} - System32\Tasks\Installation App Launcher => C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {213B6E15-7BE6-418F-8F75-647F45A8AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {235F1315-633F-499C-BF8D-B6181DF4CCE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {38A89AE3-A38B-4CD6-8BDC-5975B69B9DE2} - System32\Tasks\{0D6D11F9-1C40-46D7-8CA3-4C7C0D126EBD} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {3B9857BE-320A-4982-BFEE-A6C0E0C60B7F} - System32\Tasks\{A399484D-F591-4733-818C-DC7338273965} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {67515F07-1A0A-47FE-9B94-EA2CAD86617B} - System32\Tasks\B Lyrics Update => C:\Program Files (x86)\bLyrics\bLyrics.exe <==== ATTENTION
Task: {70577F12-FB82-400B-AE8A-2F65F7CA8ECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {71E9F36C-EAFA-43DE-9D06-E10AD4DAB409} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {729350B7-1537-4BD9-800C-4747F4334C0D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2715126414-4153456669-2541334608-1010
Task: {8B0B1CDA-71D1-48E7-A959-E5E3773CB4A5} - System32\Tasks\{A9F987D8-E27B-4A6E-AF95-591274BBCFE1} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {8D9B1BA3-47A8-40DA-BF16-BEE94378AE41} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8EC55220-8702-49AC-A22D-1920809C22C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {91C39897-7AD6-452A-9089-B91838183D53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {94925380-9B7E-4D9C-A1AD-FB6D689E26DF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {99CE50B9-986C-46A7-B0DB-F48DEE09F083} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {9A2FD0BA-7ABB-4DCF-B0FC-0C513C3C9B3A} - System32\Tasks\{0D305426-792B-4830-AD55-34D63689F52D} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {9E14EB50-1670-438F-9CFE-D6355012E8C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B3D8EFCE-EDB2-4762-A8B7-26B125B8D4E1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-25] (Adobe Systems Incorporated)
Task: {BA83B7BA-EB12-4347-B67A-BAF1C658BAE0} - System32\Tasks\{42B98F6C-E6A1-449C-864F-8840083F92D0} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {BF24A726-5A9A-4E70-BFBF-DD3F82A8C814} - System32\Tasks\{19667509-9130-4E49-922E-3A85A064D196} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C0F6313F-C440-45B2-8CD7-C7A9DAD819B1} - System32\Tasks\{C26A75A3-8B13-4FA8-9F1E-A1E2761ABEDB} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {C3B15D4E-F036-45FA-B197-E9157035C5C5} - System32\Tasks\{40252C16-B304-4946-A21A-A72C62710961} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C3BA5DA4-6B3E-4D2F-B2B1-E1844B234BFA} - System32\Tasks\{B049F9BB-5F69-4D85-8268-E17D45B6EEBA} => C:\Users\Admin\Downloads\Sony Ericsson PC Suite 2.10.46.exe
Task: {D50D10AA-5B1D-439D-92C1-91346CDE732F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {DD8F72FA-2BD2-4376-9223-B2ACAF44D269} - System32\Tasks\{FA0972CC-1C72-4D7D-B73F-EA0731EAA574} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {E1D0CF52-AE3F-4B90-A040-F7F7DCFFD02B} - System32\Tasks\{E69133B3-03F7-47EA-9DD3-C1E9E8FB0D20} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {EB4083E4-CBD1-4EC2-8221-216EBBDDF344} - System32\Tasks\Registry Reviver64-Admin-Startup => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver64.exe
Task: {EC0F8BBE-33EC-4DFB-AA57-AF4A72872C88} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {F25783B2-2843-4A07-A384-80AD1BF7669B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\B Lyrics Update.job => C:\Program Files (x86)\bLyrics\bLyrics.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Registry Reviver64-Admin-Startup.job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver64.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-05-08 17:20 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 05:44 - 2010-07-15 05:44 - 00020032 _____ () C:\Program Files (x86)\Unlocker\UnlockerCOM.dll
2013-05-20 11:32 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-10 09:55 - 2010-11-10 09:55 - 00360960 _____ () C:\Program Files (x86)\GFI\LANguard 9\lnssalerter.dll
2010-10-20 18:25 - 2010-10-20 18:25 - 00233984 _____ () C:\Program Files (x86)\GFI\LANguard 9\apistrings.dll
2010-11-01 10:32 - 2010-11-01 10:32 - 00142336 _____ () C:\Program Files (x86)\GFI\LANguard 9\modlop.dll
2010-05-10 10:58 - 2010-05-10 10:58 - 00640512 _____ () C:\Program Files (x86)\GFI\LANguard 9\exporter.dll
2010-11-11 15:54 - 2010-11-11 15:54 - 01691136 _____ () C:\Program Files (x86)\GFI\LANguard 9\crmimodule.dll
2010-05-07 13:36 - 2010-05-07 13:36 - 00221696 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedcompactdb.dll
2010-11-11 15:29 - 2010-11-11 15:29 - 00181760 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchautodownload.dll
2010-11-10 19:12 - 2010-11-10 19:12 - 00434176 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchdeployment.dll
2006-06-02 16:37 - 2006-06-02 16:37 - 00741376 _____ () C:\Program Files (x86)\GFI\LANguard 9\TntUnicodeVcl_R90.bpl
2010-05-06 09:14 - 2010-05-06 09:14 - 00256000 _____ () C:\Program Files (x86)\GFI\LANguard 9\scheduledscans.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-05-07 14:27 - 2010-05-07 14:27 - 00065024 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedupdates.dll
2003-05-08 15:17 - 2003-05-08 15:17 - 00098304 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfi_log.dll
2009-07-09 15:17 - 2009-07-09 15:17 - 00131072 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\LNSS9PlugIn.dll
2006-09-12 17:39 - 2006-09-12 17:39 - 00002560 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\invoke.dll
2009-06-18 13:22 - 2009-06-18 13:22 - 00136704 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\modlop9.dll
2008-09-30 15:19 - 2008-09-30 15:19 - 00010240 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\nsslc9.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00347944 _____ () C:\ProgramData\TVersity\Media Server\taglib.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00225064 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_lcms_.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00031528 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_xlib_.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00716584 _____ () C:\ProgramData\TVersity\Media Server\log4cxx.dll
2011-07-13 19:35 - 2011-07-13 19:35 - 04534072 _____ () C:\ProgramData\TVersity\Media Server\avcodec-52.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00083768 _____ () C:\ProgramData\TVersity\Media Server\avutil-50.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00313640 _____ () C:\ProgramData\TVersity\Media Server\libmp3lame-0.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00795448 _____ () C:\ProgramData\TVersity\Media Server\avformat-52.dll
2011-07-13 19:35 - 2011-07-13 19:35 - 00203064 _____ () C:\ProgramData\TVersity\Media Server\swscale-0.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00509720 _____ () C:\ProgramData\TVersity\Media Server\sqlite3.dll
2009-09-24 16:17 - 2009-09-24 16:17 - 00267264 _____ () C:\Windows\system32\WinTab32.DLL
2009-09-24 16:16 - 2009-09-24 16:16 - 00200704 _____ () C:\Windows\SysWOW64\WinTab32.DLL
2010-07-04 22:32 - 2010-07-04 22:32 - 00004608 _____ () C:\Program Files (x86)\Unlocker\UnlockerHook.dll
2010-09-24 17:06 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-09-24 17:06 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 04:29 - 2009-08-26 04:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 04531726 _____ () C:\Users\Admin\Desktop\Tor Browser\Browser\mozjs.dll
2013-12-20 18:54 - 2013-12-20 18:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00505859 _____ () C:\Users\Admin\Desktop\Tor Browser\Tor\libevent-2-0-5.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00090112 _____ () C:\Users\Admin\Desktop\Tor Browser\Tor\zlib1.dll
2000-01-01 01:00 - 2000-01-01 01:00 - 00104451 _____ () C:\Users\Admin\Desktop\Tor Browser\Tor\libssp-0.dll
2014-01-25 18:14 - 2014-01-25 18:14 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:FB92BB6B6E4828F1
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/26/2014 09:36:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/25/2014 06:12:42 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/24/2014 07:38:35 PM) (Source: ATIeRecord) (User: )
Description: ATI EEU Client has failed to start

Error: (01/23/2014 08:20:46 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00095873
ID des fehlerhaften Prozesses: 0x1334
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (01/23/2014 06:29:44 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/20/2014 08:52:47 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WTClient.exe, Version: 8.19.2009.1, Zeitstempel: 0x4a8bd2d7
Name des fehlerhaften Moduls: WinTab32.DLL_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4abb38dd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x100194f0
ID des fehlerhaften Prozesses: 0xc18
Startzeit der fehlerhaften Anwendung: 0xWTClient.exe0
Pfad der fehlerhaften Anwendung: WTClient.exe1
Pfad des fehlerhaften Moduls: WTClient.exe2
Berichtskennung: WTClient.exe3

Error: (01/20/2014 08:40:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/20/2014 08:40:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/20/2014 07:56:09 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (01/20/2014 07:45:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (01/27/2014 06:53:51 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
papycpu2

Error: (01/27/2014 06:53:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/27/2014 06:53:16 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (01/27/2014 06:52:51 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/27/2014 06:36:00 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
papycpu2

Error: (01/27/2014 06:34:52 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/27/2014 06:34:52 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (01/27/2014 06:34:27 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (01/27/2014 06:34:35 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎27.‎01.‎2014 um 18:33:23 unerwartet heruntergefahren.

Error: (01/27/2014 06:23:21 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Akamai erreicht.


Microsoft Office Sessions:
=========================
Error: (12/04/2010 07:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/10/2010 04:07:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 560 seconds with 420 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-19 18:31:31.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.165
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.731
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.702
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.531
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6001.18000_none_54ffd942dc23dbc0\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 4087.08 MB
Available physical RAM: 1732.69 MB
Total Pagefile: 8172.34 MB
Available Pagefile: 4892.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:127.49 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:243.3 GB) NTFS
Drive f: (ACER) (Fixed) (Total:366.76 GB) (Free:193.9 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Volume) (Fixed) (Total:274.98 GB) (Free:234.68 GB) NTFS
Drive h: (Games) (Fixed) (Total:275.12 GB) (Free:77.51 GB) NTFS
Drive q: (Iomega HDD) (Fixed) (Total:596.17 GB) (Free:367.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 7E8E1FA3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=367 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=275 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=275 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CBD306F8)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================
weiter im Zweiten post....

Vater Sohn 28.01.2014 18:23
hier das Gmer log

Code:
GMER 2.1.19355 - hxxp://www.gmer.net
Rootkit scan 2014-01-27 19:34:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD10 rev.05.0 931,51GB
Running: gmer.exe; Driver: C:\Users\Admin\AppData\Local\Temp\pwlorpod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                                                                                                                    fffff800035a2000 45 bytes [00, 00, 00, 00, 00, 00, 00, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                                                                                                                                    fffff800035a202f 16 bytes [00, 00, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text    C:\Windows\SysWOW64\svchost.exe[1952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                                        0000000075d21465 2 bytes [D2, 75]
.text    C:\Windows\SysWOW64\svchost.exe[1952] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                                        0000000075d214bb 2 bytes [D2, 75]
.text    ...                                                                                                                                                                                                                                                                  * 2
.text    C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe[1920] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69                                                                                                              0000000075d21465 2 bytes [D2, 75]
.text    C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe[1920] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155                                                                                                            0000000075d214bb 2 bytes [D2, 75]
.text    ...                                                                                                                                                                                                                                                                  * 2
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                                                                                              00000000725a1a22 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                                                                                              00000000725a1ad0 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                                                                                              00000000725a1b08 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                                                                                              00000000725a1bba 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2332] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                                                                                              00000000725a1bda 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                                                                                                                              00000000725a1a22 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                                                                                                                              00000000725a1ad0 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                                                                                                                              00000000725a1b08 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                                                                                                                              00000000725a1bba 2 bytes [5A, 72]
.text    C:\Windows\SysWOW64\PnkBstrB.exe[2768] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                                                                                                                              00000000725a1bda 2 bytes [5A, 72]
.text    C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                  0000000075d21465 2 bytes [D2, 75]
.text    C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[4940] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                0000000075d214bb 2 bytes [D2, 75]
.text    ...                                                                                                                                                                                                                                                                  * 2
.text    C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                                                  0000000075d21465 2 bytes [D2, 75]
.text    C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe[304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                                                  0000000075d214bb 2 bytes [D2, 75]
.text    ...                                                                                                                                                                                                                                                                  * 2
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26                                                                                                                                                                        0000000073c213c6 2 bytes [C2, 73]
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74                                                                                                                                                                        0000000073c213f6 2 bytes [C2, 73]
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257                                                                                                                                                                        0000000073c214ad 2 bytes [C2, 73]
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303                                                                                                                                                                        0000000073c214db 2 bytes [C2, 73]
.text    ...                                                                                                                                                                                                                                                                  * 2
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79                                                                                                                                                                        0000000073c21577 2 bytes [C2, 73]
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175                                                                                                                                                                        0000000073c215d7 2 bytes [C2, 73]
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620                                                                                                                                                                        0000000073c21794 2 bytes [C2, 73]
.text    C:\Windows\SysWOW64\rundll32.exe[5116] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921                                                                                                                                                                        0000000073c218c1 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 26                                                                                                                            0000000073c213c6 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 74                                                                                                                            0000000073c213f6 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 257                                                                                                                            0000000073c214ad 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 303                                                                                                                            0000000073c214db 2 bytes [C2, 73]
.text    ...                                                                                                                                                                                                                                                                  * 2
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 79                                                                                                                            0000000073c21577 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 175                                                                                                                            0000000073c215d7 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 620                                                                                                                            0000000073c21794 2 bytes [C2, 73]
.text    C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe[3052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 921                                                                                                                            0000000073c218c1 2 bytes [C2, 73]
.text    C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe[1560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                  0000000075d21465 2 bytes [D2, 75]
.text    C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe[1560] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                  0000000075d214bb 2 bytes [D2, 75]
.text    ...                                                                                                                                                                                                                                                                  * 2

---- Threads - GMER 2.1 ----

Thread    C:\Windows\system32\svchost.exe [1296:1376]                                                                                                                                                                                                                          000007fefa708274
Thread    C:\Windows\system32\svchost.exe [1296:3456]                                                                                                                                                                                                                          000007fefa708274
Thread    C:\Windows\System32\spoolsv.exe [1616:3160]                                                                                                                                                                                                                          0000000051074ba0
Thread    C:\Windows\System32\spoolsv.exe [1616:3412]                                                                                                                                                                                                                          000000006508e0e0
Thread    C:\Windows\System32\spoolsv.exe [1616:3076]                                                                                                                                                                                                                          000007fef7a910c8
Thread    C:\Windows\System32\spoolsv.exe [1616:3280]                                                                                                                                                                                                                          000007fef7616144
Thread    C:\Windows\System32\spoolsv.exe [1616:3380]                                                                                                                                                                                                                          000007fef7405fd0
Thread    C:\Windows\System32\spoolsv.exe [1616:3304]                                                                                                                                                                                                                          000007fef7aa3438
Thread    C:\Windows\System32\spoolsv.exe [1616:3488]                                                                                                                                                                                                                          000007fef74063ec
Thread    C:\Windows\System32\spoolsv.exe [1616:3552]                                                                                                                                                                                                                          000007fef82c5e5c
Thread    C:\Windows\System32\spoolsv.exe [1616:3772]                                                                                                                                                                                                                          000007fef79a5074
Thread    C:\Windows\System32\spoolsv.exe [1616:4204]                                                                                                                                                                                                                          000007fef7a12288
Thread    C:\Windows\System32\spoolsv.exe [1616:4392]                                                                                                                                                                                                                          000007fef7978760
Thread    C:\Windows\System32\WUDFHost.exe [4508:4164]                                                                                                                                                                                                                          000007fef38224a0
---- Processes - GMER 2.1 ----

Process  C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4940]                                                                                                                          0000000000400000
Process  C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [4252]                                                                                                      0000000000400000
Process  C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [304]                                                                                                                            0000000000400000
Process  C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbce  0000000001200000
Library  C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\avmacc32.dll (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f40  0000000073e30000
Library  C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\managedupnp.DLL (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_  00000000005d0000
Library  C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\avmcsock.dll (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f40  0000000006720000
Library  C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\upnpapicli.dll (*** suspicious ***) @ C:\Users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f  0000000000f40000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                                                                                                                                                     
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                                                                                                                                  0x00 0x00 0x00 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                                                                                                                                  0
Reg      HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                                                                                                                                0x2E 0x06 0x94 0x46 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                                                                                                                                                 
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                                                                                                                                      0x00 0x00 0x00 0x00 ...
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                                                                                                                                      0
Reg      HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                                                                                                                                    0x2E 0x06 0x94 0x46 ...

---- EOF - GMER 2.1 ----
so das war es glaub ich...

Danke für hilfe...

schrauber 29.01.2014 11:54
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Vater Sohn 29.01.2014 20:04
Hallo Schrauber, danke für deine hilfe...

beim Scannen gab es zweimal eine meldung von Avira... obwohl ich den EchtzeitScanner abgeschaltet hatte...

Avira meldung
Code:
Der Administrator hat per Sicherheitsrichtlinie den Zugriff auf die Registry blockiert.
Hoffe das ist kein problem...

Das ComboFix log ist leider zu groß ... wird mir bei der Vorschau angezeigt !
Ich füge es als datei an! Ich weiß nicht ob ich es Splitten soll?


Gruß Vater Sohn :dankeschoen:

schrauber 30.01.2014 16:23
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Vater Sohn 30.01.2014 19:29
OK ..


ComboFix LOG


Teil 1
Code:
ComboFix 14-01-29.01 - Admin 29.01.2014  18:41:02.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.4087.2362 [GMT 1:00]
ausgeführt von:: c:\users\Admin\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\Common Files\Acer GameZone online.ico
c:\program files (x86)\XingHaoLyrics
c:\programdata\SPL147.tmp
c:\programdata\SPL1872.tmp
c:\programdata\SPL1E84.tmp
c:\programdata\SPL27AB.tmp
c:\programdata\SPL2BC1.tmp
c:\programdata\SPL451C.tmp
c:\programdata\SPL6ED8.tmp
c:\programdata\SPL6FC3.tmp
c:\programdata\SPL7399.tmp
c:\programdata\SPL7723.tmp
c:\programdata\SPL7FC9.tmp
c:\programdata\SPL94DF.tmp
c:\programdata\SPL9531.tmp
c:\programdata\SPL9656.tmp
c:\programdata\SPL9961.tmp
c:\programdata\SPLB09.tmp
c:\programdata\SPLC2B7.tmp
c:\programdata\SPLC5BE.tmp
c:\programdata\SPLC80F.tmp
c:\programdata\SPLCC37.tmp
c:\programdata\SPLCC53.tmp
c:\programdata\SPLD2A.tmp
c:\programdata\SPLD32A.tmp
c:\programdata\SPLE994.tmp
c:\programdata\SPLEA5E.tmp
c:\users\Admin\AppData\Roaming\vso_ts_preview.xml
c:\users\Admin\Benz Gold .xcf
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\ST~1DE2.tmp
c:\windows\SysWow64\ST~1DF3.tmp
c:\windows\SysWow64\ST~2BED.tmp
c:\windows\SysWow64\ST~2BFD.tmp
c:\windows\SysWow64\ST~74F3.tmp
c:\windows\SysWow64\ST~74F4.tmp
c:\windows\SysWow64\tmp26D3.tmp
c:\windows\SysWow64\tmp26E3.tmp
c:\windows\SysWow64\tmp3DBD.tmp
c:\windows\SysWow64\tmp3E4A.tmp
c:\windows\SysWow64\tmp5B99.tmp
c:\windows\SysWow64\tmp5BAA.tmp
c:\windows\SysWow64\tmpE199.tmp
c:\windows\SysWow64\tmpF0E3.tmp
c:\windows\SysWow64\tmpF9A9.tmp
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-12-28 bis 2014-01-29  ))))))))))))))))))))))))))))))
.
.
2014-01-29 17:50 . 2014-01-29 17:50        --------        d-----w-        c:\users\Surf and Gaming\AppData\Local\temp
2014-01-29 17:50 . 2014-01-29 17:50        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-01-27 18:04 . 2014-01-27 18:04        --------        d-----w-        C:\FRST
2014-01-26 07:00 . 2014-01-26 07:00        --------        d-----w-        c:\users\Admin\AppData\Local\Babylon
2014-01-26 07:00 . 2014-01-26 07:00        --------        d-----w-        c:\users\Admin\AppData\Roaming\Babylon
2014-01-26 07:00 . 2014-01-26 07:00        --------        d-----w-        c:\programdata\Babylon
2014-01-24 18:29 . 2014-01-24 18:29        --------        d-----w-        C:\download
2014-01-19 07:49 . 2014-01-19 07:49        --------        d-----w-        c:\users\Admin\AppData\Roaming\QuickScan
2014-01-15 17:41 . 2013-11-27 01:41        343040        ----a-w-        c:\windows\system32\drivers\usbhub.sys
2014-01-15 17:41 . 2013-11-27 01:41        99840        ----a-w-        c:\windows\system32\drivers\usbccgp.sys
2014-01-15 17:41 . 2013-11-27 01:41        53248        ----a-w-        c:\windows\system32\drivers\usbehci.sys
2014-01-15 17:41 . 2013-11-27 01:41        325120        ----a-w-        c:\windows\system32\drivers\usbport.sys
2014-01-15 17:41 . 2013-11-27 01:41        25600        ----a-w-        c:\windows\system32\drivers\usbohci.sys
2014-01-15 17:41 . 2013-11-27 01:41        30720        ----a-w-        c:\windows\system32\drivers\usbuhci.sys
2014-01-15 17:41 . 2013-11-27 01:41        7808        ----a-w-        c:\windows\system32\drivers\usbd.sys
2014-01-15 17:41 . 2013-11-26 10:32        3156480        ----a-w-        c:\windows\system32\win32k.sys
2014-01-15 17:41 . 2013-11-26 11:40        376768        ----a-w-        c:\windows\system32\drivers\netio.sys
2014-01-10 17:18 . 2013-04-04 13:50        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-01-02 19:21 . 2014-01-02 19:21        --------        d-----w-        c:\windows\Migration
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-25 17:14 . 2012-04-04 10:04        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-25 17:14 . 2011-07-09 11:49        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-15 19:03 . 2010-02-26 13:16        86054176        ----a-w-        c:\windows\system32\MRT.exe
2013-12-18 18:03 . 2013-05-20 10:33        84720        ----a-w-        c:\windows\system32\drivers\avnetflt.sys
2013-12-18 18:03 . 2013-05-20 10:32        131576        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2013-12-18 18:03 . 2013-05-20 10:32        108440        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2013-12-11 17:14 . 2013-12-11 17:14        9272200        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-11-26 11:54 . 2013-12-11 21:11        23183360        ----a-w-        c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-11 21:11        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-11 21:11        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-11 21:11        66048        ----a-w-        c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-11 21:11        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-11 21:11        2764288        ----a-w-        c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-11 21:11        53760        ----a-w-        c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-11 21:11        33792        ----a-w-        c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-11 21:11        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-11 21:11        574976        ----a-w-        c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-11 21:11        139264        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-11 21:11        111616        ----a-w-        c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-11 21:11        708608        ----a-w-        c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-11 21:11        218624        ----a-w-        c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-11 21:11        5769216        ----a-w-        c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-11 21:11        553472        ----a-w-        c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-11 21:11        4243968        ----a-w-        c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-11 21:11        1995264        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-11-26 07:50 . 2013-05-20 10:32        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys
2013-11-26 07:48 . 2013-12-11 21:11        12996608        ----a-w-        c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-11 21:11        1928192        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-11 21:11        2334208        ----a-w-        c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-11 21:11        1395200        ----a-w-        c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-11 21:11        817664        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-11 21:11        1820160        ----a-w-        c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 16:55        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 16:55        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
2013-11-13 17:25 . 2013-11-13 17:25        940032        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-13 17:25 . 2013-11-13 17:25        194048        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-11-13 17:25 . 2013-11-13 17:25        71680        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-13 17:25 . 2013-11-13 17:25        645120        ----a-w-        c:\windows\SysWow64\jsIntl.dll
2013-11-13 17:25 . 2013-11-13 17:25        235008        ----a-w-        c:\windows\system32\elshyph.dll
2013-11-13 17:25 . 2013-11-13 17:25        182272        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-11-13 17:25 . 2013-11-13 17:25        942592        ----a-w-        c:\windows\system32\jsIntl.dll
2013-11-13 17:25 . 2013-11-13 17:25        86016        ----a-w-        c:\windows\SysWow64\iesysprep.dll
2013-11-13 17:25 . 2013-11-13 17:25        86016        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe
2013-11-13 17:25 . 2013-11-13 17:25        74240        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-13 17:25 . 2013-11-13 17:25        62464        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-11-13 17:25 . 2013-11-13 17:25        61952        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll
2013-11-13 17:25 . 2013-11-13 17:25        61952        ----a-w-        c:\windows\SysWow64\iesetup.dll
2013-11-13 17:25 . 2013-11-13 17:25        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-11-13 17:25 . 2013-11-13 17:25        51200        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll
2013-11-13 17:25 . 2013-11-13 17:25        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-11-13 17:25 . 2013-11-13 17:25        454656        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-11-13 17:25 . 2013-11-13 17:25        36352        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-11-13 17:25 . 2013-11-13 17:25        34816        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-13 17:25 . 2013-11-13 17:25        337408        ----a-w-        c:\windows\SysWow64\html.iec
2013-11-13 17:25 . 2013-11-13 17:25        247808        ----a-w-        c:\windows\system32\msls31.dll
2013-11-13 17:25 . 2013-11-13 17:25        24576        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-11-13 17:25 . 2013-11-13 17:25        195584        ----a-w-        c:\windows\system32\msrating.dll
2013-11-13 17:25 . 2013-11-13 17:25        151552        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-11-13 17:25 . 2013-11-13 17:25        139264        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-11-13 17:25 . 2013-11-13 17:25        13312        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-11-13 17:25 . 2013-11-13 17:25        13312        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-11-13 17:25 . 2013-11-13 17:25        131072        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-11-13 17:25 . 2013-11-13 17:25        112128        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-11-13 17:25 . 2013-11-13 17:25        111616        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-11-13 17:25 . 2013-11-13 17:25        1051136        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-11-13 17:25 . 2013-11-13 17:25        90112        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-11-13 17:25 . 2013-11-13 17:25        84992        ----a-w-        c:\windows\system32\mshtmled.dll
2013-11-13 17:25 . 2013-11-13 17:25        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll
2013-11-13 17:25 . 2013-11-13 17:25        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-11-13 17:25 . 2013-11-13 17:25        774144        ----a-w-        c:\windows\system32\jscript.dll
2013-11-13 17:25 . 2013-11-13 17:25        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-11-13 17:25 . 2013-11-13 17:25        626176        ----a-w-        c:\windows\system32\msfeeds.dll
2013-11-13 17:25 . 2013-11-13 17:25        62464        ----a-w-        c:\windows\system32\pngfilt.dll
2013-11-13 17:25 . 2013-11-13 17:25        616104        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-11-13 17:25 . 2013-11-13 17:25        548352        ----a-w-        c:\windows\system32\vbscript.dll
2013-11-13 17:25 . 2013-11-13 17:25        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-11-13 17:25 . 2013-11-13 17:25        48128        ----a-w-        c:\windows\system32\imgutil.dll
2013-11-13 17:25 . 2013-11-13 17:25        453120        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-11-13 17:25 . 2013-11-13 17:25        413696        ----a-w-        c:\windows\system32\html.iec
2013-11-13 17:25 . 2013-11-13 17:25        40448        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-13 17:25 . 2013-11-13 17:25        30208        ----a-w-        c:\windows\system32\licmgr10.dll
2013-11-13 17:25 . 2013-11-13 17:25        296960        ----a-w-        c:\windows\system32\dxtrans.dll
2013-11-13 17:25 . 2013-11-13 17:25        263376        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-11-13 17:25 . 2013-11-13 17:25        243200        ----a-w-        c:\windows\system32\webcheck.dll
2013-11-13 17:25 . 2013-11-13 17:25        235520        ----a-w-        c:\windows\system32\url.dll
2013-11-13 17:25 . 2013-11-13 17:25        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-11-13 17:25 . 2013-11-13 17:25        147968        ----a-w-        c:\windows\system32\occache.dll
2013-11-13 17:25 . 2013-11-13 17:25        143872        ----a-w-        c:\windows\system32\wextract.exe
2013-11-13 17:25 . 2013-11-13 17:25        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-11-13 17:25 . 2013-11-13 17:25        135680        ----a-w-        c:\windows\system32\iepeers.dll
2013-11-13 17:25 . 2013-11-13 17:25        1228800        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-11-13 17:25 . 2013-11-13 17:25        105984        ----a-w-        c:\windows\system32\iesysprep.dll
2013-11-13 17:25 . 2013-11-13 17:25        101376        ----a-w-        c:\windows\system32\inseng.dll
2013-11-12 02:23 . 2013-12-11 16:55        2048        ----a-w-        c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 16:55        2048        ----a-w-        c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:18        120104        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVMUSBFernanschluss"="c:\users\Admin\AppData\Local\Apps\2.0\YGD287R3.OLT\3Z9Z33T1.LMN\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe" [2012-12-26 139264]
"MtdAcqu"="c:\program files (x86)\Creative\MediaSource5\MtdAcqu.exe" [2006-03-08 278528]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-06-14 221184]
"Akamai NetSession Interface"="c:\users\Admin\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Spotify Web Helper"="c:\users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-11-10 1199576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"SPIRunE"="SPIRunE.dll" [2009-03-05 18432]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]
"WTClient"="WTClient.exe" [2009-08-19 32768]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-18 684600]
"UnlockerAssistant"="c:\program files (x86)\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-01-10 295072]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-08-30 766208]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico /auto [2010-7-23 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys;c:\windows\SYSNATIVE\DRIVERS\Lbd.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 lxduCATSCustConnectService;lxduCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxduserv.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys;c:\windows\SYSNATIVE\DRIVERS\ENTECH64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys;c:\windows\SYSNATIVE\drivers\libusb0.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
R3 papycpu;papycpu; [x]
R3 PTSimHid;PenTablet Simulated HID MiniDriver;c:\windows\System32\Drivers\PTSimHid.sys;c:\windows\SYSNATIVE\Drivers\PTSimHid.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8187;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8187.sys [x]
R3 SaiHFF04;SaiHFF04;c:\windows\system32\DRIVERS\SaiHFF04.sys;c:\windows\SYSNATIVE\DRIVERS\SaiHFF04.sys [x]
R3 SaiIFF04;Immersion's HID USB Driver (FF04);c:\windows\system32\DRIVERS\SaiIFF04.sys;c:\windows\SYSNATIVE\DRIVERS\SaiIFF04.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WFMC_VAD;WFMCVAD (WDM);c:\windows\system32\DRIVERS\wfmcvad.sys;c:\windows\SYSNATIVE\DRIVERS\wfmcvad.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0105.sys [x]
R4 sesvc;ShadowExplorer Service;c:\program files (x86)\ShadowExplorer\sesvc.exe;c:\program files (x86)\ShadowExplorer\sesvc.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S1 VBoxDrv;VBoxDrv;c:\windows\system32\drivers\VBoxDrv.sys;c:\windows\SYSNATIVE\drivers\VBoxDrv.sys [x]
S1 vmlitedrv;vmlitedrv;c:\windows\system32\drivers\vmlitedrv.sys;c:\windows\SYSNATIVE\drivers\vmlitedrv.sys [x]
S1 VMLiteUSBMon;VMLiteUSBMon;c:\windows\system32\drivers\vmliteusbmon.sys;c:\windows\SYSNATIVE\drivers\vmliteusbmon.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 avmike;AVM FRITZ!Fernzugang IKE Service;c:\program files\FRITZ!Fernzugang\avmike.exe;c:\program files\FRITZ!Fernzugang\avmike.exe [x]
S2 certsrv;AVM FRITZ!Fernzugang Cert Service;c:\program files\FRITZ!Fernzugang\certsrv.exe;c:\program files\FRITZ!Fernzugang\certsrv.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 gfi_lanss9_attservice;GFI LANguard 9 Attendant Service;c:\program files (x86)\GFI\LANguard 9\lnssatt.exe;c:\program files (x86)\GFI\LANguard 9\lnssatt.exe [x]
S2 GFI_ReportCenter35;GFI ReportCenter 3.5;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe;c:\program files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [x]
S2 Greg_Service;GRegService;c:\program files (x86)\Acer\Registration\GregHSRW.exe;c:\program files (x86)\Acer\Registration\GregHSRW.exe [x]
S2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]
S2 lxdu_device;lxdu_device;c:\windows\system32\lxducoms.exe;c:\windows\SYSNATIVE\lxducoms.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe;c:\program files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 nwtsrv;AVM FRITZ!Fernzugang Client;c:\program files\FRITZ!Fernzugang\nwtsrv.exe;c:\program files\FRITZ!Fernzugang\nwtsrv.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 VMLiteService;VMLiteService;c:\program files\VMLite\VMLite Workstation\VMLiteService.exe;c:\program files\VMLite\VMLite Workstation\VMLiteService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 avmaudio;AVM Audio;c:\windows\system32\DRIVERS\avmaudio.sys;c:\windows\SYSNATIVE\DRIVERS\avmaudio.sys [x]
S3 avmaura;AVM USB-Fernanschluss;c:\windows\system32\DRIVERS\avmaura.sys;c:\windows\SYSNATIVE\DRIVERS\avmaura.sys [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NWIM;AVM VPN Miniport;c:\windows\system32\DRIVERS\avmnwim.sys;c:\windows\SYSNATIVE\DRIVERS\avmnwim.sys [x]
S3 PTSimBus;PenTablet Bus Enumerator;c:\windows\system32\DRIVERS\PTSimBus.sys;c:\windows\SYSNATIVE\DRIVERS\PTSimBus.sys [x]
S3 t3;Sound Blaster X-Fi Xtreme Audio;c:\windows\system32\drivers\t3.sys;c:\windows\SYSNATIVE\drivers\t3.sys [x]
S3 VBoxNetAdp;VMLite Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 vmlitediskmp;vmlitediskmp;c:\windows\system32\DRIVERS\vmlitediskmp.sys;c:\windows\SYSNATIVE\DRIVERS\vmlitediskmp.sys [x]
S3 vmlitestor;vmlitestor;c:\windows\system32\DRIVERS\vmlitestor.sys;c:\windows\SYSNATIVE\DRIVERS\vmlitestor.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2014-01-29 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 17:14]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 12:10]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26 12:10]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26 08:18]
.
2014-01-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26 08:18]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2009-08-06 17:19        137512        ----a-w-        c:\program files (x86)\EgisTec\MyWinLocker 3\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"Eraser"="c:\progra~1\Eraser\Eraser.exe" [2012-05-22 980920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 216.155.139.115:3128
uInternet Settings,ProxyOverride = 127.0.0.1:9421;<local>;*.local
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Download with GetRight - c:\program files (x86)\GetRight\GRdownload.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Open with GetRight Browser - c:\program files (x86)\GetRight\GRbrowse.htm
LSP: %ProgramFiles%\FRITZ!DSL\\sarah.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/|https://secure.eveonline.com/AdventCalendar/|www.facebook.com/pages/DCG-Custom-Guitars/227014413998080
FF - prefs.js: network.proxy.socks - localhost
FF - prefs.js: network.proxy.socks_port - 9050
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
Toolbar-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
Toolbar-10 - (no file)
WebBrowser-{EFEED92A-A33D-4873-BA8F-32BAA631E54D} - (no file)
AddRemove-Free Video to MP3 Converter_is1 - n:\free video to mp3 converter\unins000.exe
AddRemove-Grand Prix Legends - c:\sierra\gpl\Uninst.isu
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
ComboFIX LOG

Teil 2

Code:
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.1_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.1_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.4.2"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"

Vater Sohn 30.01.2014 19:32
ComboFIX LOG

Teil 3

Code:
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.5.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_26"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_27"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0028-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_28"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_29"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_30"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_31"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_32"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_33"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_34"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_35"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_36"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_37"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_38"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_39"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_40"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0041-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_41"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0042-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_42"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0043-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_43"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0044-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_44"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_45"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0046-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_46"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0047-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_47"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0048-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_48"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0049-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_49"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0050-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_50"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-0051-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0_51"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.6.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_01"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_02"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0003-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_03"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0004-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_04"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0005-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_05"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0006-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_06"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0007-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_07"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0008-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_08"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_09"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0010-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_10"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0011-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_11"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0012-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_12"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0013-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_13"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_14"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_15"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0016-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_16"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0017-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_17"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0018-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_18"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0019-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_19"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0020-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_20"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_21"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0022-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_22"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0023-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_23"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0024-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_24"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBB}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-0025-ABCDEFFEDCBC}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0_25"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}]
@DACL=(02 0000)
@="Java Plug-in 1.7.0"
.
[HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1000_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}]
@DACL=(02 0000)
@="Java Plug-in 1.3.0_02"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-01-29  18:54:35
ComboFix-quarantined-files.txt  2014-01-29 17:54
.
Vor Suchlauf: 18 Verzeichnis(se), 135.527.223.296 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 134.882.144.256 Bytes frei
.
- - End Of File - - C73742BA3FA4029770CA4F52D66377CD
A36C5E4F47E84449FF07ED3517B43A31
Außerdem kamm bei Start de PC heute

OY3Y6RH LOG

Code:
INFO ZUR PLATTFORMVERSION
        Windows                        : 6.1.7601.65536 (Win32NT)
        Common Language Runtime        : 4.0.30319.18408
        System.Deployment.dll                : 4.0.30319.18408 built by: FX451RTMGREL
        clr.dll                        : 4.0.30319.18408 built by: FX451RTMGREL
        dfdll.dll                        : 4.0.30319.18408 built by: FX451RTMGREL
        dfshim.dll                        : 4.0.31106.0 (Main.031106-0000)

QUELLEN
        Bereitstellungs-URL                        : file:///C:/Users/Admin/AppData/Roaming/Microsoft/Windows/Start%20Menu/Programs/FRITZ!Box/FRITZ!Box%20USB-Fernanschluss.appref-ms%7C

FEHLERZUSAMMENFASSUNG
        Es folgt eine Zusammenfassung der Fehler. Details zu diesen Fehlern werden später im Protokoll aufgelistet.
        * Die Aktivierung von C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss.appref-ms| führte zu einer Ausnahme. Folgende Fehlermeldungen wurden entdeckt:
                + 'hxxp://clickonce.avm.de/usb-fernanschluss2/deutsch/fritzbox-usb-fernanschluss.application' konnte nicht heruntergeladen werden.
                + Der Remotename konnte nicht aufgelöst werden: 'clickonce.avm.de'

FEHLERZUSAMMENFASSUNG FÜR DIE SPEICHERTRANSAKTION DER KOMPONENTE
        Es wurde kein Transaktionsfehler festgestellt.

WARNUNGEN
        Während dieses Vorgangs gab es keine Warnungen.

FORTSCHRITTSSTATUS DES VORGANGS
        * [30.01.2014 19:06:47] : Die Aktivierung von C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss.appref-ms| wurde gestartet.

FEHLERDETAILS
        Folgende Fehler wurden bei diesem Vorgang entdeckt.
        * [30.01.2014 19:08:32] System.Deployment.Application.DeploymentDownloadException (unbekannter Untertyp)
                - 'hxxp://clickonce.avm.de/usb-fernanschluss2/deutsch/fritzbox-usb-fernanschluss.application' konnte nicht heruntergeladen werden.
                - Quelle: System.Deployment
                - Stapelüberwachung:
                        bei System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)
                        bei System.Deployment.Application.SystemNetDownloader.DownloadAllFiles()
                        bei System.Deployment.Application.FileDownloader.Download(SubscriptionState subState)
                        bei System.Deployment.Application.DownloadManager.DownloadManifestAsRawFile(Uri& sourceUri, String targetPath, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
                        bei System.Deployment.Application.DownloadManager.DownloadManifest(Uri& sourceUri, String targetPath, IDownloadNotification notification, DownloadOptions options, ManifestType manifestType, ServerInformation& serverInformation)
                        bei System.Deployment.Application.DownloadManager.DownloadDeploymentManifestDirect(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
                        bei System.Deployment.Application.DownloadManager.DownloadDeploymentManifest(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, IDownloadNotification notification, DownloadOptions options)
                        bei System.Deployment.Application.ApplicationActivator.ProcessOrFollowShortcut(String shortcutFile, String& errorPageUrl, TempFile& deployFile)
                        bei System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
                        bei System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
                --- Interne Ausnahme ---
                System.Net.WebException
                - Der Remotename konnte nicht aufgelöst werden: 'clickonce.avm.de'
                - Quelle: System
                - Stapelüberwachung:
                        bei System.Net.HttpWebRequest.GetResponse()
                        bei System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)

DETAILS ZUR SPEICHERTRANSAKTION DER KOMPONENTE
        Es sind keine Transaktionsinformationen verfügbar.
Gruß Vater Sohn:dankeschoen:

schrauber 31.01.2014 12:23
dann den Rest von oben bitte :)

Vater Sohn 31.01.2014 15:53
Das habe ich wohl übersehen... Sorry

Das Malware Log:

Code:
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.31.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Admin :: ADMIN-PC [Administrator]

Schutz: Aktiviert

31.01.2014 13:53:06
mbam-log-2014-01-31 (13-53-06).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 251199
Laufzeit: 7 Minute(n), 17 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Da der AdwareCleaner beim ersten mal abgestürzt ist poste ich mal alle log´s:
AdwCleaner[R0]
Code:
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 14:08:45
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gefunden : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ABE\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\adblockplus\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cxrm1w8f.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\forecastfox\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\Startsear.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Startsear.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\yahoo-zugo.xml
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TestPilotExperimentFiles\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\user.js
Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\user.js
Ordner Gefunden : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Ordner Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gefunden C:\Program Files (x86)\vShare.tv plugin
Ordner Gefunden C:\ProgramData\Babylon
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden C:\ProgramData\Partner
Ordner Gefunden C:\Users\Admin\AppData\Local\Babylon
Ordner Gefunden C:\Users\Admin\AppData\Local\OpenCandy
Ordner Gefunden C:\Users\Admin\AppData\Local\PackageAware
Ordner Gefunden C:\Users\Admin\AppData\LocalLow\boost_interprocess
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Searchqutoolbar
Ordner Gefunden C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\Searchqutoolbar
Ordner Gefunden C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\bLyrics
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Headlight
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\SearchCore for Browsers
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\StartSearch
Schlüssel Gefunden : HKCU\Software\vShare.tv
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : [x64] HKCU\Software\BI
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Headlight
Schlüssel Gefunden : [x64] HKCU\Software\ICQ\ICQToolbar
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\SearchCore for Browsers
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\StartSearch
Schlüssel Gefunden : [x64] HKCU\Software\vShare.tv
Schlüssel Gefunden : [x64] HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Schlüssel Gefunden : HKLM\Software\Headlight
Schlüssel Gefunden : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\SearchCore for Browsers
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search] - hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]

Zeile gefunden : user_pref("browser.search.defaultengine", "Web Search");
Zeile gefunden : user_pref("browser.search.defaultenginename", "Searchqu Web Search");
Zeile gefunden : user_pref("browser.search.order.1", "Searchqu Web Search");
Zeile gefunden : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]
Zeile gefunden : user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=413&sr=0&q=");

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]

Zeile gefunden : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden : homepage
Gefunden : icon_url
Gefunden : search_url
Gefunden : keyword

*************************

AdwCleaner[R0].txt - [12448 octets] - [31/01/2014 14:08:45]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12509 octets] ##########
AdwCleaner[R1]

Code:
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:09:06
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[R1].txt - [1808 octets] - [31/01/2014 15:09:06]
AdwCleaner[S0].txt - [11465 octets] - [31/01/2014 15:05:31]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1929 octets] ##########
weiter:

AdwCleaner[S0]:

Code:
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:05:31
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\vShare.tv plugin
Ordner Gelöscht : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Admin\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Admin\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Searchqutoolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\Searchqutoolbar
Ordner Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\quickstores@quickstores.de
Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.url
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\foxydeal.sqlite
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Plugins\npvsharetvplg.dll
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\Startsear.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\searchplugins\yahoo-zugo.xml
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ABE\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\adblockplus\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\bookmarkbackups\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\chrome\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\cxrm1w8f.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\forecastfox\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\minidumps\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\searchplugins\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TestPilotExperimentFiles\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\user.js
Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader40696_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader54435_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SearchCore for Browsers
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StartSearch
Schlüssel Gelöscht : HKCU\Software\vShare.tv
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\bLyrics
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Headlight
Schlüssel Gelöscht : HKLM\Software\Headlight
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SearchCore for Browsers

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultengine", "Web Search");
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Searchqu Web Search");
Zeile gelöscht : user_pref("browser.search.order.1", "Searchqu Web Search");
Zeile gelöscht : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&appid=0&systemid=413&sr=0&q=");

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.enabledItems", "linkuryfirefoxremoteplugin@linkury.com:1.0,{9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-[...]

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword

*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[S0].txt - [11307 octets] - [31/01/2014 15:05:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11368 octets] ##########
AdwCleaner[S1](2):

Code:
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:10:03
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[R1].txt - [2009 octets] - [31/01/2014 15:09:06]
AdwCleaner[S0].txt - [11465 octets] - [31/01/2014 15:05:31]
AdwCleaner[S1].txt - [1930 octets] - [31/01/2014 15:10:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1990 octets] ##########
AdwCleaner[S1]:

Code:
# AdwCleaner v3.018 - Bericht erstellt am 31/01/2014 um 15:10:03
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Admin\Desktop\Trojanerbord\Programme\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Firefox 3.6 (de) - 2010-02-24.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\fv9c09ua.Jack Test Default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\gmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\TESTgmvoaa5b.default\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\Testmhbi057c.default - Kopie\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\viyggzvf.BF3\prefs.js ]


[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield\prefs.js ]


[ Datei : C:\Users\Surf and Gaming\AppData\Roaming\Mozilla\Firefox\Profiles\jajdv218.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [12654 octets] - [31/01/2014 14:08:45]
AdwCleaner[R1].txt - [2009 octets] - [31/01/2014 15:09:06]
AdwCleaner[S0].txt - [11465 octets] - [31/01/2014 15:05:31]
AdwCleaner[S1].txt - [1930 octets] - [31/01/2014 15:10:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1990 octets] ##########
Weiter mit JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Admin on 31.01.2014 at 15:21:14,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{8BFD13C4-6B9B-4D79-80E6-65FEAE90B4A1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B224AA02-F7C8-3A2B-859F-560B80767E4A}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Admin\AppData\Roaming\getrighttogo"



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\gmvoaa5b.default\minidumps [133 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2014 at 15:25:44,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Admin (administrator) on ADMIN-PC on 31-01-2014 15:35:23
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-01-30] (AVM Berlin)
HKCU\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKCU\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKCU\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-22] ()

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog9 01 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 14 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [x]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D C:\AdwCleaner
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:41 - 2014-01-31 13:42 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-30 20:26 - 2014-01-31 15:32 - 00005020 _____ C:\Windows\avmacc.log
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ C:\Windows\avmacc1.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ C:\Windows\wininit.ini
2014-01-29 19:09 - 2014-01-31 15:29 - 00000504 _____ C:\Windows\setupact.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ C:\Windows\setuperr.log
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ C:\ComboFix.txt
2014-01-29 18:37 - 2014-01-29 18:54 - 00000000 ____D C:\Qoobox
2014-01-29 18:37 - 2014-01-29 18:50 - 00000000 ____D C:\Windows\erdnt
2014-01-29 18:37 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-29 18:37 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-29 18:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 19:11 - 2014-01-21 21:56 - 00380416 _____ C:\Users\Admin\Desktop\gmer.exe
2014-01-27 19:04 - 2014-01-31 15:35 - 00000000 ____D C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-29 19:07 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ C:\Users\Admin\Downloads\2591617_hd.flv

==================== One Month Modified Files and Folders =======

2014-01-31 15:35 - 2014-01-27 19:04 - 00000000 ____D C:\FRST
2014-01-31 15:34 - 2010-02-26 13:10 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 15:32 - 2014-01-30 20:26 - 00005020 _____ C:\Windows\avmacc.log
2014-01-31 15:32 - 2010-05-13 17:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Deployment
2014-01-31 15:32 - 2010-05-12 19:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-01-31 15:31 - 2010-02-26 13:10 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-31 15:29 - 2014-01-29 19:09 - 00000504 _____ C:\Windows\setupact.log
2014-01-31 15:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 15:28 - 2012-11-27 17:10 - 01226094 _____ C:\Windows\WindowsUpdate.log
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D C:\Windows\ERUNT
2014-01-31 15:20 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 15:20 - 2009-07-14 05:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 15:14 - 2012-04-04 11:04 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D C:\AdwCleaner
2014-01-31 15:08 - 2013-10-25 16:34 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D C:\ProgramData\ICQ
2014-01-31 15:01 - 2013-01-26 09:18 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:42 - 2014-01-31 13:41 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D C:\ProgramData\Apple
2014-01-31 13:23 - 2011-08-01 17:54 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ C:\Windows\avmacc1.log
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2014-01-30 19:07 - 2012-01-14 09:04 - 00283829 _____ C:\Windows\SysWOW64\TVersityMediaServer.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ C:\Windows\wininit.ini
2014-01-29 19:11 - 2010-05-13 17:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Apps\2.0
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ C:\Windows\setuperr.log
2014-01-29 19:07 - 2014-01-27 18:46 - 00000000 ____D C:\Users\Admin\Desktop\Trojanerbord
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ C:\ComboFix.txt
2014-01-29 18:54 - 2014-01-29 18:37 - 00000000 ____D C:\Qoobox
2014-01-29 18:54 - 2010-10-08 13:57 - 01746432 ___SH C:\Users\Admin\Desktop\Thumbs.db
2014-01-29 18:50 - 2014-01-29 18:37 - 00000000 ____D C:\Windows\erdnt
2014-01-29 18:50 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2014-01-29 18:49 - 2010-02-08 10:13 - 00000000 ____D C:\Users\Admin
2014-01-29 18:26 - 2010-11-04 18:49 - 00000000 ____D C:\Windows\Minidump
2014-01-29 18:01 - 2013-01-26 09:18 - 00001068 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ C:\Users\Admin\defogger_reenable
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D C:\Users\Admin\AppData\Local\Spotify
2014-01-25 18:14 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 18:14 - 2012-04-04 11:04 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 18:14 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D C:\download
2014-01-23 20:11 - 2010-01-07 06:55 - 00769136 _____ C:\Windows\system32\perfh007.dat
2014-01-23 20:11 - 2010-01-07 06:55 - 00175866 _____ C:\Windows\system32\perfc007.dat
2014-01-23 20:11 - 2009-07-14 06:13 - 01816162 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-21 21:56 - 2014-01-27 19:11 - 00380416 _____ C:\Users\Admin\Desktop\gmer.exe
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-16 17:57 - 2009-07-14 05:45 - 05002968 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ C:\Users\Admin\Downloads\2591617_hd.flv

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 17:31

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Eine Addition´s Datei habe ich nicht bekommen.

Aufgefallen ist mir das jetzt beim PC Start ein Fenster öffnet
mit dem Text: Anwendungsanforderugen werden geprüft. Diese vorgang kann länger dauern!

schrauber 01.02.2014 11:12

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Vater Sohn 02.02.2014 09:04
Hallo Schrauber ... :dankeschoen: schon mal für die Hilfe- bis jetzt

nun zu den logs..
EST_Log

Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-07 08:07:00
# local_time=2012-05-07 10:07:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 66267222 66267222 0 0
# compatibility_mode=1280 16777215 100 0 7820334 7820334 0 0
# compatibility_mode=4096 16777215 100 0 7821015 7821015 0 0
# compatibility_mode=5893 16776574 100 94 217768 88049375 0 0
# compatibility_mode=8192 67108863 100 0 627 627 0 0
# scanned=4374
# found=2
# cleaned=2
# scan_time=1695
C:\$Recycle.Bin\S-1-5-21-2715126414-4153456669-2541334608-1000\$RFYEOKO.exe        Win32/Adware.ADON application (deleted - quarantined)        00000000000000000000000000000000        C
C:\$Recycle.Bin\S-1-5-21-2715126414-4153456669-2541334608-1000\$R0K9U7S\Aktivierung\KeyGen Methode(Empfohlen)\CS4MCLG.EXE        probably a variant of Win32/Spy.Agent.FFETUNH trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-08 02:02:05
# local_time=2012-05-08 04:02:05 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=512 16777215 100 0 66269129 66269129 0 0
# compatibility_mode=1280 16777215 100 0 7822241 7822241 0 0
# compatibility_mode=4096 16777215 100 0 7822922 7822922 0 0
# compatibility_mode=5893 16776574 100 94 219675 88051282 0 0
# compatibility_mode=8192 67108863 100 0 2534 2534 0 0
# scanned=1178296
# found=8
# cleaned=8
# scan_time=21093
C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\f04713-227e6b8f        Java/Exploit.CVE-2011-3544.AU trojan (deleted - quarantined)        00000000000000000000000000000000        C
C:\Users\Admin\AppData\Roaming\OpenCandy\OpenCandy_F54C405323294543AA149C6E7362FBA9\LinkuryInstaller.msi        Win32/Toolbar.Linkury application (deleted - quarantined)        00000000000000000000000000000000        C
F:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf        INF/Autorun.gen trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
F:\Program Files (x86)\AntiBrowserSpy\PvLogiciels.dotNetProtector.RuntimeX86.dll        a variant of MSIL/Packed.PvLogNetProtector.A application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
Q:\ACER\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf        INF/Autorun.gen trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
Q:\ADMIN-PC\Backup Set 2011-04-09 110733\Backup Files 2011-04-09 110733\Backup files 14.zip        probably a variant of Win32/Spy.Agent.FFETUNH trojan (deleted - quarantined)        00000000000000000000000000000000        C
Q:\ADMIN-PC\Backup Set 2011-04-09 110733\Backup Files 2011-04-09 110733\Backup files 2.zip        a variant of Win32/SlowPCfighter application (deleted - quarantined)        00000000000000000000000000000000        C
Q:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf        INF/Autorun.gen trojan (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# engine=16721
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-20 06:44:28
# local_time=2014-01-20 07:44:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 43380 255666758 36115 0
# compatibility_mode=5893 16776574 100 94 16673183 141873318 0 0
# scanned=2172
# found=0
# cleaned=0
# scan_time=10
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# engine=16721
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=true
# antistealth_checked=false
# utc_time=2014-01-20 06:48:49
# local_time=2014-01-20 07:48:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 43641 255667019 36376 0
# compatibility_mode=5893 16776574 100 94 16673444 141873579 0 0
# scanned=2380
# found=0
# cleaned=0
# scan_time=55
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=c19e49ab6d109645bf0798d89dd10d3d
# engine=16901
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-01 09:00:25
# local_time=2014-02-01 10:00:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 16037 256711715 8791 0
# compatibility_mode=5893 16776574 100 94 17718140 142918275 0 0
# scanned=1053856
# found=1
# cleaned=0
# scan_time=11179
sh=81E4D6C73D512607C41C1A558BFEDC122014254D ft=0 fh=0000000000000000 vn="INF/Autorun.gen worm" ac=I fn="Q:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Export\SoftDMA_Trial\Autorun.inf"
Security Check_Log

Code:
  Results of screen317's Security Check version 0.99.79 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 DH Driver Cleaner Professional Edition
 Java(TM) 6 Update 35 
 Java 7 Update 45 
 Java version out of Date!
  Adobe Flash Player 12.0.0.43 Flash Player out of Date! 
 Adobe Reader XI 
 Mozilla Firefox (26.0)
 Mozilla Thunderbird (24.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
FRST_Log


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Admin (administrator) on ADMIN-PC on 02-02-2014 08:45:33
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVM Berlin) C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\fritzbox-usb-fernanschluss.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-01-30] (AVM Berlin)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog9 01 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 02 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 09 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog9 14 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [x]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [x]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D () C:\AdwCleaner
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:41 - 2014-01-31 13:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-30 20:26 - 2014-02-02 08:32 - 00010035 _____ () C:\Windows\avmacc.log
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ () C:\Windows\avmacc1.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 19:09 - 2014-02-02 08:29 - 00000840 _____ () C:\Windows\setupact.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ () C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:37 - 2014-01-29 18:54 - 00000000 ____D () C:\Qoobox
2014-01-29 18:37 - 2014-01-29 18:50 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:37 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-29 18:37 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-29 18:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 19:11 - 2014-01-21 21:56 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-27 19:04 - 2014-02-02 08:45 - 00000000 ____D () C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-29 19:07 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv

==================== One Month Modified Files and Folders =======

2014-02-02 08:45 - 2014-01-27 19:04 - 00000000 ____D () C:\FRST
2014-02-02 08:37 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 08:37 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 08:34 - 2012-11-27 17:10 - 01258912 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 08:34 - 2010-02-26 13:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 08:32 - 2014-01-30 20:26 - 00010035 _____ () C:\Windows\avmacc.log
2014-02-02 08:31 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-02-02 08:31 - 2010-05-12 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-02-02 08:31 - 2010-02-26 13:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 08:29 - 2014-01-29 19:09 - 00000840 _____ () C:\Windows\setupact.log
2014-02-02 08:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 08:27 - 2011-08-01 17:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-02-01 22:14 - 2012-04-04 11:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-01 22:01 - 2013-01-26 09:18 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 18:01 - 2013-01-26 09:18 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-01-31 17:17 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D () C:\AdwCleaner
2014-01-31 15:08 - 2013-10-25 16:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D () C:\ProgramData\ICQ
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:42 - 2014-01-31 13:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple
2014-01-30 20:26 - 2014-01-30 20:26 - 00000902 _____ () C:\Windows\avmacc1.log
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-30 19:07 - 2012-01-14 09:04 - 00283829 _____ () C:\Windows\SysWOW64\TVersityMediaServer.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 19:11 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-01-29 19:09 - 2014-01-29 19:09 - 00000546 _____ () C:\Windows\PFRO.log
2014-01-29 19:09 - 2014-01-29 19:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-29 19:07 - 2014-01-27 18:46 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:54 - 2014-01-29 18:37 - 00000000 ____D () C:\Qoobox
2014-01-29 18:54 - 2010-10-08 13:57 - 01746432 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-01-29 18:50 - 2014-01-29 18:37 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:50 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-29 18:49 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin
2014-01-29 18:26 - 2010-11-04 18:49 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D () C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D () C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-01-25 18:14 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-25 18:14 - 2012-04-04 11:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-25 18:14 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-23 20:11 - 2010-01-07 06:55 - 00769136 _____ () C:\Windows\system32\perfh007.dat
2014-01-23 20:11 - 2010-01-07 06:55 - 00175866 _____ () C:\Windows\system32\perfc007.dat
2014-01-23 20:11 - 2009-07-14 06:13 - 01816162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-01-21 21:56 - 2014-01-27 19:11 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-16 17:57 - 2009-07-14 05:45 - 05002968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D () C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
C:\Users\Admin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 17:31

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Zu den Problemen...

heute beim PC Start...
Nach dem Hochfahren beliebt der PC bei 1%-3% CPU Leistung stehen..
es lassen sich Programmen starten die dann im Tanksmanager angezeigt werden aber nicht starten.. Um mit dem PC arbeiten zu können muss ich einen Neustart machen!
Dann geht alles normal... ( Das ist schon öfter vorgekommen )

Beim PC Start öffnet sich ein Fenster ( Siehe Foto ) war sonnst nicht da..

http://www7.pic-upload.de/02.02.14/vvajuyh2h3qa.jpg

Grade im diesem -moment ist mir wieder ein der Windows Explorer hängen geblieben.Ich wollte eine neue Text Datei erstellen.. Jetzt steht da kein Rückmeldung..

Gruß Vater Sohn

schrauber 03.02.2014 10:05
Java und Flash updaten.

Downloade dir bitte Windows Repair (All In One) von hier.

Vater Sohn 05.02.2014 17:10
Hallo Schrauber,

habe die Windows Repair (All In One) geladen und nach der Anleitung abgearbeitet.
beim ersten mal ist das Programm bei Start Repairs abgestürzt nach dem das Programm die ganze Nacht gelaufen ist und keinen schritt weiter war. Habe ich es abgebrochen.

Bei Neustart des Programms hab ich dann auf die neu Version geladen 2.2 war das glaube ich.. wird in dem Programm angezeigt!

Habe alle schritte wiederholt, dann lief alles durch.... hat aber auch gedauert!
Ein LogFile konnte ich nicht finden, sofern vorhanden...

Nun denke ich das der PC Schneller arbeitet (Startet).



Die Meldung
http://www7.pic-upload.de/02.02.14/vvajuyh2h3qa.jpg
erscheint immer noch..

Gruß Vater Sohn :dankeschoen:


Update: PC jetzt gerade wieder ohne Reaktion... CPU Auslastung 1%-3% Programme z.b. Firefox sind im Taksmanager zu sehen aber starten nicht.. nach Neustart alles wieder ok hmmm :-(

schrauber 06.02.2014 14:05
poste mal bitte ein frisches FRST log, aber bitte nen Haken setzen bei Additional, poste beide logfiles.

Vater Sohn 06.02.2014 18:18
Hallo Schrauber

hier die Log´s


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Admin (administrator) on ADMIN-PC on 06-02-2014 18:11:56
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-01-30] (AVM Berlin)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark  - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-05 05:02 - 2014-02-05 05:02 - 00119560 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-05 03:56 - 2014-02-05 03:56 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-02-05 03:55 - 2014-02-05 03:55 - 00000344 _____ () C:\Windows\PFRO.log
2014-02-04 19:51 - 2014-02-04 19:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-04 19:51 - 2014-02-04 19:51 - 00000000 ____D () C:\RegBackup
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 18:31 - 2014-02-05 03:51 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-03 17:18 - 2014-02-03 17:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 17:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-03 17:18 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-03 16:48 - 2014-02-05 17:23 - 00008030 _____ () C:\Windows\avmacc.log
2014-02-03 16:44 - 2014-02-06 18:05 - 00000560 _____ () C:\Windows\setupact.log
2014-02-03 16:44 - 2014-02-03 16:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D () C:\AdwCleaner
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:41 - 2014-01-31 13:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:37 - 2014-01-29 18:54 - 00000000 ____D () C:\Qoobox
2014-01-29 18:37 - 2014-01-29 18:50 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:37 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-29 18:37 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-29 18:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 19:11 - 2014-01-21 21:56 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-27 19:04 - 2014-02-06 18:11 - 00000000 ____D () C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-29 19:07 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv

==================== One Month Modified Files and Folders =======

2014-02-06 18:13 - 2010-01-07 06:55 - 00769136 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 18:13 - 2010-01-07 06:55 - 00175866 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 18:13 - 2009-07-14 06:13 - 01816162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 18:12 - 2012-11-27 17:10 - 01354432 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 18:12 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 18:12 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 18:11 - 2014-01-27 19:04 - 00000000 ____D () C:\FRST
2014-02-06 18:07 - 2010-02-26 13:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 18:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 18:05 - 2014-02-03 16:44 - 00000560 _____ () C:\Windows\setupact.log
2014-02-05 21:01 - 2013-01-26 09:18 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-02-05 20:34 - 2010-02-26 13:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 18:15 - 2013-01-26 09:18 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-02-05 17:23 - 2014-02-03 16:48 - 00008030 _____ () C:\Windows\avmacc.log
2014-02-05 17:23 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-02-05 17:23 - 2010-05-12 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-02-05 05:02 - 2014-02-05 05:02 - 00119560 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-05 05:02 - 2010-02-08 10:14 - 00119560 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-05 03:56 - 2014-02-05 03:56 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-02-05 03:56 - 2009-07-14 05:45 - 05002968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-05 03:55 - 2014-02-05 03:55 - 00000344 _____ () C:\Windows\PFRO.log
2014-02-05 03:51 - 2014-02-03 18:31 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-05 02:01 - 2011-08-01 17:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-02-04 19:51 - 2014-02-04 19:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-04 19:51 - 2014-02-04 19:51 - 00000000 ____D () C:\RegBackup
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 19:23 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini
2014-02-03 17:31 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-03 17:31 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-03 17:21 - 2013-11-04 18:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-03 17:18 - 2014-02-03 17:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 17:18 - 2010-05-07 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-03 16:48 - 2010-10-08 13:57 - 01746432 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-02-03 16:44 - 2014-02-03 16:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 17:05 - 2013-10-25 16:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 17:17 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D () C:\AdwCleaner
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D () C:\ProgramData\ICQ
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:42 - 2014-01-31 13:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-30 19:07 - 2012-01-14 09:04 - 00283829 _____ () C:\Windows\SysWOW64\TVersityMediaServer.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 19:11 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-01-29 19:07 - 2014-01-27 18:46 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:54 - 2014-01-29 18:37 - 00000000 ____D () C:\Qoobox
2014-01-29 18:50 - 2014-01-29 18:37 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:50 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-29 18:49 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin
2014-01-29 18:26 - 2010-11-04 18:49 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D () C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D () C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-21 21:56 - 2014-01-27 19:11 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D () C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 17:31

==================== End Of Log ============================
--- --- ---

--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014
Ran by Admin at 2014-02-06 18:14:20
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32 Version:  - Microsoft)
7-Zip 9.20 (x32 Version:  - )
Acer eRecovery Management (x32 Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (x32 Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (x32 Version: 1.1.0812 - Acer Incorporated)
Acer Updater (x32 Version: 1.01.3014 - Acer Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (x32 Version: 1.1 - Adobe Systems Incorporated)
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (x32 Version:  - )
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (x32 Version: 1.0.0 - Advanced Micro Devices, Inc.)
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Application Profiles (x32 Version: 2.0.4232.33935 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4301.35982 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4315.34200 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4331.36041 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4385.36018 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4469.34733 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4674.34053 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
Audacity 1.2.6 (x32 Version:  - )
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
AVM FRITZ!Box Dokumentation (x32 Version:  - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (x32 Version:  - AVM Berlin)
AVS Update Manager 1.0 (x32 Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (x32 Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (x32 Version:  - Online Media Technologies Ltd.)
Battlefield 2(TM) (x32 Version:  - )
Battlefield 2: Special Forces (x32 Version:  - )
Battlefield 3™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.1.7 - EA Digital Illusions CE AB)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (Version: 2.0.0.36 - Apple Inc.)
Borderlands (x32 Version: 1.0.295 - 2K Games)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1026.2246.39002 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.10 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (x32 Version:  - DownloadHelper)
ConvertXtoDVD 4.1.19.365 (x32 Version: 4.1.19.365 - )
Counter-Strike (x32 Version:  - Valve)
Counter-Strike: Global Offensive Beta (x32 Version:  - )
Counter-Strike: Source (x32 Version:  - Valve)
Counter-Strike: Source Beta (x32 Version:  - )
Creative Audio-Systemsteuerung (x32 Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (x32 Version: 5.00 - )
Creative Software AutoUpdate (x32 Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (x32 Version:  - Creative Technology Limited)
Dairy Dash (x32 Version:  - Oberon Media)
Darkest Hour: Europe '44-'45 (x32 Version:  - Darkest Hour Team)
DashCommand (x32 Version: 3.0.1 - Palmer Performance Engineering)
Day of Defeat (x32 Version:  - Valve)
Dead Island (x32 Version:  - Techland)
Dead Space (x32 Version:  - EA Redwood Shores)
Deathmatch Classic (x32 Version:  - Valve)
DebugMode Wax 2.0 (x32 Version:  - )
Defraggler (Version: 2.16 - Piriform)
DH Driver Cleaner Professional Edition (x32 Version: Version 1.5 - Ruud Ketelaars)
DiRT 2 (x32 Version:  - Codemasters)
DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC)
DivxToDVD 0.5.2b (x32 Version: 0.5.2b - VSO-Software SARL)
Dream Day First Home (x32 Version:  - Oberon Media)
DVDx 4.0 Open Edition (x32 Version: 4.0 (Open Edition) - labDV)
eBay Worldwide (x32 Version: 2.1.0703 - OEM)
Eraser 6.0.10.2620 (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (x32 Version:  - )
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
EVEMon (x32 Version: 1.8.4.4125 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (x32 Version: 5.50 - Lavalys, Inc.)
Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3 - Andre Wiethoff)
Excel Protection Remover (x32 Version:  - )
EXIFeditor (x32 Version: 1.0.0 - kiwi.software.NET)
Exif-Viewer 2.50  (x32 Version: 2.50 - Ralf Bibinger)
FileZilla Client 3.5.3 (HKCU Version: 3.5.3 - FileZilla Project)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0 - MAGIX AG)
FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b - Xiph.org)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25) - Martijn de Visser)
Free Video to MP3 Converter version 3.5 (x32 Version:  - DVDVideoSoft Limited.)
FRITZ!Box USB-Fernanschluss - 1  (HKCU Version: 2.3.2.0 - AVM Berlin)
FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.0.2 - AVM Berlin)
FRITZ!DSL64 (Version: 2.04.03 - AVM Berlin)
FRITZ!Fernzugang (Version: 1.2.6 - AVM Berlin)
Futuremark SystemInfo (x32 Version: 4.0.0.0 - Futuremark Corporation)
GameShadow (x32 Version: 2.03.0000 - GameShadow Ltd)
GetRight (x32 Version:  - Headlight Software, Inc.)
GFI LANguard 9.0 ReportPack (x32 Version: 9.0.2009.0709 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) Hidden
GFI ReportCenter Framework (x32 Version: 3.6.2009.0630 - GFI Software Ltd)
GIMP 2.6.10 (Version: 2.6.10 - The GIMP Team)
Google Earth (x32 Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Grand Prix Legends (x32 Version:  - )
Granny In Paradise (x32 Version:  - Oberon Media)
GRID (x32 Version: 1.00.0000 - Codemasters)
GTR Evolution (x32 Version:  - SimBin Studios)
Half-Life (x32 Version:  - Valve)
Half-Life 2 (x32 Version:  - Valve)
Half-Life 2: Deathmatch (x32 Version:  - Valve)
Half-Life 2: Episode One (x32 Version:  - Valve)
Half-Life 2: Episode Two (x32 Version:  - Valve)
Half-Life 2: Lost Coast (x32 Version:  - Valve)
Half-Life Deathmatch: Source (x32 Version:  - Valve)
Half-Life: Blue Shift (x32 Version:  - Gearbox)
Hama Cromo Pad (x32 Version: 1.00.0000 - GASIA)
Hitman: Sniper Challenge (x32 Version:  - IO Interactive)
HOMEFRONT (x32 Version:  - THQ)
Host OpenAL (x32 Version: 1.00 - Creative Technology Limited)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (x32 Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (x32 Version: 1 - Microsoft Corporation)
Hotkey Utility (x32 Version: 1.00.3004 - Acer Incorporated)
iArt 3 (x32 Version:  - iPodSoft)
iCloud (Version: 3.1.0.40 - Apple Inc.)
ICQ7.2 (x32 Version: 7.2 - ICQ)
Identity Card (x32 Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImTOO Video Converter Ultimate 6 (x32 Version: 6.8.0.1101 - ImTOO)
Intel® Matrix Storage Manager (Version:  - Intel Corporation)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (x32 Version: 6.0.350 - Oracle)
JDownloader 2 (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (x32 Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Left 4 Dead (x32 Version:  - Valve)
Left 4 Dead 2 (x32 Version:  - Valve)
Left 4 Dead Authoring Tools (x32 Version:  - Valve)
Lexmark  (x32 Version: 1.0.0.0 - )
Lexmark 5600-6600 Series (Version:  - Lexmark International, Inc.)
Lexmark 5600-6600 Series (x32 Version:  - Lexmark International, Inc.)
Lidl-Fotos (x32 Version:  - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Metro 2033 (x32 Version:  - THQ)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Picture It!-Bibliothek 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (x32 Version:  - Pavel Cvrcek)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.0.1 (x86 de) (x32 Version: 24.0.1 - Mozilla)
Mp3tag v2.50 (x32 Version: v2.50 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Mumble and Murmur (x32 Version: 1.2.2 - Mumble)
Music Manager (HKCU Version:  - Google, Inc.)
MyPhoneExplorer (x32 Version: 1.8.0 - F.J. Wechselberger)
MyWinLocker (x32 Version: 3.1.72.0 - Egis Technology Inc.)
Need For Speed™ World (x32 Version: 1.0.0.659 - Electronic Arts)
Nero 9 Essentials (x32 Version:  - Nero AG)
Nero Burning ROM 10 (x32 Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (x32 Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (x32 Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
Nero Update (x32 Version: 1.0.0018 - Nero AG)
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No More Room in Hell (x32 Version:  - No More Room in Hell Team)
Norton Online Backup (x32 Version: 1.2.0.36 - Symantec)
NVIDIA Drivers (Version: 1.7 - )
NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation)
OnlineFotoservice (x32 Version:  - )
OpenAL (x32 Version:  - )
Origin (x32 Version: 8.5.0.4550 - Electronic Arts, Inc.)
PageshotsPro 1.0.0 (x32 Version: 1.0.0 - PageshotsPro)
particleIllusion 3.0.4 (x32 Version: 3.0.4 - wondertouch LLC)
PAYDAY: The Heist (x32 Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (x32 Version: 3.8 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (x32 Version:  - Valve)
PS3 Media Server (x32 Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
RACE 07 (x32 Version:  - SimBin Studios)
Race: The WTCC Game (x32 Version:  - SimBin Studios)
Rapture3D 2.3.26 Game (x32 Version:  - Blue Ripple Sound)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (x32 Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (Version: 1.44 - Piriform)
Red Orchestra: Ostfront 41-45 (x32 Version:  - Tripwire Interactive)
RESIDENT EVIL 5 (x32 Version: 1.0.0.129 - CAPCOM CO., LTD.)
Ricochet (x32 Version:  - Valve)
S.T.A.L.K.E.R. - Shadow of Chernobyl (x32 Version: 1.0000 - THQ)
Saitek SD6 Programming Software 6.6.6.9 (Version: 6.6.6.9 - Saitek)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0 - Microsoft Corporation)
ShadowExplorer 0.8 (x32 Version: 0.8.430.0 - ShadowExplorer.com)
Sierra Utilities (x32 Version:  - )
Silent Hunter 4 Wolves of the Pacific (x32 Version: 1.03.0000 - Ubisoft)
SIW version 2010.07.14 (x32 Version: 2010.07.14 - Topala Software Solutions)
SmartCopy (x32 Version:  - Northstar Systems Corp.)
SmartLauncher (x32 Version:  - Northstar Systems Corp.)
Sniper: Ghost Warrior (x32 Version:  - City Interactive S.A.)
Sound Blaster X-Fi (x32 Version: 1.0 - )
Source SDK (x32 Version:  - Valve)
Source SDK Base 2007 (x32 Version:  - Valve)
Speccy (Version: 1.10 - Piriform)
Spotify (HKCU Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Defender 4 (x32 Version:  - Oberon Media)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (x32 Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Sweet Home 3D version 3.3 (x32 Version:  - eTeks)
TCPEye 1.0 (x32 Version:  - Free Software Relase)
Team Fortress Classic (x32 Version:  - Valve)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (x32 Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Tom Clancy's H.A.W.X (x32 Version: 1.02.00000 - Ubisoft)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
Trust Tablet Driver (x32 Version:  - )
TVAnts 1.0 (x32 Version:  - )
TVersity Codec Pack 1.7 (x32 Version: 1.7 - TVersity Inc.)
TVersity Media Server 1.9.7 (x32 Version: 1.9.7 - TVersity)
Tweaking.com - Windows Repair (All in One) (x32 Version: 2.2.0 - Tweaking.com)
Überwachungstool für die Intel® Turbo-Boost-Technologie (Version: 1.0.115.11 - Intel)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
UltraMon (Version: 3.0.10 - Realtime Soft Ltd)
Unlocker 1.9.1 (x32 Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.3.5500.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (x32 Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation)
VMLite Workstation (Version: 3.2.6 - VMLite)
Welcome Center (x32 Version: 1.00.3005 - Acer Incorporated)
WinCDEmu (x32 Version: 3.6 - Bazis)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (x32 Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR (Version:  - )
World of Padman (x32 Version: 1.1 - Padworld Entertainment)
XBMC (HKCU Version:  - Team XBMC)
Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

29-01-2014 17:37:56 ComboFix created restore point
03-02-2014 16:17:54 Installed Java 7 Update 51
04-02-2014 18:50:48 Tweaking.com - Windows Repair

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-29 18:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0115A5A6-E64A-403E-ACAA-CC03CCEA8961} - System32\Tasks\{BEC36182-3C31-41AF-903B-DA5417E01792} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {0286D2A2-1E63-4032-841E-4B977FBD7810} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {03720371-86AE-43B6-B7F3-CCCD57810264} - System32\Tasks\{1C5F50C9-41C0-4A0A-A6B2-3E2F0B13CB70} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {1564EC25-AE28-46D9-8059-13CA9E8BCFA4} - System32\Tasks\Installation App Launcher => C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {213B6E15-7BE6-418F-8F75-647F45A8AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {235F1315-633F-499C-BF8D-B6181DF4CCE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {38A89AE3-A38B-4CD6-8BDC-5975B69B9DE2} - System32\Tasks\{0D6D11F9-1C40-46D7-8CA3-4C7C0D126EBD} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {3B9857BE-320A-4982-BFEE-A6C0E0C60B7F} - System32\Tasks\{A399484D-F591-4733-818C-DC7338273965} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {70577F12-FB82-400B-AE8A-2F65F7CA8ECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {71E9F36C-EAFA-43DE-9D06-E10AD4DAB409} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {729350B7-1537-4BD9-800C-4747F4334C0D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2715126414-4153456669-2541334608-1010
Task: {8B0B1CDA-71D1-48E7-A959-E5E3773CB4A5} - System32\Tasks\{A9F987D8-E27B-4A6E-AF95-591274BBCFE1} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {8D9B1BA3-47A8-40DA-BF16-BEE94378AE41} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8EC55220-8702-49AC-A22D-1920809C22C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {91C39897-7AD6-452A-9089-B91838183D53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {94925380-9B7E-4D9C-A1AD-FB6D689E26DF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {99CE50B9-986C-46A7-B0DB-F48DEE09F083} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {9A2FD0BA-7ABB-4DCF-B0FC-0C513C3C9B3A} - System32\Tasks\{0D305426-792B-4830-AD55-34D63689F52D} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {9E14EB50-1670-438F-9CFE-D6355012E8C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {BA83B7BA-EB12-4347-B67A-BAF1C658BAE0} - System32\Tasks\{42B98F6C-E6A1-449C-864F-8840083F92D0} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {BF24A726-5A9A-4E70-BFBF-DD3F82A8C814} - System32\Tasks\{19667509-9130-4E49-922E-3A85A064D196} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C0F6313F-C440-45B2-8CD7-C7A9DAD819B1} - System32\Tasks\{C26A75A3-8B13-4FA8-9F1E-A1E2761ABEDB} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {C3B15D4E-F036-45FA-B197-E9157035C5C5} - System32\Tasks\{40252C16-B304-4946-A21A-A72C62710961} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C3BA5DA4-6B3E-4D2F-B2B1-E1844B234BFA} - System32\Tasks\{B049F9BB-5F69-4D85-8268-E17D45B6EEBA} => C:\Users\Admin\Downloads\Sony Ericsson PC Suite 2.10.46.exe
Task: {D50D10AA-5B1D-439D-92C1-91346CDE732F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {DD8F72FA-2BD2-4376-9223-B2ACAF44D269} - System32\Tasks\{FA0972CC-1C72-4D7D-B73F-EA0731EAA574} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {E1D0CF52-AE3F-4B90-A040-F7F7DCFFD02B} - System32\Tasks\{E69133B3-03F7-47EA-9DD3-C1E9E8FB0D20} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {EC0F8BBE-33EC-4DFB-AA57-AF4A72872C88} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {F25783B2-2843-4A07-A384-80AD1BF7669B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-20 11:32 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-10 09:55 - 2010-11-10 09:55 - 00360960 _____ () C:\Program Files (x86)\GFI\LANguard 9\lnssalerter.dll
2010-10-20 18:25 - 2010-10-20 18:25 - 00233984 _____ () C:\Program Files (x86)\GFI\LANguard 9\apistrings.dll
2010-11-01 10:32 - 2010-11-01 10:32 - 00142336 _____ () C:\Program Files (x86)\GFI\LANguard 9\modlop.dll
2010-05-10 10:58 - 2010-05-10 10:58 - 00640512 _____ () C:\Program Files (x86)\GFI\LANguard 9\exporter.dll
2010-11-11 15:54 - 2010-11-11 15:54 - 01691136 _____ () C:\Program Files (x86)\GFI\LANguard 9\crmimodule.dll
2010-11-11 15:29 - 2010-11-11 15:29 - 00181760 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchautodownload.dll
2010-05-07 13:36 - 2010-05-07 13:36 - 00221696 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedcompactdb.dll
2010-11-10 19:12 - 2010-11-10 19:12 - 00434176 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchdeployment.dll
2006-06-02 16:37 - 2006-06-02 16:37 - 00741376 _____ () C:\Program Files (x86)\GFI\LANguard 9\TntUnicodeVcl_R90.bpl
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-05-06 09:14 - 2010-05-06 09:14 - 00256000 _____ () C:\Program Files (x86)\GFI\LANguard 9\scheduledscans.dll
2010-05-07 14:27 - 2010-05-07 14:27 - 00065024 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedupdates.dll
2003-05-08 15:17 - 2003-05-08 15:17 - 00098304 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfi_log.dll
2009-07-09 15:17 - 2009-07-09 15:17 - 00131072 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\LNSS9PlugIn.dll
2006-09-12 17:39 - 2006-09-12 17:39 - 00002560 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\invoke.dll
2009-06-18 13:22 - 2009-06-18 13:22 - 00136704 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\modlop9.dll
2008-09-30 15:19 - 2008-09-30 15:19 - 00010240 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\nsslc9.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00347944 _____ () C:\ProgramData\TVersity\Media Server\taglib.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00225064 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_lcms_.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00031528 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_xlib_.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00716584 _____ () C:\ProgramData\TVersity\Media Server\log4cxx.dll
2011-07-13 19:35 - 2011-07-13 19:35 - 04534072 _____ () C:\ProgramData\TVersity\Media Server\avcodec-52.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00083768 _____ () C:\ProgramData\TVersity\Media Server\avutil-50.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00313640 _____ () C:\ProgramData\TVersity\Media Server\libmp3lame-0.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00795448 _____ () C:\ProgramData\TVersity\Media Server\avformat-52.dll
2011-07-13 19:35 - 2011-07-13 19:35 - 00203064 _____ () C:\ProgramData\TVersity\Media Server\swscale-0.dll
2011-07-13 19:36 - 2011-07-13 19:36 - 00509720 _____ () C:\ProgramData\TVersity\Media Server\sqlite3.dll
2009-09-24 16:17 - 2009-09-24 16:17 - 00267264 _____ () C:\Windows\system32\WinTab32.DLL
2009-09-24 16:16 - 2009-09-24 16:16 - 00200704 _____ () C:\Windows\SysWOW64\WinTab32.DLL
2010-07-04 22:32 - 2010-07-04 22:32 - 00004608 _____ () C:\Program Files (x86)\Unlocker\UnlockerHook.dll
2010-09-24 17:06 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-09-24 17:06 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 04:29 - 2009-08-26 04:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2013-12-20 18:54 - 2013-12-20 18:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-25 18:14 - 2014-02-03 17:31 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1D32EC29

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2014 05:18:34 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8d8

Startzeit: 01cf2289e7fae423

Endzeit: 265

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 109beca5-8e81-11e3-91db-90fba62bc3cb

Error: (02/05/2014 05:14:22 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/05/2014 02:17:09 AM) (Source: PerfOS) (User: )
Description:

Error: (02/05/2014 02:17:08 AM) (Source: PerfOS) (User: )
Description:

Error: (02/05/2014 02:17:07 AM) (Source: PerfOS) (User: )
Description:

Error: (02/04/2014 08:49:16 PM) (Source: WinMgmt) (User: )
Description: 0x8004100aC:\PROGRAM FILES (X86)\MICROSOFT SQL SERVER\100\SHARED\SQLMGMPROVIDERXPSP2UP.MOF

Error: (02/04/2014 08:49:13 PM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\DE-DE\AACLIENT.MFL

Error: (02/04/2014 08:49:08 PM) (Source: WinMgmt) (User: )
Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF

Error: (02/04/2014 07:19:59 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/04/2014 00:35:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (02/06/2014 06:08:38 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
papycpu2

Error: (02/06/2014 06:08:39 PM) (Source: WMPNetworkSvc) (User: )
Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist.

Error: (02/06/2014 06:07:26 PM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (02/06/2014 06:06:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/06/2014 06:06:27 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (02/06/2014 06:05:39 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/05/2014 06:19:38 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.

Error: (02/05/2014 06:19:09 PM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2.

Error: (02/05/2014 05:21:45 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
papycpu2

Error: (02/05/2014 05:20:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053


Microsoft Office Sessions:
=========================
Error: (12/04/2010 07:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/10/2010 04:07:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 560 seconds with 420 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-29 18:49:26.310
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-29 18:49:26.248
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-19 18:31:31.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.165
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.731
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 63%
Total physical RAM: 4087.08 MB
Available physical RAM: 1497.6 MB
Total Pagefile: 8172.34 MB
Available Pagefile: 4987.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:119.99 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:243.3 GB) NTFS
Drive f: (ACER) (Fixed) (Total:366.76 GB) (Free:195.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Volume) (Fixed) (Total:274.98 GB) (Free:234.68 GB) NTFS
Drive h: (Games) (Fixed) (Total:275.12 GB) (Free:76.74 GB) NTFS
Drive q: (Iomega HDD) (Fixed) (Total:596.17 GB) (Free:367.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 7E8E1FA3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=367 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=275 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=275 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CBD306F8)
Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Gruß Vater Sohn

schrauber 07.02.2014 16:49
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ProxyServer: 216.155.139.115:3128
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




How to perform a clean boot in Windows
Mach bitte mal nen Clean Boot, besser?

Vater Sohn 08.02.2014 09:51
Hier das Fixlog

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Admin at 2014-02-07 17:20:14 Run:1
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyServer: 216.155.139.115:3128
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
       
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
papyjoy => Service deleted successfully.

==== End of Fixlog ====
den CleanBoot werde ich gleich Testen.. melde mich dann..

Gruß Vater Sohn :dankeschoen:

Hallo Schrauber...

Ich habe jetzt eine CleanBoot gemacht!

Die Meldung

http://www7.pic-upload.de/02.02.14/vvajuyh2h3qa.jpg

war trotzdem wieder da!

Sonnst war es ein Schneller PC Start, Programme liefen bis jetzt ohne Probleme

CPU bei 1% , Arbeitsspeicher bei 51%

Gruß Vater Sohn

schrauber 08.02.2014 17:13
Bitte jetzt jeden deaktivierten Dienst wieder einzeln aktivieren, dazwischen rebooten und testen. Ist mühselig, so finden wir aber raus welcher Dienst den rechner so bremst, dann können wir handeln.

Die Meldung machen wir dann im Anschluss.

Vater Sohn 09.02.2014 16:57
Ich hatte im msconfig nicht auf übernehmen geklickt..

Ich mache einen neuen CleanBoot..

Avira Echtzeit-Scanner, Avira Planer
und
FABS-Helping agent for MAGIX media database

lassen sich nicht deaktivieren

ist das OK?

schrauber 10.02.2014 11:50
Wie die lassen sich nicht deaktivieren? Das muss gehen, wenn du die MS Dienste ausblendest einfach überall den Haken raus. Wenn nicht teste so, dann ggf Avira komplett deinstallieren und ohne testen.

Vater Sohn 11.02.2014 18:18
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo Schrauber..

Ich Schau mir das mit dem CleanBoot nochmal an evtl. habe ich da was falsch gemacht:rolleyes:

Heute wieder spoofmails bekommen.


Edit: habe gerade noch mal alles nach der Anleitung(CleanBoot) gemacht.
Bin mir nicht sicher ob ich auf übernehmen klicken muss? im Reiter "Dienste" nach dem ich auf "Alle deaktivieren" geklickt habe, oder nur auf OK ? "schulterzuck*

Auf jeden Fall kam diese Meldung.
http://www.trojaner-board.de/attachm...1&d=1392140236

Gruß Vater Sohn

schrauber 12.02.2014 17:45
Deinstalliere bitte mal diesen Avira Dreck.

Vater Sohn 12.02.2014 18:59
Hallo Schrauber...

Wenn ich den Avira Dreck deinstalliere, welchen Virenscanner kannst du empfehlen ?
Damit ich weiter nach dem Problem suchen kann.

Zu den SpoofMails von eBay und PayPal gibt es neues zu berichten.

Ich habe heute mal die eBay Seite aufgerufen und mal auf Passwort vergessen geklickt,
dann meine betroffenen E-Mail Adresse angegeben, und siehe da einen Passwort Link bekommen.

Daraufhin hab ich bei ebay angerufen und ihnen mitgeteilt das dieses Konto nicht mir gehört.

Das Betroffenen Konto wurde 2003 mit meiner neuen E-Mail Adresse bestätigt.
Ich selbst habe diese Adresse seit dem 07.01.2014.
Das E-Bay Konto ist noch Aktiv der Nutzer wird nun von ebay angeschrieben und aufgefordert eine aktuelle Mailadresse anzugeben.

Das gleiche bei PayPal.

Der Nutzer muss seine E-mail Adresse aufgegeben haben und ich habe sie auf mich registriert.
leider hat er wohl seine Daten nicht geändert.

Gruß Vater Sohn

schrauber 13.02.2014 21:29
Ich empfehle immer Emsisoft. Aber eigentlich egal, alles is besser als Antivir.

Ehm, irgendwie kann ich dir nit folgen. Du klickt auf PW vergessen, gibst deinen Account an oder deine Email, und bekommst nen Link auf deine Email. Das ist doch korrekt?

Vater Sohn 14.02.2014 17:26
Hallo Schrauber...

Ja richtig.. Ich bekomme eine E-Mail mit einem Passwort Link..

Ebay schreibt:

Zitat:
vielen Dank für Ihre Rückmeldung. Gern helfe ich Ihnen weiter.

Ich habe Ihr Anliegen überprüft und dabei festgestellt, dass die E-Mail-Adresse MeineMailAdresse@gmx.de bereits für ein anderes Mitgliedskonto verwendet wird.

Diese E-Mail-Adresse haben wir nun aus unserem System entfernt. Die Aktualisierung kann jedoch einige Tage in Anspruch nehmen.
Bei PayPal das gleiche

Ich suche mir mal ein anderes Viren Programm... Antivir war so schön Gratis:rolleyes:

schrauber 15.02.2014 15:42
schön gratis is schön scheisse ;)

Ändere das PW des Email Accountes. Ändere alle PW und Zugänge und beobachte das ganze mal.

Vater Sohn 16.02.2014 20:09
Hallo Schrauber...

PW habe ich schon gewechselt, Email, Ebay und PayPal..
obwohl es wirklich so aus schaut das ich ne SceondHand Mail Adresse bekommen habe..

Ich Lade mir gerade "emsisoft internet security" herunter
soll ich das Programm dann mal durchlaufen lassen.. ??

und evtl. hast du einen Testbericht von dem Programm?

Gruß Vater Sohn :dankeschoen:

ps: Hast du schon etwas verdächtiges auf unserem PC gefunden.. die Log´s sagen mir nicht wirklich viel...:(

schönen Sonntag Abend noch..



Update:

emsisoft Internet security sagt :
30 Tage Test abgelaufen.. :eek:

wie kann das sein?

schrauber 17.02.2014 14:24
Hattest Du es schon mal benutzt?

Vater Sohn 17.02.2014 18:23
Hallo Schrauber

Nein ich denke nicht...
habe gleich in Software und Programme geschaut... da steht nichts...
ich hatte mal Kaspersky CB Edition drauf...

hmm...
Emsisoft gleich kaufen wollte ich es nicht.. testen wäre schon besser..
hast du eine Idee ??

Gruß Vater und Sohn

schrauber 18.02.2014 12:39
Mach mir mal bitte einen Screenshot von der Meldung und hänge ihn hier an, ich regel das dann mit Emsisoft.

Vater Sohn 18.02.2014 18:17
Liste der Anhänge anzeigen (Anzahl: 1)
Hallo Schrauber...

Hier das Foto...

http://www.trojaner-board.de/attachm...1&d=1392743547

Ich habe aber auch bei deinstallieren eine Nachricht an Emsisoft geschrieben...
Die machen bei Deinstallieren eine Umfrage warum man es nicht nutzt und man kann bei -Fehlern eine Email Adresse angeben und die wollen dann antworten...

Evtl geht das ja schneller bei dir...

Gruß und :dankeschoen::dankeschoen::dankeschoen:
Vater Sohn

schrauber 19.02.2014 15:40
Hi,

ist in Klärung. Schick mir heute Abend bitte ne PM.

schrauber 19.02.2014 16:23
is schon geklärt, du hast PM :)

Vater Sohn 23.02.2014 11:00
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo Schrauber...

So Emsisoft ist jetzt drauf.. noch mal GROßES :dankeschoen::dankeschoen::dankeschoen:

hier das erste Log von Emsisoft
Code:
Emsisoft Anti-Malware - Version 8.1
Letztes Update: 21.02.2014 09:57:05
Benutzerkonto: Admin-PC\Admin

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\, F:\, G:\, H:\, Q:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:        21.02.2014 09:58:26
Value: HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1010\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS -> LRCSPAL@XINGHAO.NET        gefunden: Trace.Registry.Application.FireExt (A)
Key: HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1010\SOFTWARE\SEARCHCORE FOR BROWSERS        gefunden: Trace.Registry.Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1010\SOFTWARE\STARTSEARCH        gefunden: Trace.Registry.Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{084D78A8-B084-4E14-A629-A2C419B0E3D9}        gefunden: Trace.Registry.Application.AdSome (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}        gefunden: Trace.Registry.Application.AdSome (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F}        gefunden: Trace.Registry.Application.AdSome (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4DE778FE-F195-4EE3-9DAB-FE446C239221}        gefunden: Trace.Registry.Application.AdSome (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}        gefunden: Trace.Registry.Application.AdSome (A)
Key: HKEY_USERS\S-1-5-21-2715126414-4153456669-2541334608-1010\SOFTWARE\CONDUIT        gefunden: Trace.Registry.Application.InstallAd (A)

Gescannt        1093506
Gefunden        9

Scan Ende:        21.02.2014 14:21:11
Scan Zeit:        4:22:45
dann diese Meldung von Fitz!BOX
Code:
INFO ZUR PLATTFORMVERSION
        Windows                        : 6.1.7601.65536 (Win32NT)
        Common Language Runtime        : 4.0.30319.18444
        System.Deployment.dll                : 4.0.30319.18408 built by: FX451RTMGREL
        clr.dll                        : 4.0.30319.18444 built by: FX451RTMGDR
        dfdll.dll                        : 4.0.30319.18408 built by: FX451RTMGREL
        dfshim.dll                        : 4.0.31106.0 (Main.031106-0000)

QUELLEN
        Bereitstellungs-URL                        : file:///C:/Users/Admin/AppData/Roaming/Microsoft/Windows/Start%20Menu/Programs/FRITZ!Box/FRITZ!Box%20USB-Fernanschluss.appref-ms%7C

FEHLERZUSAMMENFASSUNG
        Es folgt eine Zusammenfassung der Fehler. Details zu diesen Fehlern werden später im Protokoll aufgelistet.
        * Die Aktivierung von C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss.appref-ms| führte zu einer Ausnahme. Folgende Fehlermeldungen wurden entdeckt:
                + 'hxxp://clickonce.avm.de/usb-fernanschluss2/deutsch/fritzbox-usb-fernanschluss.application' konnte nicht heruntergeladen werden.
                + Der Remotename konnte nicht aufgelöst werden: 'clickonce.avm.de'

FEHLERZUSAMMENFASSUNG FÜR DIE SPEICHERTRANSAKTION DER KOMPONENTE
        Es wurde kein Transaktionsfehler festgestellt.

WARNUNGEN
        Während dieses Vorgangs gab es keine Warnungen.

FORTSCHRITTSSTATUS DES VORGANGS
        * [23.02.2014 09:50:58] : Die Aktivierung von C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box\FRITZ!Box USB-Fernanschluss.appref-ms| wurde gestartet.

FEHLERDETAILS
        Folgende Fehler wurden bei diesem Vorgang entdeckt.
        * [23.02.2014 09:51:44] System.Deployment.Application.DeploymentDownloadException (unbekannter Untertyp)
                - 'hxxp://clickonce.avm.de/usb-fernanschluss2/deutsch/fritzbox-usb-fernanschluss.application' konnte nicht heruntergeladen werden.
                - Quelle: System.Deployment
                - Stapelüberwachung:
                        bei System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)
                        bei System.Deployment.Application.SystemNetDownloader.DownloadAllFiles()
                        bei System.Deployment.Application.FileDownloader.Download(SubscriptionState subState)
                        bei System.Deployment.Application.DownloadManager.DownloadManifestAsRawFile(Uri& sourceUri, String targetPath, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
                        bei System.Deployment.Application.DownloadManager.DownloadManifest(Uri& sourceUri, String targetPath, IDownloadNotification notification, DownloadOptions options, ManifestType manifestType, ServerInformation& serverInformation)
                        bei System.Deployment.Application.DownloadManager.DownloadDeploymentManifestDirect(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, IDownloadNotification notification, DownloadOptions options, ServerInformation& serverInformation)
                        bei System.Deployment.Application.DownloadManager.DownloadDeploymentManifest(SubscriptionStore subStore, Uri& sourceUri, TempFile& tempFile, IDownloadNotification notification, DownloadOptions options)
                        bei System.Deployment.Application.ApplicationActivator.ProcessOrFollowShortcut(String shortcutFile, String& errorPageUrl, TempFile& deployFile)
                        bei System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
                        bei System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
                --- Interne Ausnahme ---
                System.Net.WebException
                - Der Remotename konnte nicht aufgelöst werden: 'clickonce.avm.de'
                - Quelle: System
                - Stapelüberwachung:
                        bei System.Net.HttpWebRequest.GetResponse()
                        bei System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)

DETAILS ZUR SPEICHERTRANSAKTION DER KOMPONENTE
        Es sind keine Transaktionsinformationen verfügbar.
und folgende Fehlermeldungen...

http://www.trojaner-board.de/attachm...1&d=1393149515

und

http://www.trojaner-board.de/attachm...1&d=1393149502

und der Drucker druckt nicht mehr... :-(


Gruß Vater Sohn

schrauber 24.02.2014 15:01
Seit wann? Und was genau hast Du für Probleme mit Fritz? Funde durch Emsisoft einfach löschen lassen.

Vater Sohn 24.02.2014 20:12
Hallo Schrauber...

Emsisoft Funde wurden gelöscht...

Drucker geht seit 5 Tagen nicht mehr... hatte ihn aber auch nicht immer angeschlossen nur dann wenn ich was Drucken muss.. sonst steht der hier im weg ..(Treiber deinstalliert und dann wieder installiert... kein Änderung)

Fritzbox: Erst geht das mit dem Surfen und dann auf mal werden keine Seiten aufgebaut..
DSL leuchte ist an.. aber kein Email oder surfen möglich nach Neustart alles okay...

Manchmal bei PC Start schon das Problem...

Die Fehlermeldung
http://www.trojaner-board.de/attachm...k-frirzbox.jpg
und
http://www.trojaner-board.de/attachm...sl-protect.jpg
kamen zum ersten mal...

die Meldung
http://www7.pic-upload.de/02.02.14/vvajuyh2h3qa.jpg

war auch wieder da..

Gruß Vater Sohn :confused:

schrauber 25.02.2014 17:32
Moment, warum benutzt du die Software überhaupt?

Vater Sohn 25.02.2014 17:49
Hallo Schrauber...

ich denke weil es dabei war ?
evtl habe ich da auch was eingestellt als ich versucht habe den Drucker an die Fritzbox anzuschließen.:heilig:

weil am PC lief der Drucker ja nicht und ich musste dringen was drucken...

Nicht Gut??

Gruß Vater Sohn

schrauber 26.02.2014 14:23
Normalerweise braucht man die nicht. Mit der Fritzbox verbinden, Verbindungsdaten in die Fritzbox eintippen und los gehts.

Deinstallier den Kram bitte mal.

Vater Sohn 27.02.2014 19:33
Hallo Schrauber....


habe den Kram dann mal runter geworfen..
Drucker geht auch wieder :-)

Gesten hatte ich wieder das Problem das ich Firefox, Thunderbird und WinExplorer nicht starten konnte...
Standen aber im taskmanager 3x drin.. waren also gestartet aber wurden nicht angezeigt .. Also Fenster haben sich nicht geöffnet :-(


Gruß Vater Sohn

schrauber 28.02.2014 20:13
Poste bitte nochmal ein frisches FRST log :)

Vater Sohn 01.03.2014 09:58
Hallo und guten morgen Schrauber..

Hier das Log..


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Admin (administrator) on ADMIN-PC on 01-03-2014 09:48:48
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
( ) C:\Windows\system32\lxducoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
() C:\Windows\System32\OEM\RunCmd_X64.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
() c:\windows\system32\oem\setEvent.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Emsisoft GmbH) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SaiMfd] - C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [194560 2009-06-03] (Saitek)
HKLM\...\Run: [PLD_FrameworkRun] - c:\Windows\System32\oem\RunCMD_X64.exe [337920 2009-08-11] ()
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [lxdumon.exe] - C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2010-02-04] ()
HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe [131752 2010-02-04] (Lexmark International Inc.)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-09-11] (DivX, LLC)
HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4330432 2014-02-15] (Emsisoft GmbH)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000

==================== Internet (Whitelisted) ====================

ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 10 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-16]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-02-16]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-15] (Emsisoft GmbH)
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
S4 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
S4 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
S4 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S4 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
S4 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2014-01-30] (AVM Berlin)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-01 09:08 - 2014-03-01 09:08 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 08:55 - 2014-03-01 08:55 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-01 08:54 - 2014-03-01 08:55 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-26 19:48 - 2014-02-26 20:23 - 00041472 _____ () C:\Users\Admin\Documents\umsatz Format2.xls
2014-02-26 18:11 - 2014-02-26 18:12 - 00113204 _____ () C:\Windows\system32\LexFiles.ulf
2014-02-26 18:11 - 2014-02-26 18:11 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-02-26 18:11 - 2014-02-26 18:11 - 00000000 ____D () C:\Program Files (x86)\Lexmark 5600-6600 Series
2014-02-26 18:11 - 2009-10-16 12:26 - 00001867 _____ () C:\Windows\SysWOW64\lxdu.loc
2014-02-26 18:11 - 2009-10-16 12:26 - 00001867 _____ () C:\Windows\system32\lxdu.loc
2014-02-26 18:11 - 2009-10-16 12:07 - 00335872 _____ () C:\Windows\SysWOW64\lxducomx.dll
2014-02-26 18:11 - 2009-10-16 12:07 - 00109056 _____ () C:\Windows\system32\lxduvs.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01661952 _____ ( ) C:\Windows\system32\lxduserv.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01338368 _____ ( ) C:\Windows\system32\lxduusb1.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01291264 _____ ( ) C:\Windows\system32\lxducomc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01091584 _____ ( ) C:\Windows\system32\lxduhbn3.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01069056 _____ ( ) C:\Windows\SysWOW64\lxduserv.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01039360 _____ ( ) C:\Windows\system32\lxducoms.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00987648 _____ ( ) C:\Windows\system32\lxdupmui.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00897024 _____ ( ) C:\Windows\system32\lxdulmpm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00860160 _____ ( ) C:\Windows\SysWOW64\lxduusb1.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00761856 _____ ( ) C:\Windows\SysWOW64\lxducomc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00684032 _____ ( ) C:\Windows\SysWOW64\lxduhbn3.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00651264 _____ ( ) C:\Windows\SysWOW64\lxdupmui.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00610304 _____ ( ) C:\Windows\system32\lxducfg.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00589824 _____ ( ) C:\Windows\SysWOW64\lxducoms.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00580608 _____ ( ) C:\Windows\system32\lxducomm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00577536 _____ ( ) C:\Windows\SysWOW64\lxdulmpm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00548352 _____ ( ) C:\Windows\system32\lxduinpa.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00521216 _____ ( ) C:\Windows\system32\lxduih.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00513024 _____ ( ) C:\Windows\system32\lxduiesc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00376832 _____ ( ) C:\Windows\SysWOW64\lxducomm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxduinpa.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxducfg.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00339968 _____ ( ) C:\Windows\SysWOW64\lxduiesc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00323584 _____ ( ) C:\Windows\SysWOW64\lxduih.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00126976 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxdulnks.dll
2014-02-26 18:11 - 2009-10-16 11:56 - 00300032 _____ () C:\Windows\system32\lxdugrd.dll
2014-02-26 18:11 - 2009-07-14 05:43 - 00090624 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduinsr.dll
2014-02-26 18:11 - 2009-07-14 05:43 - 00022528 _____ (Lexmark International, Inc.) C:\Windows\system32\lxducur.dll
2014-02-26 18:11 - 2009-07-14 05:42 - 00132608 _____ (Lexmark International, Inc.) C:\Windows\system32\lxdujswr.dll
2014-02-26 18:11 - 2009-07-14 05:41 - 00183296 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduinsb.dll
2014-02-26 18:11 - 2009-07-14 05:41 - 00073216 _____ (Lexmark International, Inc.) C:\Windows\system32\lxducub.dll
2014-02-26 18:11 - 2009-07-14 05:39 - 00235520 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduins.dll
2014-02-26 18:11 - 2009-07-14 05:39 - 00103936 _____ (Lexmark International, Inc.) C:\Windows\system32\lxducu.dll
2014-02-26 18:11 - 2009-07-14 05:38 - 00760320 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduutil.dll
2014-02-26 18:11 - 2009-07-14 05:06 - 00147456 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdujswr.dll
2014-02-26 18:11 - 2009-07-14 05:06 - 00106496 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduinsr.dll
2014-02-26 18:11 - 2009-07-14 05:06 - 00036864 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxducur.dll
2014-02-26 18:11 - 2009-07-14 05:04 - 00200704 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduinsb.dll
2014-02-26 18:11 - 2009-07-14 05:04 - 00090112 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxducub.dll
2014-02-26 18:11 - 2009-07-14 05:02 - 00176128 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduins.dll
2014-02-26 18:11 - 2009-07-14 05:02 - 00077824 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxducu.dll
2014-02-26 18:11 - 2009-07-14 04:59 - 00544768 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduutil.dll
2014-02-26 18:11 - 2009-05-21 03:26 - 00681984 _____ ( ) C:\Windows\system32\LXDUhcp.dll
2014-02-26 18:11 - 2009-05-21 01:14 - 00594944 _____ () C:\Windows\system32\LXDUinst.dll
2014-02-26 18:11 - 2009-05-20 15:57 - 00389120 _____ () C:\Windows\SysWOW64\LXDUinst.dll
2014-02-26 18:11 - 2009-04-28 05:57 - 00489472 _____ (Lexmark International, Inc.) C:\Windows\system32\LXDUwupd.dll
2014-02-26 18:11 - 2009-04-28 05:57 - 00014336 _____ (Lexmark International, Inc.) C:\Windows\system32\LXDUwupd.exe
2014-02-26 18:11 - 2008-03-06 01:56 - 00983121 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lxdugf.dll
2014-02-26 18:11 - 2008-03-06 01:56 - 00983121 _____ (Microsoft Corporation) C:\Windows\system32\lxdugf.dll
2014-02-26 18:11 - 2008-02-21 06:15 - 00065536 _____ (Lexmark International) C:\Windows\system32\LXDUcfg.dll
2014-02-26 18:10 - 2014-02-26 18:12 - 00000000 ____D () C:\Program Files\Lexmark 5600-6600 Series
2014-02-26 17:09 - 2014-02-26 17:09 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-02-26 16:58 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-26 16:58 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-26 16:57 - 2014-02-26 16:57 - 00003764 _____ () C:\Windows\avmadd321.log
2014-02-26 16:57 - 2014-02-26 16:57 - 00001618 _____ () C:\Windows\avmadd32.log
2014-02-25 22:36 - 2014-02-25 22:36 - 00000966 _____ () C:\Windows\SysWOW64\a2scan_140225-174047.txt
2014-02-22 08:46 - 2014-02-22 08:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\EurekaLog
2014-02-21 14:41 - 2014-02-21 14:41 - 00001059 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-21 09:43 - 2014-03-01 09:48 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-21 09:43 - 2014-02-21 14:41 - 00000000 ____D () C:\Users\Admin\Documents\Anti-Malware
2014-02-21 09:19 - 2014-02-21 09:19 - 00015395 _____ () C:\Users\Admin\Desktop\umsatz Format1.txt
2014-02-21 09:15 - 2014-02-21 09:15 - 06856861 _____ () C:\ProgramData\SPL79E0.tmp
2014-02-21 08:46 - 2014-02-26 16:51 - 00038654 _____ () C:\Windows\avmacc.log
2014-02-21 08:46 - 2014-02-21 08:47 - 00002408 _____ () C:\Windows\avmacc1.log
2014-02-21 08:43 - 2014-03-01 08:38 - 00002542 _____ () C:\Windows\setupact.log
2014-02-21 08:43 - 2014-02-26 17:47 - 00014086 _____ () C:\Windows\PFRO.log
2014-02-21 08:43 - 2014-02-21 08:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-20 17:18 - 2014-02-20 17:18 - 00018015 _____ () C:\Users\Admin\Documents\umsatz2.1.xlsx
2014-02-20 17:04 - 2014-02-20 17:04 - 06891249 _____ () C:\ProgramData\SPL6C68.tmp
2014-02-20 17:03 - 2014-02-21 08:30 - 00018181 _____ () C:\Users\Admin\Documents\umsatz Format1.xlsx
2014-02-20 16:47 - 2014-02-20 16:47 - 06851059 _____ () C:\ProgramData\SPLF4F9.tmp
2014-02-20 16:47 - 2014-02-20 16:47 - 00017640 _____ () C:\Users\Admin\Documents\umsatz Format.xlsx
2014-02-20 16:35 - 2014-02-20 16:35 - 00017028 _____ () C:\Users\Admin\Documents\umsatz2.xlsx
2014-02-20 16:29 - 2010-02-04 05:40 - 00086016 _____ () C:\Windows\system32\lxduoem.dll
2014-02-20 16:29 - 2010-02-04 05:39 - 00003584 _____ () C:\Windows\system32\LXDUPMRC.DLL
2014-02-20 16:29 - 2010-02-04 05:38 - 00014336 _____ () C:\Windows\system32\LXDUFXPU.DLL
2014-02-20 16:29 - 2009-05-14 07:24 - 00045568 _____ () C:\Windows\system32\LXDUPMON.DLL
2014-02-20 16:23 - 2014-02-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Lexmark Toolbar
2014-02-20 15:04 - 2014-02-20 15:04 - 00015425 _____ () C:\Users\Admin\Documents\umsatz2.csv
2014-02-20 14:58 - 2009-10-15 17:32 - 00745984 _____ ( ) C:\Windows\system32\lxducoin.dll
2014-02-20 14:58 - 2008-03-11 16:14 - 00065632 _____ () C:\Windows\system32\lxduprpr.chm
2014-02-20 14:58 - 2008-03-06 01:56 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lxdug.dll
2014-02-20 14:42 - 2014-02-20 14:42 - 00166228 _____ () C:\ProgramData\SPLC7F2.tmp
2014-02-20 14:38 - 2014-02-20 14:38 - 00015425 _____ () C:\Users\Admin\Documents\umsatz.csv
2014-02-16 18:57 - 2014-02-16 19:13 - 234141000 _____ (Emsisoft GmbH ) C:\Users\Admin\Desktop\EmsisoftInternetSecuritySetup.exe
2014-02-16 14:19 - 2014-02-16 14:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-16 11:21 - 2014-02-16 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 20:49 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-13 20:49 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-13 20:49 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-13 20:49 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 20:49 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-13 20:49 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-13 20:49 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-13 20:49 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-13 20:49 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-13 20:49 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-13 20:49 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-13 20:49 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-13 20:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-13 20:49 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-13 20:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-13 20:49 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-13 20:49 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-13 20:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-13 20:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-13 20:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-13 20:49 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-13 20:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-13 20:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-13 20:49 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-13 20:49 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-13 20:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-13 20:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-13 20:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-13 20:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-13 20:49 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-13 20:49 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-13 20:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-13 20:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-13 20:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-13 20:49 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-13 20:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-13 20:49 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-13 20:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-13 20:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-13 20:49 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-13 20:49 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-13 16:57 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 16:57 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 16:57 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 16:57 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 16:57 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 16:57 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 16:56 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 16:56 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 16:56 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 16:56 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 16:56 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 16:56 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 16:56 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 16:56 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 16:56 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 16:56 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 16:56 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 16:56 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 16:56 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 16:56 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 16:56 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 16:56 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 16:56 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 16:56 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 16:56 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 16:56 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 16:56 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 16:56 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 18:43 - 2014-02-12 18:43 - 02436139 _____ () C:\Users\Admin\Desktop\SV Walkin Dead.psd
2014-02-12 17:19 - 2014-02-12 17:19 - 00000000 ____D () C:\Users\Admin\Desktop\dead_font_walking
2014-02-12 17:17 - 2014-02-12 17:16 - 00017370 _____ () C:\Users\Admin\Desktop\dead_font_walking.zip
2014-02-10 20:20 - 2014-03-01 09:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-10 20:20 - 2014-02-21 10:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-09 10:13 - 2014-02-09 12:42 - 66451521 _____ () C:\Users\Admin\Desktop\Trauer HSV Farbe.psd
2014-02-05 05:02 - 2014-02-05 05:02 - 00119560 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-05 03:56 - 2014-02-05 03:56 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-02-04 19:51 - 2014-02-04 19:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-04 19:51 - 2014-02-04 19:51 - 00000000 ____D () C:\RegBackup
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 18:31 - 2014-02-05 03:51 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-03 17:18 - 2014-02-03 17:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 17:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-03 17:18 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D () C:\AdwCleaner
2014-01-30 20:26 - 2014-01-30 20:25 - 00116480 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmaura.sys

==================== One Month Modified Files and Folders =======

2014-03-01 09:48 - 2014-02-21 09:43 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-01 09:48 - 2014-01-27 19:04 - 00000000 ____D () C:\FRST
2014-03-01 09:41 - 2010-02-26 13:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-01 09:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-01 09:09 - 2013-01-26 09:18 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-03-01 09:08 - 2014-03-01 09:08 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 09:08 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 09:02 - 2014-02-10 20:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-01 08:55 - 2014-03-01 08:55 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-01 08:55 - 2014-03-01 08:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-01 08:48 - 2011-08-01 17:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-03-01 08:46 - 2012-11-27 17:10 - 01354957 _____ () C:\Windows\WindowsUpdate.log
2014-03-01 08:45 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-01 08:45 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-01 08:44 - 2010-01-07 06:55 - 00769136 _____ () C:\Windows\system32\perfh007.dat
2014-03-01 08:44 - 2010-01-07 06:55 - 00175866 _____ () C:\Windows\system32\perfc007.dat
2014-03-01 08:44 - 2009-07-14 06:13 - 01816162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-01 08:41 - 2010-02-26 13:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-01 08:38 - 2014-02-21 08:43 - 00002542 _____ () C:\Windows\setupact.log
2014-03-01 08:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-26 20:23 - 2014-02-26 19:48 - 00041472 _____ () C:\Users\Admin\Documents\umsatz Format2.xls
2014-02-26 20:18 - 2010-02-26 12:48 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-02-26 18:32 - 2011-01-07 19:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-02-26 18:20 - 2011-01-07 19:19 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-02-26 18:12 - 2014-02-26 18:11 - 00113204 _____ () C:\Windows\system32\LexFiles.ulf
2014-02-26 18:12 - 2014-02-26 18:10 - 00000000 ____D () C:\Program Files\Lexmark 5600-6600 Series
2014-02-26 18:11 - 2014-02-26 18:11 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-02-26 18:11 - 2014-02-26 18:11 - 00000000 ____D () C:\Program Files (x86)\Lexmark 5600-6600 Series
2014-02-26 18:11 - 2010-02-28 18:40 - 00003192 _____ () C:\Windows\System32\Tasks\Installation App Launcher
2014-02-26 17:47 - 2014-02-21 08:43 - 00014086 _____ () C:\Windows\PFRO.log
2014-02-26 17:44 - 2010-02-28 17:36 - 00084513 _____ () C:\ProgramData\lxdu.log
2014-02-26 17:35 - 2010-10-09 08:56 - 00001338 _____ () C:\ProgramData\lxduDiagnostics.log
2014-02-26 17:09 - 2014-02-26 17:09 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-02-26 17:09 - 2012-06-16 16:39 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-02-26 17:08 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-02-26 17:08 - 2010-05-12 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-02-26 16:57 - 2014-02-26 16:57 - 00003764 _____ () C:\Windows\avmadd321.log
2014-02-26 16:57 - 2014-02-26 16:57 - 00001618 _____ () C:\Windows\avmadd32.log
2014-02-26 16:51 - 2014-02-21 08:46 - 00038654 _____ () C:\Windows\avmacc.log
2014-02-25 22:36 - 2014-02-25 22:36 - 00000966 _____ () C:\Windows\SysWOW64\a2scan_140225-174047.txt
2014-02-25 17:58 - 2010-05-12 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FRITZ!
2014-02-25 17:57 - 2010-05-12 19:49 - 00375365 _____ () C:\Users\Admin\DesktopStCenter.txt
2014-02-23 12:58 - 2010-10-08 13:57 - 02008064 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-02-23 12:53 - 2013-09-01 09:21 - 00000000 ____D () C:\Users\Admin\Desktop\Tim Melzer
2014-02-23 11:08 - 2013-01-26 09:18 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-02-23 09:49 - 2012-01-14 09:04 - 00284137 _____ () C:\Windows\SysWOW64\TVersityMediaServer.log
2014-02-22 09:38 - 2013-01-10 16:58 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000
2014-02-22 09:38 - 2013-01-10 16:58 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000
2014-02-22 08:46 - 2014-02-22 08:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\EurekaLog
2014-02-22 08:42 - 2011-01-16 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-21 14:41 - 2014-02-21 14:41 - 00001059 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-21 14:41 - 2014-02-21 09:43 - 00000000 ____D () C:\Users\Admin\Documents\Anti-Malware
2014-02-21 10:03 - 2014-02-10 20:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 10:03 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:03 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 09:19 - 2014-02-21 09:19 - 00015395 _____ () C:\Users\Admin\Desktop\umsatz Format1.txt
2014-02-21 09:15 - 2014-02-21 09:15 - 06856861 _____ () C:\ProgramData\SPL79E0.tmp
2014-02-21 08:47 - 2014-02-21 08:46 - 00002408 _____ () C:\Windows\avmacc1.log
2014-02-21 08:43 - 2014-02-21 08:43 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-21 08:35 - 2010-06-26 09:07 - 00000000 ____D () C:\Windows\pss
2014-02-21 08:30 - 2014-02-20 17:03 - 00018181 _____ () C:\Users\Admin\Documents\umsatz Format1.xlsx
2014-02-21 08:19 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-02-20 17:18 - 2014-02-20 17:18 - 00018015 _____ () C:\Users\Admin\Documents\umsatz2.1.xlsx
2014-02-20 17:04 - 2014-02-20 17:04 - 06891249 _____ () C:\ProgramData\SPL6C68.tmp
2014-02-20 16:47 - 2014-02-20 16:47 - 06851059 _____ () C:\ProgramData\SPLF4F9.tmp
2014-02-20 16:47 - 2014-02-20 16:47 - 00017640 _____ () C:\Users\Admin\Documents\umsatz Format.xlsx
2014-02-20 16:35 - 2014-02-20 16:35 - 00017028 _____ () C:\Users\Admin\Documents\umsatz2.xlsx
2014-02-20 16:23 - 2014-02-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Lexmark Toolbar
2014-02-20 15:04 - 2014-02-20 15:04 - 00015425 _____ () C:\Users\Admin\Documents\umsatz2.csv
2014-02-20 14:55 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-20 14:42 - 2014-02-20 14:42 - 00166228 _____ () C:\ProgramData\SPLC7F2.tmp
2014-02-20 14:38 - 2014-02-20 14:38 - 00015425 _____ () C:\Users\Admin\Documents\umsatz.csv
2014-02-20 12:36 - 2010-02-26 13:10 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-20 12:36 - 2010-02-26 13:10 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-18 18:25 - 2010-07-06 16:16 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-02-16 19:13 - 2014-02-16 18:57 - 234141000 _____ (Emsisoft GmbH ) C:\Users\Admin\Desktop\EmsisoftInternetSecuritySetup.exe
2014-02-16 14:55 - 2013-07-27 09:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 14:53 - 2010-02-26 14:16 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 14:50 - 2014-02-16 14:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-16 11:21 - 2014-02-16 11:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 11:03 - 2013-01-26 09:18 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA
2014-02-16 11:03 - 2013-01-26 09:18 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core
2014-02-14 17:11 - 2013-05-19 11:47 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-02-13 20:51 - 2010-07-11 13:14 - 01789506 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-13 18:39 - 2013-12-13 17:03 - 00000000 ____D () C:\Program Files (x86)\EVEMon
2014-02-13 16:41 - 2009-07-14 05:45 - 05003000 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-12 18:43 - 2014-02-12 18:43 - 02436139 _____ () C:\Users\Admin\Desktop\SV Walkin Dead.psd
2014-02-12 17:21 - 2010-02-08 10:14 - 00119968 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-12 17:19 - 2014-02-12 17:19 - 00000000 ____D () C:\Users\Admin\Desktop\dead_font_walking
2014-02-12 17:16 - 2014-02-12 17:17 - 00017370 _____ () C:\Users\Admin\Desktop\dead_font_walking.zip
2014-02-10 20:18 - 2013-04-10 16:28 - 00000000 ____D () C:\Program Files\Eraser
2014-02-09 12:46 - 2014-01-26 08:00 - 00001732 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-02-09 12:42 - 2014-02-09 10:13 - 66451521 _____ () C:\Users\Admin\Desktop\Trauer HSV Farbe.psd
2014-02-07 16:47 - 2010-03-07 18:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FileZilla
2014-02-06 13:16 - 2014-02-13 20:49 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 20:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 20:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 20:49 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 20:49 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 20:49 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 20:49 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-13 20:49 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-13 20:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 20:49 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 20:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 20:49 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 20:49 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 20:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 20:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 20:49 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 20:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 20:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 20:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 20:49 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 20:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 20:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 20:49 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-13 20:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-13 20:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 20:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 20:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 20:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 20:49 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 20:49 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 20:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 20:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 20:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-13 20:49 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 20:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 20:49 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 20:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 20:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 05:02 - 2014-02-05 05:02 - 00119560 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-05 03:56 - 2014-02-05 03:56 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-02-05 03:51 - 2014-02-03 18:31 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-04 19:51 - 2014-02-04 19:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-04 19:51 - 2014-02-04 19:51 - 00000000 ____D () C:\RegBackup
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 19:23 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini
2014-02-03 17:21 - 2013-11-04 18:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-03 17:18 - 2014-02-03 17:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 17:18 - 2010-05-07 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 17:05 - 2013-10-25 16:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 17:17 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D () C:\AdwCleaner
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D () C:\ProgramData\ICQ
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple
2014-01-30 20:25 - 2014-01-30 20:26 - 00116480 _____ (AVM Berlin) C:\Windows\system32\Drivers\avmaura.sys
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-01 09:28

==================== End Of Log ============================
--- --- ---

--- --- ---

Vater Sohn 01.03.2014 09:59
und hier das zweite Log

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Admin at 2014-03-01 09:49:26
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version:  - )
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{1E9871B6-7C44-9A3A-A1C0-F9729663C7F5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (HKLM-x32\...\{13EE03A3-7B77-47BC-9C42-B60576AB3A08}) (Version: 1.0.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{626E44DE-8E53-7570-CFDB-06EBF8595CA8}) (Version: 2.0.4232.33935 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{6B3BA8FB-FEE1-E839-2F6E-5C121ECDAE9F}) (Version: 2.0.4385.36018 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{7156BCE1-5D8D-1A41-565E-E8E8EA604328}) (Version: 2.0.4301.35982 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{93DF9F1F-17EB-82C0-F82B-9ABC230D6DE5}) (Version: 2.0.4315.34200 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}) (Version: 2.0.4331.36041 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{DCA75ECE-39A9-0648-CB77-F6D759364CF9}) (Version: 2.0.4469.34733 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{EBBE64F6-7E23-5857-891F-045560AECC7F}) (Version: 2.0.4674.34053 - Advanced Micro Devices, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (HKLM-x32\...\AVS4YOU Video Converter 6_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 2: Special Forces (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{4CE925AF-6519-4FEB-BEBD-DE2BFE2944EB}) (Version: 2.0.0.36 - Apple Inc.)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1026.2246.39002 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive Beta (HKLM-x32\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM-x32\...\Steam App 260) (Version:  - )
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - )
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - Creative Technology Limited)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Darkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version:  - Darkest Hour Team)
DashCommand (HKLM-x32\...\{FB891630-1C0D-437E-A04E-34543B2CF0A8}) (Version: 3.0.1 - Palmer Performance Engineering)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version:  - Valve)
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
DiRT 2 (HKLM-x32\...\Steam App 12840) (Version:  - Codemasters)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DVDx 4.0 Open Edition (HKLM-x32\...\DVDx 4.0 Open Edition) (Version: 4.0 (Open Edition) - labDV)
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.4.4125 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Excel Protection Remover (HKLM-x32\...\ST6UNST #1) (Version:  - )
EXIFeditor (HKLM-x32\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Exif-Viewer 2.50  (HKLM-x32\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
FileZilla Client 3.5.3 (HKCU\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Free Video to MP3 Converter version 3.5 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
GameShadow (HKLM-x32\...\{B2390904-74BD-48AA-B2CC-6612F8D46379}) (Version: 2.03.0000 - GameShadow Ltd)
GetRight (HKLM-x32\...\GetRight_is1) (Version:  - Headlight Software, Inc.)
GFI LANguard 9.0 ReportPack (HKLM-x32\...\{3F67FD4A-380F-4081-A506-1D2C0091A93E}) (Version: 9.0.2009.0709 - GFI Software Ltd)
GFI LANguard 9.6 (HKLM-x32\...\InstallShield_{CBE19707-CF6D-4819-9574-3DFD568960FA}) (Version: 9.6.2010.1113 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) Hidden
GFI ReportCenter Framework (HKLM-x32\...\{722C2EC9-745F-44EA-A119-D548DB55A3B0}) (Version: 3.6.2009.0630 - GFI Software Ltd)
GIMP 2.6.10 (HKLM\...\GIMP-2_is1) (Version: 2.6.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Grand Prix Legends (HKLM-x32\...\Grand Prix Legends) (Version:  - )
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
GRID (HKLM-x32\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.00.0000 - Codemasters)
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin Studios)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox)
Hama Cromo Pad (HKLM-x32\...\{975E4CAE-D408-48DA-9346-65D7DB72B7DE}) (Version: 1.00.0000 - GASIA)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
HOMEFRONT (HKLM-x32\...\Steam App 55100) (Version:  - THQ)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2565057) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
iArt 3 (HKLM-x32\...\iArt_is1) (Version:  - iPodSoft)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImTOO Video Converter Ultimate 6 (HKLM-x32\...\ImTOO Video Converter Ultimate 6) (Version: 6.8.0.1101 - ImTOO)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead Authoring Tools (HKLM-x32\...\Steam App 513) (Version:  - Valve)
Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version:  - Lexmark International, Inc.)
Lexmark Printable Web (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Foto Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0715 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Picture It!-Bibliothek 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mp3tag v2.50 (HKLM-x32\...\Mp3tag) (Version: v2.50 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble and Murmur (HKLM-x32\...\Mumble) (Version: 1.2.2 - Mumble)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.0 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.659 - Electronic Arts)
Nero 9 Essentials (HKLM-x32\...\{18c5b800-77b3-4e83-9bcd-967c26a1d75a}) (Version:  - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
PageshotsPro 1.0.0 (HKLM-x32\...\PageshotsPro_is1) (Version: 1.0.0 - PageshotsPro) <==== ATTENTION
particleIllusion 3.0.4 (HKLM-x32\...\{F77685F4-49DC-4B8E-B41F-F399FE2787C7}_is1) (Version: 3.0.4 - wondertouch LLC)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin Studios)
Race: The WTCC Game (HKLM-x32\...\Steam App 4230) (Version:  - SimBin Studios)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform)
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Ricochet (HKLM-x32\...\Steam App 60) (Version:  - Valve)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Saitek SD6 Programming Software 6.6.6.9 (HKLM\...\{899FCA36-ADAF-4612-8579-B37DDB0C092F}) (Version: 6.6.6.9 - Saitek)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
ShadowExplorer 0.8 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.8.430.0 - ShadowExplorer.com)
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version:  - )
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.03.0000 - Ubisoft)
SIW version 2010.07.14 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
SmartCopy (HKLM-x32\...\{B7BD291B-D415-4484-89A4-82077504BE93}_is1) (Version:  - Northstar Systems Corp.)
SmartLauncher (HKLM-x32\...\{57634571-FD82-4BEC-B822-A1ED7765474F}_is1) (Version:  - Northstar Systems Corp.)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version:  - City Interactive S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Speccy (HKLM\...\Speccy) (Version: 1.10 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Sweet Home 3D version 3.3 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
TCPEye 1.0 (HKLM-x32\...\{998C9435-DAF8-4BDF-B9A5-F844B01D524C}_is1) (Version:  - Free Software Relase)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.02.00000 - Ubisoft)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trust Tablet Driver (HKLM-x32\...\TabletDriver) (Version:  - )
TVAnts 1.0 (HKLM-x32\...\TVAnts 1.0) (Version:  - )
TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
TVersity Media Server 1.9.7 (HKLM-x32\...\TVersity Media Server) (Version: 1.9.7 - TVersity)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.2.0 - Tweaking.com)
Überwachungstool für die Intel® Turbo-Boost-Technologie (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraMon (HKLM\...\{B49673F8-7AB6-4A14-8213-C8A7BE370010}) (Version: 3.0.10 - Realtime Soft Ltd)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
World of Padman (HKLM-x32\...\World of Padman) (Version: 1.1 - Padworld Entertainment)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

11-02-2014 18:15:37 Removed Firebird SQL Server - MAGIX Edition
13-02-2014 19:49:01 Windows Update
16-02-2014 13:53:16 Windows Update
21-02-2014 07:46:43 Gerätetreiber-Paketinstallation: AVM Berlin AVM USB-Fernanschluss
22-02-2014 07:47:25 Windows Update
25-02-2014 15:45:07 Windows Update
26-02-2014 16:09:21 FRITZ!Fernzugang wird entfernt
26-02-2014 16:54:39 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-29 18:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0115A5A6-E64A-403E-ACAA-CC03CCEA8961} - System32\Tasks\{BEC36182-3C31-41AF-903B-DA5417E01792} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {0286D2A2-1E63-4032-841E-4B977FBD7810} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {03720371-86AE-43B6-B7F3-CCCD57810264} - System32\Tasks\{1C5F50C9-41C0-4A0A-A6B2-3E2F0B13CB70} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {213B6E15-7BE6-418F-8F75-647F45A8AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {235F1315-633F-499C-BF8D-B6181DF4CCE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {2ACED018-5D04-4F29-AA26-9741A1FA425A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {38A89AE3-A38B-4CD6-8BDC-5975B69B9DE2} - System32\Tasks\{0D6D11F9-1C40-46D7-8CA3-4C7C0D126EBD} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {3B9857BE-320A-4982-BFEE-A6C0E0C60B7F} - System32\Tasks\{A399484D-F591-4733-818C-DC7338273965} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {469FB8FD-7554-41A4-9C22-96FF12E791BC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {70577F12-FB82-400B-AE8A-2F65F7CA8ECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {71E9F36C-EAFA-43DE-9D06-E10AD4DAB409} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {729350B7-1537-4BD9-800C-4747F4334C0D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2715126414-4153456669-2541334608-1010
Task: {8B0B1CDA-71D1-48E7-A959-E5E3773CB4A5} - System32\Tasks\{A9F987D8-E27B-4A6E-AF95-591274BBCFE1} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {8D9B1BA3-47A8-40DA-BF16-BEE94378AE41} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8EC55220-8702-49AC-A22D-1920809C22C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {91C39897-7AD6-452A-9089-B91838183D53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {99CE50B9-986C-46A7-B0DB-F48DEE09F083} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {9A2FD0BA-7ABB-4DCF-B0FC-0C513C3C9B3A} - System32\Tasks\{0D305426-792B-4830-AD55-34D63689F52D} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {9E14EB50-1670-438F-9CFE-D6355012E8C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B13BF095-8749-44B1-BDD1-441F4E7BFFC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {BA83B7BA-EB12-4347-B67A-BAF1C658BAE0} - System32\Tasks\{42B98F6C-E6A1-449C-864F-8840083F92D0} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {BF24A726-5A9A-4E70-BFBF-DD3F82A8C814} - System32\Tasks\{19667509-9130-4E49-922E-3A85A064D196} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C0F6313F-C440-45B2-8CD7-C7A9DAD819B1} - System32\Tasks\{C26A75A3-8B13-4FA8-9F1E-A1E2761ABEDB} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {C3B15D4E-F036-45FA-B197-E9157035C5C5} - System32\Tasks\{40252C16-B304-4946-A21A-A72C62710961} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C3BA5DA4-6B3E-4D2F-B2B1-E1844B234BFA} - System32\Tasks\{B049F9BB-5F69-4D85-8268-E17D45B6EEBA} => C:\Users\Admin\Downloads\Sony Ericsson PC Suite 2.10.46.exe
Task: {DD8F72FA-2BD2-4376-9223-B2ACAF44D269} - System32\Tasks\{FA0972CC-1C72-4D7D-B73F-EA0731EAA574} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {E1D0CF52-AE3F-4B90-A040-F7F7DCFFD02B} - System32\Tasks\{E69133B3-03F7-47EA-9DD3-C1E9E8FB0D20} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {EC0F8BBE-33EC-4DFB-AA57-AF4A72872C88} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {EF70E2A3-ECEE-4200-B9EC-029EFB9A6D83} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {F25783B2-2843-4A07-A384-80AD1BF7669B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-20 16:29 - 2009-05-14 07:24 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL
2014-02-20 16:29 - 2010-02-04 05:40 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL
2014-02-26 18:12 - 2009-10-16 12:07 - 00186880 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
2010-03-20 13:56 - 2013-08-13 20:01 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-03-23 19:59 - 2013-08-13 20:01 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2010-02-26 12:37 - 2009-08-19 20:49 - 01400320 _____ () C:\Windows\system32\lxdudrs64.dll
2010-02-26 12:37 - 2009-08-19 20:49 - 00025600 _____ () C:\Windows\system32\lxducaps64.dll
2010-02-26 12:37 - 2009-08-19 20:39 - 00054784 _____ () C:\Windows\system32\lxducnv464.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2009-09-17 22:58 - 2009-08-11 04:51 - 00337920 _____ () C:\Windows\System32\OEM\RunCmd_X64.exe
2014-02-26 18:11 - 2010-02-04 06:10 - 00676520 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
2009-08-26 12:08 - 2009-08-26 13:31 - 00225280 _____ () c:\windows\system32\oem\setEvent.exe
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-02-26 18:11 - 2010-02-04 05:52 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
2014-02-26 18:11 - 2010-02-04 05:36 - 00188416 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
2014-02-26 18:11 - 2010-02-04 05:52 - 01036288 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
2014-02-26 18:11 - 2010-02-04 05:52 - 00081920 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
2014-02-26 18:11 - 2010-02-04 05:35 - 00069632 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
2014-02-26 18:11 - 2010-02-04 05:51 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\iptk.dll
2014-02-26 18:11 - 2007-09-06 06:11 - 00151552 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduptp.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2010-09-24 17:06 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2010-09-24 17:06 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-08-26 04:29 - 2009-08-26 04:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-16 11:21 - 2014-02-16 11:21 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-21 10:03 - 2014-02-21 10:03 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:1D32EC29

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: avmike => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: certsrv => 2
MSCONFIG\Services: Creative Audio Engine Licensing Service => 3
MSCONFIG\Services: CTAudSvcService => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gfi_lanss9_attservice => 2
MSCONFIG\Services: GFI_ReportCenter35 => 2
MSCONFIG\Services: Greg_Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Lavasoft Ad-Aware Service => 2
MSCONFIG\Services: lxdu_device => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3
MSCONFIG\Services: nwtsrv => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: sesvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TomTomHOMEService => 3
MSCONFIG\Services: TurboBoost => 3
MSCONFIG\Services: TVersityMediaServer => 2
MSCONFIG\Services: Updater Service => 2
MSCONFIG\Services: VMLiteService => 2
MSCONFIG\Services: WinTabService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartCopy.lnk => C:\Windows\pss\SmartCopy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartLauncher.lnk => C:\Windows\pss\SmartLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk => C:\Windows\pss\UltraMon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Device Detection => G:\Tools\Lidl_Fotos\dd.exe
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: emsisoft anti-malware => "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Google Update => "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: MusicManager => "C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: ProfilerU => C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Spotify => "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "D:\Games\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2014 09:26:31 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/01/2014 08:52:47 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/26/2014 05:38:37 PM) (Source: Application Hang) (User: )
Description: Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4a4

Startzeit: 01cf331103966f08

Endzeit: 32

Anwendungspfad: C:\Windows\system32\NOTEPAD.EXE

Berichts-ID: 6db78ce7-9f04-11e3-9c22-90fba62bc3cb

Error: (02/26/2014 05:11:36 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/25/2014 05:31:39 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/24/2014 08:49:18 PM) (Source: Application Hang) (User: )
Description: Programm EVEMon.exe, Version 1.8.4.4125 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fc8

Startzeit: 01cf3199652fae95

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\EVEMon\EVEMon.exe

Berichts-ID: bc79766b-9d8c-11e3-bcc7-90fba62bc3cb

Error: (02/24/2014 08:46:46 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/23/2014 07:34:46 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (02/23/2014 01:00:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (02/23/2014 10:27:35 AM) (Source: Application Hang) (User: )
Description: Programm webwatch.exe, Version 1.0.24.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 120c

Startzeit: 01cf30796fcae71f

Endzeit: 16

Anwendungspfad: C:\Program Files\FRITZ!DSL\webwatch.exe

Berichts-ID: b3ad8937-9c6c-11e3-892d-90fba62bc3cb


System errors:
=============
Error: (03/01/2014 08:39:35 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
papycpu2

Error: (03/01/2014 08:38:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/01/2014 08:38:43 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (03/01/2014 08:37:50 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/27/2014 06:09:55 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd
papycpu2

Error: (02/27/2014 06:09:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/27/2014 06:09:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (02/27/2014 06:08:08 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (02/26/2014 06:17:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/26/2014 06:17:57 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.


Microsoft Office Sessions:
=========================
Error: (12/04/2010 07:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/10/2010 04:07:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 560 seconds with 420 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-29 18:49:26.310
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-29 18:49:26.248
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-19 18:31:31.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.165
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.731
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 4087.08 MB
Available physical RAM: 1852.48 MB
Total Pagefile: 8172.34 MB
Available Pagefile: 4826.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:116.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:243.3 GB) NTFS
Drive f: (ACER) (Fixed) (Total:366.76 GB) (Free:195.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Volume) (Fixed) (Total:274.98 GB) (Free:234.68 GB) NTFS
Drive h: (Games) (Fixed) (Total:275.12 GB) (Free:76.61 GB) NTFS
Drive m: (SCANDISK) (Removable) (Total:7.44 GB) (Free:5 GB) FAT32
Drive p: (MS) (Removable) (Total:1.88 GB) (Free:0 GB) FAT
Drive q: (Iomega HDD) (Fixed) (Total:596.17 GB) (Free:367.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 7E8E1FA3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=367 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=275 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=275 GB) - (Type=OF Extended)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CBD306F8)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 7 GB) (Disk ID: 0013B6A1)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

========================================================
Disk: 7 (Size: 2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Gruß Vater Sohn

Emsisoft hat beim ausführen des Programms gemeckert.. ? habe es dann aber zugelassen..

schrauber 02.03.2014 07:42
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ProxyServer: 216.155.139.115:3128

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Sieht soweit gut aus jetzt. Was bleibt sind diverse Windows Fehler. Hast Du die Win 7 DVD zur Hand?

Vater Sohn 02.03.2014 17:55
Huhu Schrauber..

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2014 02
Ran by Admin at 2014-03-02 17:49:11 Run:2
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyServer: 216.155.139.115:3128
       
*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.

==== End of Fixlog ====

Eine Win7 DVD habe ich nicht weil beim Kauf WIN7 von der Festplatte installiert wurde...
ist also irgendwo in einem gesicherten Bereich der Festplatte versteckt.

Gruß Vater Sohn

schrauber 03.03.2014 14:27
Das ist dann die Recovery Partition. Damit kann man aber nur WIn 7 auf Werkseinstellungen bringen, also Datenverlust. Kannste eine baugleiche Win7 Scheibe bei Kollegen leihen? Wenn nicht laden wir eine im Netz und bauen ein Image.

Vater Sohn 03.03.2014 20:18
Hallo Schrauber

ich habe mit meinem Nachbarn gesprochen der hat eine Original Win7 DVD
und die könnte ich haben...

ich denk morgen hab ich die hier...

Gruß Vater Sohn...

Und noch mal Danke.. :dankeschoen::dankeschoen::dankeschoen:

schrauber 04.03.2014 17:41
Supi, dann müssen wir nur schauen dass es die gleiche Version is :)

Vater Sohn 04.03.2014 19:05
Hallo Schrauber...

DVD ist da... Win7 Home Premium 64-Bit-Software

hoffe es ist die richtige..

Gruß Vater Sohn

schrauber 05.03.2014 16:45
Mit Servicepack? Sonst sieht das gut aus :)

"In Place Upgrade"

Vater Sohn 05.03.2014 20:08
Hi Schrauber...

Ja ist mit Mit Servicepack-1.. und nee OEM Version ...
ich leg dann mal los...

Gruß Vater Sohn


Nachtrag:
ähmm...

ich trau mich nicht :-)
es kommt der Punkt Updates herunterladen um zu installieren...die Auswahl "Upgrade" kommt die danach??
ich möchte nicht das daten und Fotos löschen...

schrauber 06.03.2014 19:38
Updates? Du bist sicher auf der DVD?

Vater Sohn 07.03.2014 15:44
Hi.. Schrauber

ich habe das mit dem Upgrade jetzt doch gemacht und bin nun damit durch..
hat lange gedauert..

Gruß Vater Sohn

schrauber 08.03.2014 13:38
Ok. Teste den Rechner jetzt mal und berichte, was es noch an Problemen gibt :)

Vater Sohn 08.03.2014 19:20
Liste der Anhänge anzeigen (Anzahl: 1)
Hi Schrauber....

gerade gab es diese meldung... :heulen:

http://www.trojaner-board.de/attachm...1&d=1394302679

habe DivX10 installiert
ich teste weiter...

schrauber 09.03.2014 09:05
Is doch schön geblockt worden :)

Wo hast du DIVX geladen?

Vater Sohn 13.03.2014 16:50
Hallo Schrauber...

Ich hatte DivX schon auf dem Rechner wo ich die genau geladen habe..??
In der Taksleiste kam das Symbol DivX update... das habe ich dann gemacht und bei der Installation kam die Meldung *schulterzuck*

brauchst du irgendwelche Log´s von mir?

Gruß Vater Sohn

schrauber 14.03.2014 12:14
Nö. In dem Fall kannste das Erlauben, aber aufpassen ob die noch andere Sachen mitinstallieren wollen.

Vater Sohn 17.03.2014 18:06
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo Schrauber...

nein es wollte nichts anderes installieren...

ich habe jetzt aber zwei weitere Probleme...

1. Ich Habe den Produkt Key genommen der auf dem Aufkleber auf dem PC vermerkt ist..
http://www.trojaner-board.de/attachm...1&d=1395075739

2. VM Lite brauche ich unbedingt.. :headbang: :crazy:
http://www.trojaner-board.de/attachm...1&d=1395075725

Was kann ich da machen..?

Gruß Vater Sohn

schrauber 18.03.2014 11:58
Telefonsupport. Die sollten den Key freischalten können.

für VMLite, bitte mal das mit der XML Datei machen wie hier beschrieben:
VMLite Workstation XP Mode wont open - VMLite

Vater Sohn 19.03.2014 10:05
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo Schrauber...

Die Telefon Freischaltung durch MS hat geklappt..
Die VMLite Workstation XP Mode wont open - VMLite werde ich gleich durcharbeiten...
hoffe es klappt... Dafür schon mal ein GROßES :dankeschoen::dankeschoen:

Neues Problem:
Win7 erkennt jetzt nur noch 4GB und nicht 6GB Ram...
Da ich viel mit Fotos arbeite... ist es mit 4GB fast nicht möglich. Der Arbeitsspeicher ist Voll ausgereizt. Die Festplatte beim arbeiten im Dauerbetrieb!

http://www.trojaner-board.de/attachm...1&d=1395219116

Es waren immer 6GB RAM im PC verbaut und werden auch von Piriform Speccy erkannt!

http://www.trojaner-board.de/attachm...1&d=1395219738

Nur Windows zeigt 4GB an.

Gruß
Vater Sohn

Vater Sohn 19.03.2014 18:13
Hallo Schrauber....

Das arbeiten mit dem PC ist fast nicht mehr möglich... PC hängt und kann nur noch über die Power taste neu gestartet werden... keine Ahnung was hier los ist.. ??

Speicher Test von Windows ohne Befund... Es werden nur 4GB angezeigt andere Programmen zeigen 6GB an.. Habe im Netz gesucht einiges getestet ohne Erfolg.

Memory-Remapping hab ich aktivieren -- nichts
Kontrolle > start > erweiterte Optionen kein Häckchen bei "maximalen Speicher" -- nichts

Hoffe du hast einen Tipp.

Gruß Vater Sohn

schrauber 20.03.2014 10:00
Läuft parallel die VM? Hardwareseitig die Riegel schon mal untereinander getauscht?

Vater Sohn 20.03.2014 19:43
Hallo Schrauber...

VM habe eich noch nicht gemacht...

PC hat jetzt wieder 6 GB..
Habe alle Riegel einzeln eingelegt nichts..
dann wieder alle zusammen nur in andere Slot´s und siehe da 6 GB.. warum auch immer..

stürze mich auf VM

Gruß Vater Sohn

So...

Emsisoft läuft jetzt auch ein Jahr... gerade gekauft... :taenzer: :daumenhoc

Gruß Vater Sohn

musste ich jetzt noch irgendwelche log´s...schicken..
hab ein wenig den über-blick verloren wegen dem ganzen hickhack

schrauber 21.03.2014 12:04
Zitat:
hab ein wenig den über-blick verloren wegen dem ganzen hickhack
me too :D

Gibt es denn noch Probleme mit dem Rechner? Poste mal ein frisches FRST Log ich schau nochmal drüber.

Vater Sohn 22.03.2014 11:16
Hallo Schrauber...

hier die Log´s...

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Admin (administrator) on ADMIN-PC on 22-03-2014 11:11:38
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
( ) C:\Windows\system32\lxducoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Lexmark International Inc.) C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
() C:\Windows\System32\OEM\RunCmd_X64.exe
(Saitek) C:\Program Files\Saitek\SD6\Software\SaiMfd.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
() c:\windows\system32\oem\setEvent.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EzPrint] - C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe [131752 2010-02-04] (Lexmark International Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [lxdumon.exe] - C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe [676520 2010-02-04] ()
HKLM\...\Run: [PLD_FrameworkRun] - c:\Windows\System32\oem\RunCMD_X64.exe [337920 2009-08-11] ()
HKLM\...\Run: [SaiMfd] - C:\Program Files\Saitek\SD6\Software\SaiMfd.exe [194560 2009-06-03] (Saitek)
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-02-14] (DivX, LLC)
HKLM-x32\...\Run: [emsisoft anti-malware] - c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4330432 2014-02-15] (Emsisoft GmbH)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MusicManager] - C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7382528 2014-03-03] (Google Inc.)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2009-04-29] (Creative Technology Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark Printable Web - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files (x86)\FRITZ!DSL\\sarah.dll [28472] (AVM Berlin)
Winsock: Catalog5-x64 10 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-19]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-15] (Emsisoft GmbH)
S4 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
S4 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
S4 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
S4 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
S4 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)

==================== Drivers (Whitelisted) ====================

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [17384 2013-03-28] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-20 18:49 - 2014-03-20 18:49 - 00017701 _____ () C:\Users\Admin\Desktop\Emsisoft Anti-Malware für besten Schutz - Gratis Malware Entfernung von Viren, Bots, Spyware, Keylogger, Trojaner und Rootkits.htm
2014-03-20 18:49 - 2014-03-20 18:49 - 00000000 ____D () C:\Users\Admin\Desktop\Emsisoft Anti-Malware für besten Schutz - Gratis Malware Entfernung von Viren, Bots, Spyware, Keylogger, Trojaner und Rootkits-Dateien
2014-03-20 11:19 - 2014-03-20 11:19 - 00004027 _____ () C:\Users\Admin\Documents\Warenkorb2.psc
2014-03-20 11:19 - 2014-03-20 11:19 - 00000000 ____D () C:\Users\Admin\Documents\Warenkorb2-Dateien
2014-03-19 21:17 - 2014-03-19 21:17 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (12).txt
2014-03-19 21:08 - 2014-03-19 21:08 - 00000873 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-03-19 21:08 - 2014-03-19 21:08 - 00000000 ____D () C:\Program Files\CPUID
2014-03-19 21:04 - 2014-03-19 21:21 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 18:36 - 2014-03-19 18:37 - 00000034 _____ () C:\Users\Admin\Desktop\Neues Textdokument (11).txt
2014-03-19 17:42 - 2014-03-19 17:42 - 00000800 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-03-19 17:28 - 2014-03-19 17:28 - 04845384 _____ (Piriform Ltd) C:\Users\Admin\Downloads\spsetup125.exe
2014-03-19 17:27 - 2014-03-19 17:28 - 04765152 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup411.exe
2014-03-19 13:08 - 2014-03-19 13:08 - 00000000 ____D () C:\ProgramData\ATI
2014-03-19 13:08 - 2014-03-19 13:08 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-19 13:07 - 2014-03-19 13:07 - 00055617 _____ () C:\Windows\SysWOW64\CCCInstall_201403191307538464.log
2014-03-19 13:05 - 2014-03-19 13:05 - 00000000 ____D () C:\Program Files\AMD
2014-03-19 12:59 - 2014-03-19 12:59 - 00000000 ____D () C:\AMD
2014-03-19 10:46 - 2014-03-19 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-18 21:14 - 2014-03-19 17:30 - 00007628 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-03-17 19:21 - 2014-03-17 19:21 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (9).txt
2014-03-17 09:29 - 2014-03-17 09:29 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser2
2014-03-13 21:21 - 2014-02-23 08:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 21:21 - 2014-02-23 07:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 21:21 - 2014-02-23 07:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 21:21 - 2014-02-23 07:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 21:21 - 2014-02-23 07:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 21:21 - 2014-02-23 07:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 21:21 - 2014-02-23 07:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 21:21 - 2014-02-23 07:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 21:21 - 2014-02-23 07:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 21:21 - 2014-02-23 07:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 21:21 - 2014-02-23 07:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 21:21 - 2014-02-23 07:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 21:21 - 2014-02-23 07:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 21:21 - 2014-02-23 07:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 21:21 - 2014-02-23 07:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 21:21 - 2014-02-23 07:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 21:21 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 21:21 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 21:21 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 21:21 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 21:21 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 21:21 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 21:21 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-13 21:21 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 21:21 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 21:21 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 21:21 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-13 21:21 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 21:21 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-13 21:21 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 21:21 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-13 21:21 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 16:53 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 16:53 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 16:53 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 16:53 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 16:53 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 16:53 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-08 15:58 - 2014-03-22 10:52 - 01769624 _____ () C:\Windows\setupact.log
2014-03-08 15:58 - 2014-03-08 15:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-08 13:28 - 2014-03-08 13:28 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-07 15:46 - 2014-03-07 15:46 - 00119960 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 14:10 - 2009-03-26 14:48 - 00190976 _____ () C:\Windows\system32\APOMgr64.DLL
2014-03-07 14:10 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-03-07 14:10 - 2009-02-06 18:53 - 00089088 _____ () C:\Windows\system32\CmdRtr64.DLL
2014-03-07 14:10 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-03-07 14:07 - 2014-03-07 14:07 - 00002320 _____ () C:\Users\Public\Desktop\Creative-Produktregistrierung.lnk
2014-03-07 12:36 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-03-07 12:36 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-03-07 12:36 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-03-07 12:36 - 2011-03-11 07:41 - 00189824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-03-07 12:36 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-03-07 12:36 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-03-07 12:36 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-03-07 12:36 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-03-07 12:36 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-03-07 12:36 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-03-07 12:36 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-03-07 12:36 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-03-07 12:36 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-03-07 12:36 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-03-07 12:36 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-03-07 06:18 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-03-07 06:18 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-03-07 06:18 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-03-07 06:18 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-03-07 06:12 - 2014-03-18 20:25 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-07 05:37 - 2010-02-23 09:16 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\browserchoice.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-07 05:34 - 2014-03-07 05:34 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-07 05:34 - 2014-03-07 05:34 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-07 05:34 - 2014-03-07 05:34 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-07 05:34 - 2014-03-07 05:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-07 05:34 - 2014-03-07 05:34 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-07 05:34 - 2014-03-07 05:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-07 05:20 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-03-07 05:20 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-03-07 05:20 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-03-07 05:20 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-03-07 05:20 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-03-07 05:20 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-03-07 05:20 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-03-07 05:20 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-03-07 05:15 - 2012-03-01 07:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-07 05:15 - 2012-03-01 07:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-07 05:15 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-03-07 05:13 - 2014-03-07 05:16 - 01784562 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-07 05:10 - 2009-07-15 09:00 - 02873823 ____N (Creative) C:\Windows\SysWOW64\Sens_oal.dll
2014-03-07 05:05 - 2014-03-07 12:42 - 00001447 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-07 05:05 - 2014-03-07 12:42 - 00001413 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-07 05:04 - 2014-03-07 05:04 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-07 03:33 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-07 03:33 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-07 03:33 - 2013-07-09 06:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-07 03:33 - 2013-07-09 05:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-07 03:33 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-07 03:33 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-07 03:33 - 2013-02-15 07:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-07 03:33 - 2013-02-15 07:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-07 03:33 - 2013-02-15 07:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-03-07 03:33 - 2013-02-15 05:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-07 03:33 - 2013-02-15 05:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-03-07 03:33 - 2013-02-15 04:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-07 03:33 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-03-07 03:33 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-03-07 03:33 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-03-07 03:33 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-03-07 03:33 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-03-07 03:33 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-03-07 03:33 - 2011-06-15 11:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2014-03-07 03:33 - 2011-06-15 11:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2014-03-07 03:33 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2014-03-07 03:33 - 2011-06-15 11:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2014-03-07 03:33 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2014-03-07 03:33 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2014-03-07 03:33 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2014-03-07 03:33 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2014-03-07 03:33 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2014-03-07 03:33 - 2011-04-09 07:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-07 03:33 - 2011-04-09 06:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-07 03:33 - 2010-12-23 11:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2014-03-07 03:33 - 2010-12-23 11:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2014-03-07 03:33 - 2010-12-23 11:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2014-03-07 03:33 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2014-03-07 03:33 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2014-03-07 03:33 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2014-03-07 03:32 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-03-07 03:32 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-03-07 03:32 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-07 03:32 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-03-07 03:32 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-07 03:32 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-03-07 03:32 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-07 03:32 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-07 03:32 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-07 03:32 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-07 03:32 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-07 03:32 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-07 03:32 - 2013-07-09 06:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-07 03:32 - 2013-07-09 06:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-07 03:32 - 2013-07-09 05:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-07 03:32 - 2013-07-09 05:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-07 03:32 - 2013-04-12 15:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-07 03:32 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-03-07 03:32 - 2013-02-27 07:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-03-07 03:32 - 2013-02-27 06:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-03-07 03:32 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-03-07 03:32 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-03-07 03:32 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-03-07 03:32 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-03-07 03:32 - 2011-11-17 07:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2014-03-07 03:32 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2014-03-07 03:32 - 2011-10-26 06:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-07 03:32 - 2011-10-26 06:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-07 03:32 - 2011-10-26 05:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-03-07 03:32 - 2011-10-26 05:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-07 03:32 - 2011-07-09 03:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-03-07 03:32 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-03-07 03:32 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-03-07 03:32 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-03-07 03:32 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-03-07 03:32 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-03-07 03:32 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-03-07 03:32 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-03-07 03:32 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-03-07 03:32 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-03-07 03:32 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-03-07 03:32 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-03-07 03:32 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-03-07 03:32 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-03-07 03:32 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-03-07 03:32 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-03-07 03:32 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-03-07 03:32 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-03-07 03:32 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-03-07 03:32 - 2011-04-27 03:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-07 03:32 - 2011-04-27 03:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-07 03:31 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-07 03:31 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-07 03:31 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-07 03:31 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-03-07 03:30 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-03-07 03:30 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-03-07 03:30 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-03-07 03:30 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-03-07 03:30 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-07 03:30 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-03-07 03:30 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-03-07 03:30 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-03-07 03:30 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-03-07 03:30 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-03-07 03:30 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-03-07 03:30 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-03-07 03:30 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-03-07 03:30 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-07 03:30 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-03-07 03:30 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-03-07 03:30 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-03-07 03:30 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-03-07 03:30 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-07 03:30 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-07 03:30 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-07 03:30 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-07 03:30 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-07 03:30 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-03-07 03:30 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-03-07 03:30 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-07 03:30 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-03-07 03:30 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-07 03:30 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-03-07 03:30 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-03-07 03:30 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-07 03:30 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-07 03:30 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-03-07 03:30 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-07 03:30 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-07 03:30 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-07 03:30 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-07 03:30 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-07 03:30 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-07 03:30 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-07 03:30 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-07 03:30 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-07 03:30 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-03-07 03:30 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-03-07 03:30 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-07 03:30 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-03-07 03:30 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-07 03:30 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-03-07 03:30 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-07 03:30 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-03-07 03:30 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-07 03:30 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-07 03:30 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-07 03:30 - 2011-03-11 07:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2014-03-07 03:30 - 2011-03-11 07:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2014-03-07 03:30 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2014-03-07 03:30 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2014-03-07 03:29 - 2013-08-02 03:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-07 03:29 - 2013-08-02 03:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-07 03:29 - 2013-08-02 03:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 03:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-07 03:29 - 2013-08-02 02:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 02:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-03-07 03:29 - 2013-08-02 01:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-07 03:29 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-03-07 03:29 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-03-07 03:29 - 2013-07-25 10:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-07 03:29 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-07 03:29 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-03-07 03:29 - 2013-07-09 06:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-07 03:29 - 2013-07-09 05:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-07 03:29 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-07 03:29 - 2013-02-12 05:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-07 03:29 - 2012-11-28 23:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-07 03:29 - 2012-11-28 23:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-07 03:29 - 2012-11-28 23:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2014-03-07 03:29 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-03-07 03:29 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-03-07 03:29 - 2012-04-26 06:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-03-07 03:29 - 2012-04-26 06:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-03-07 03:29 - 2012-04-26 06:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-03-07 03:28 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-03-07 03:28 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-03-07 03:28 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-03-07 03:28 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-03-07 03:28 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-03-07 03:28 - 2013-07-03 05:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-03-07 03:28 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-03-07 03:28 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-07 03:28 - 2012-11-02 06:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-07 03:28 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-03-07 03:28 - 2012-11-01 06:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-07 03:28 - 2012-11-01 05:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-03-07 03:28 - 2012-10-03 18:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-03-07 03:28 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-03-07 03:28 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-03-07 03:28 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-03-07 03:28 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-03-07 03:28 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-07 03:28 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-03-07 03:28 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-03-07 03:28 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-03-07 03:28 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-03-07 03:28 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-03-07 03:28 - 2012-05-01 06:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-03-07 03:28 - 2012-01-13 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-03-07 03:28 - 2011-04-22 23:15 - 00027520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-03-07 03:28 - 2011-03-03 07:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-07 03:28 - 2011-03-03 07:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-07 03:28 - 2011-03-03 07:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2014-03-07 03:28 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-07 03:28 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2014-03-07 03:27 - 2012-11-22 06:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-03-07 03:27 - 2012-11-22 05:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-03-07 03:27 - 2011-04-29 04:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-07 03:27 - 2011-04-29 04:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-07 03:27 - 2011-04-29 04:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-07 03:26 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-03-07 03:26 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-03-07 03:26 - 2013-06-15 05:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-07 03:26 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-03-07 03:26 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-03-07 03:26 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-03-07 03:26 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-03-07 03:26 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-03-07 03:26 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-03-07 03:26 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-03-07 03:26 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-03-07 03:26 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-03-07 03:26 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-03-07 03:26 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-03-07 03:26 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-03-07 03:26 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-03-07 03:26 - 2012-04-28 04:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-07 03:26 - 2011-08-17 06:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-07 03:26 - 2011-08-17 06:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-07 03:26 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-03-07 03:26 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-03-07 03:24 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-03-07 03:24 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-07 03:24 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-07 03:24 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-07 03:24 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-03-07 03:24 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-07 03:24 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-03-07 03:24 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-03-07 03:24 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-03-07 03:24 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-07 03:24 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-03-07 03:24 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-07 03:24 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-03-07 03:24 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-07 03:24 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-07 03:24 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-07 03:24 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-07 03:24 - 2012-08-11 01:56 - 00715776 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-07 03:24 - 2012-08-11 00:56 - 00542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-03-07 03:24 - 2012-03-17 08:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-07 03:23 - 2012-11-30 06:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-03-07 03:23 - 2012-11-30 06:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-03-07 03:23 - 2012-11-30 06:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-03-07 03:23 - 2012-04-07 13:31 - 03216384 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-03-07 03:23 - 2012-04-07 12:26 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-03-07 03:22 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-07 03:22 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-07 03:22 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-07 03:22 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-07 03:22 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-07 03:22 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-07 03:22 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-07 03:22 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-07 03:22 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-07 03:22 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-07 03:22 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-07 03:22 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-07 03:22 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-03-07 03:22 - 2013-01-03 07:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-03-07 03:22 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-03-07 03:22 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-03-07 03:22 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-07 03:22 - 2012-07-04 23:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-07 03:22 - 2012-07-04 23:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-03-07 03:22 - 2012-07-04 23:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-03-07 03:22 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-03-07 03:22 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-03-07 03:22 - 2012-05-05 09:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-03-07 03:22 - 2012-05-05 08:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-03-07 03:22 - 2011-12-16 09:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-07 03:22 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-03-07 03:22 - 2011-05-24 12:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-03-07 03:22 - 2011-05-24 11:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-03-07 03:22 - 2011-05-24 11:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-03-07 03:22 - 2011-05-24 11:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-03-07 03:22 - 2011-05-24 11:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-03-07 03:22 - 2011-05-03 06:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-03-07 03:22 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-03-07 03:22 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-03-07 03:22 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-03-07 03:22 - 2011-02-12 12:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-03-07 03:22 - 2011-02-05 18:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-07 03:22 - 2011-02-05 18:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-03-07 03:22 - 2011-02-05 18:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-03-07 03:22 - 2011-02-05 18:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-03-07 03:22 - 2011-02-05 18:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-07 03:22 - 2011-02-05 18:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-03-07 03:22 - 2011-02-05 18:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-03-07 03:12 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-07 03:12 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-07 03:12 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-07 03:12 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-07 03:12 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-07 03:12 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-07 03:12 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-07 03:12 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-07 03:12 - 2013-08-27 10:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-07 03:12 - 2013-08-27 10:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-07 03:12 - 2013-08-27 09:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-07 03:12 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-07 03:12 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-07 03:12 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-07 03:12 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-07 03:12 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-07 03:12 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-07 03:12 - 2012-05-14 06:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-07 03:12 - 2011-10-15 07:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-07 03:12 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-03-07 03:12 - 2011-08-27 06:37 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-07 03:12 - 2011-08-27 06:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-07 03:12 - 2011-08-27 05:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-07 03:12 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-03-07 03:12 - 2011-02-23 05:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-03-07 03:12 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-03-07 03:10 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-03-07 03:10 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-07 03:10 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-07 03:10 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-03-07 03:10 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-07 03:10 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-03-07 03:10 - 2012-06-06 07:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-03-07 03:10 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-03-07 03:10 - 2011-11-19 15:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-07 03:10 - 2011-11-19 15:01 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-03-06 23:59 - 2012-02-17 07:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-03-06 23:59 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-03-06 23:59 - 2012-02-17 05:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-03-06 23:21 - 2012-06-02 23:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-06 23:21 - 2012-06-02 23:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-06 23:21 - 2012-06-02 23:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-06 23:21 - 2012-06-02 23:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-06 23:21 - 2012-06-02 23:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-06 23:21 - 2012-06-02 23:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-06 23:21 - 2012-06-02 23:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-06 23:21 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-06 23:21 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-06 23:13 - 2014-03-22 10:57 - 01067334 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 23:02 - 2014-03-06 23:02 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-06 22:10 - 2014-03-19 21:18 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-03-06 22:10 - 2014-03-07 05:04 - 00000000 ____D () C:\Users\Admin
2014-03-06 22:10 - 2014-03-06 22:44 - 00000000 ____D () C:\Users\Surf and Gaming
2014-03-06 22:10 - 2014-03-06 22:13 - 00000000 ____D () C:\Program Files\Lexmark 5600-6600 Series
2014-03-06 22:10 - 2014-03-06 22:10 - 00000154 _____ () C:\Windows\system32\LexFiles.ulf
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Vorlagen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Startmenü
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Netzwerkumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Lokale Einstellungen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Eigene Dateien
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Druckumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Documents\Eigene Musik
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Documents\Eigene Bilder
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\AppData\Local\Verlauf
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\AppData\Local\Anwendungsdaten
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Anwendungsdaten
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Vorlagen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Startmenü
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Lokale Einstellungen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Eigene Dateien
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Anwendungsdaten
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Anwendungsdaten
2014-03-06 22:10 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-06 22:10 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-06 22:10 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-06 22:10 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-06 22:06 - 2014-03-06 22:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-06 22:04 - 2014-03-07 15:52 - 00000000 ____D () C:\ProgramData\Creative
2014-03-06 22:04 - 2014-03-07 14:10 - 00001772 ___RH () C:\Windows\ctfile.rfc
2014-03-06 22:01 - 2014-03-08 13:30 - 00000000 ____D () C:\Windows\Panther
2014-03-06 21:58 - 2014-03-06 21:58 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-06 20:33 - 2014-03-06 20:33 - 00003364 _____ () C:\Users\Admin\Desktop\Windows-Kompatibilitätsbericht.htm
2014-03-05 20:27 - 2014-03-06 20:24 - 00002544 _____ () C:\Windows\diagwrn.xml
2014-03-05 20:27 - 2014-03-06 20:24 - 00001890 _____ () C:\Windows\diagerr.xml
2014-03-01 09:08 - 2014-03-06 22:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-01 09:08 - 2014-03-06 22:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-01 09:08 - 2014-03-06 22:13 - 00000000 ____D () C:\Program Files\iTunes
2014-03-01 09:08 - 2014-03-06 22:13 - 00000000 ____D () C:\Program Files\iPod
2014-03-01 09:08 - 2014-03-01 09:08 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 08:55 - 2014-03-01 08:55 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-03-01 08:54 - 2014-03-06 22:23 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-02-26 19:48 - 2014-02-26 20:23 - 00041472 _____ () C:\Users\Admin\Documents\umsatz Format2.xls
2014-02-26 18:11 - 2014-03-06 22:21 - 00000000 ____D () C:\Program Files (x86)\Lexmark 5600-6600 Series
2014-02-26 18:11 - 2014-03-06 22:13 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-02-26 18:11 - 2009-10-16 12:26 - 00001867 _____ () C:\Windows\SysWOW64\lxdu.loc
2014-02-26 18:11 - 2009-10-16 12:07 - 00335872 _____ () C:\Windows\SysWOW64\lxducomx.dll
2014-02-26 18:11 - 2009-10-16 12:07 - 00109056 _____ () C:\Windows\system32\lxduvs.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01661952 _____ ( ) C:\Windows\system32\lxduserv.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01338368 _____ ( ) C:\Windows\system32\lxduusb1.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01291264 _____ ( ) C:\Windows\system32\lxducomc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01091584 _____ ( ) C:\Windows\system32\lxduhbn3.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01069056 _____ ( ) C:\Windows\SysWOW64\lxduserv.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 01039360 _____ ( ) C:\Windows\system32\lxducoms.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00987648 _____ ( ) C:\Windows\system32\lxdupmui.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00897024 _____ ( ) C:\Windows\system32\lxdulmpm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00860160 _____ ( ) C:\Windows\SysWOW64\lxduusb1.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00761856 _____ ( ) C:\Windows\SysWOW64\lxducomc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00684032 _____ ( ) C:\Windows\SysWOW64\lxduhbn3.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00651264 _____ ( ) C:\Windows\SysWOW64\lxdupmui.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00610304 _____ ( ) C:\Windows\system32\lxducfg.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00589824 _____ ( ) C:\Windows\SysWOW64\lxducoms.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00580608 _____ ( ) C:\Windows\system32\lxducomm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00577536 _____ ( ) C:\Windows\SysWOW64\lxdulmpm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00548352 _____ ( ) C:\Windows\system32\lxduinpa.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00521216 _____ ( ) C:\Windows\system32\lxduih.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00513024 _____ ( ) C:\Windows\system32\lxduiesc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00376832 _____ ( ) C:\Windows\SysWOW64\lxducomm.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxduinpa.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxducfg.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00339968 _____ ( ) C:\Windows\SysWOW64\lxduiesc.dll
2014-02-26 18:11 - 2009-10-16 12:06 - 00323584 _____ ( ) C:\Windows\SysWOW64\lxduih.exe
2014-02-26 18:11 - 2009-10-16 12:06 - 00126976 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxdulnks.dll
2014-02-26 18:11 - 2009-10-16 11:56 - 00300032 _____ () C:\Windows\system32\lxdugrd.dll
2014-02-26 18:11 - 2009-07-14 05:06 - 00147456 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxdujswr.dll
2014-02-26 18:11 - 2009-07-14 05:06 - 00106496 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduinsr.dll
2014-02-26 18:11 - 2009-07-14 05:06 - 00036864 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxducur.dll
2014-02-26 18:11 - 2009-07-14 05:04 - 00200704 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduinsb.dll
2014-02-26 18:11 - 2009-07-14 05:04 - 00090112 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxducub.dll
2014-02-26 18:11 - 2009-07-14 05:02 - 00176128 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduins.dll
2014-02-26 18:11 - 2009-07-14 05:02 - 00077824 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxducu.dll
2014-02-26 18:11 - 2009-07-14 04:59 - 00544768 _____ (Lexmark International, Inc.) C:\Windows\SysWOW64\lxduutil.dll
2014-02-26 18:11 - 2009-05-21 03:26 - 00681984 _____ ( ) C:\Windows\system32\LXDUhcp.dll
2014-02-26 18:11 - 2009-05-21 01:14 - 00594944 _____ () C:\Windows\system32\LXDUinst.dll
2014-02-26 18:11 - 2009-05-20 15:57 - 00389120 _____ () C:\Windows\SysWOW64\LXDUinst.dll
2014-02-26 18:11 - 2009-04-28 05:57 - 00489472 _____ (Lexmark International, Inc.) C:\Windows\system32\LXDUwupd.dll
2014-02-26 18:11 - 2009-04-28 05:57 - 00014336 _____ (Lexmark International, Inc.) C:\Windows\system32\LXDUwupd.exe
2014-02-26 18:11 - 2008-03-06 01:56 - 00983121 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lxdugf.dll
2014-02-26 17:09 - 2014-02-26 17:09 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-02-25 22:36 - 2014-02-25 22:36 - 00000966 _____ () C:\Windows\SysWOW64\a2scan_140225-174047.txt
2014-02-22 08:46 - 2014-02-22 08:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\EurekaLog
2014-02-21 14:41 - 2014-02-21 14:41 - 00001059 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-21 09:43 - 2014-03-22 11:11 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-02-21 09:43 - 2014-03-06 22:53 - 00000000 ____D () C:\Users\Admin\Documents\Anti-Malware
2014-02-21 09:19 - 2014-02-21 09:19 - 00015395 _____ () C:\Users\Admin\Desktop\umsatz Format1.txt
2014-02-20 17:18 - 2014-02-20 17:18 - 00018015 _____ () C:\Users\Admin\Documents\umsatz2.1.xlsx
2014-02-20 17:03 - 2014-02-21 08:30 - 00018181 _____ () C:\Users\Admin\Documents\umsatz Format1.xlsx
2014-02-20 16:47 - 2014-02-20 16:47 - 00017640 _____ () C:\Users\Admin\Documents\umsatz Format.xlsx
2014-02-20 16:35 - 2014-02-20 16:35 - 00017028 _____ () C:\Users\Admin\Documents\umsatz2.xlsx
2014-02-20 16:29 - 2010-02-04 05:40 - 00086016 _____ () C:\Windows\system32\lxduoem.dll
2014-02-20 16:29 - 2010-02-04 05:39 - 00003584 _____ () C:\Windows\system32\LXDUPMRC.DLL
2014-02-20 16:29 - 2010-02-04 05:38 - 00014336 _____ () C:\Windows\system32\LXDUFXPU.DLL
2014-02-20 16:29 - 2009-05-14 07:24 - 00045568 _____ () C:\Windows\system32\LXDUPMON.DLL
2014-02-20 16:23 - 2014-03-06 22:21 - 00000000 ____D () C:\Program Files (x86)\Lexmark Toolbar
2014-02-20 16:14 - 2009-08-19 20:49 - 01400320 _____ () C:\Windows\system32\lxdudrs64.dll
2014-02-20 16:14 - 2009-08-19 20:49 - 01036288 _____ () C:\Windows\SysWOW64\lxdudrs.dll
2014-02-20 16:14 - 2009-08-19 20:49 - 00081920 _____ () C:\Windows\SysWOW64\lxducaps.dll
2014-02-20 16:14 - 2009-08-19 20:49 - 00025600 _____ () C:\Windows\system32\lxducaps64.dll
2014-02-20 16:14 - 2009-08-19 20:39 - 00077906 _____ (Lexmark International) C:\Windows\SysWOW64\lxducfg.dll
2014-02-20 16:14 - 2009-08-19 20:39 - 00069632 _____ () C:\Windows\SysWOW64\lxducnv4.dll
2014-02-20 16:14 - 2009-08-19 20:39 - 00065536 _____ (Lexmark International) C:\Windows\system32\lxducfg64.dll
2014-02-20 16:14 - 2009-08-19 20:39 - 00054784 _____ () C:\Windows\system32\lxducnv464.dll
2014-02-20 15:04 - 2014-02-20 15:04 - 00015425 _____ () C:\Users\Admin\Documents\umsatz2.csv
2014-02-20 14:58 - 2009-10-16 12:26 - 00001867 _____ () C:\Windows\system32\lxdu.loc
2014-02-20 14:58 - 2009-10-15 17:32 - 00745984 _____ ( ) C:\Windows\system32\lxducoin.dll
2014-02-20 14:58 - 2009-10-14 09:26 - 00097280 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduinsr.dll
2014-02-20 14:58 - 2009-10-14 09:26 - 00023552 _____ (Lexmark International, Inc.) C:\Windows\system32\lxducur.dll
2014-02-20 14:58 - 2009-10-14 09:25 - 00133632 _____ (Lexmark International, Inc.) C:\Windows\system32\lxdujswr.dll
2014-02-20 14:58 - 2009-07-14 05:41 - 00183296 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduinsb.dll
2014-02-20 14:58 - 2009-07-14 05:41 - 00073216 _____ (Lexmark International, Inc.) C:\Windows\system32\lxducub.dll
2014-02-20 14:58 - 2009-07-14 05:39 - 00235520 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduins.dll
2014-02-20 14:58 - 2009-07-14 05:39 - 00103936 _____ (Lexmark International, Inc.) C:\Windows\system32\lxducu.dll
2014-02-20 14:58 - 2009-07-14 05:38 - 00760320 _____ (Lexmark International, Inc.) C:\Windows\system32\lxduutil.dll
2014-02-20 14:58 - 2008-03-11 16:14 - 00065632 _____ () C:\Windows\system32\lxduprpr.chm
2014-02-20 14:58 - 2008-03-06 01:56 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lxdug.dll
2014-02-20 14:58 - 2008-03-06 01:56 - 00983121 _____ (Microsoft Corporation) C:\Windows\system32\lxdugf.dll
2014-02-20 14:58 - 2008-02-21 06:15 - 00065536 _____ (Lexmark International) C:\Windows\system32\lxducfg.dll
2014-02-20 14:38 - 2014-02-20 14:38 - 00015425 _____ () C:\Users\Admin\Documents\umsatz.csv

Vater Sohn 22.03.2014 11:17
teil 2...

Code:
==================== One Month Modified Files and Folders =======

2014-03-22 11:11 - 2014-02-21 09:43 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-22 11:11 - 2014-01-27 19:04 - 00000000 ____D () C:\FRST
2014-03-22 11:09 - 2010-02-26 13:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-22 11:08 - 2013-01-26 09:18 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-03-22 11:08 - 2013-01-26 09:18 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-03-22 11:02 - 2014-02-10 20:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-22 11:00 - 2009-07-14 05:45 - 00026912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-22 11:00 - 2009-07-14 05:45 - 00026912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-22 10:57 - 2014-03-06 23:13 - 01067334 _____ () C:\Windows\WindowsUpdate.log
2014-03-22 10:52 - 2014-03-08 15:58 - 01769624 _____ () C:\Windows\setupact.log
2014-03-22 10:52 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-22 10:46 - 2010-02-26 13:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-21 08:16 - 2011-08-01 17:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-03-20 22:16 - 2011-01-07 19:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-03-20 18:49 - 2014-03-20 18:49 - 00017701 _____ () C:\Users\Admin\Desktop\Emsisoft Anti-Malware für besten Schutz - Gratis Malware Entfernung von Viren, Bots, Spyware, Keylogger, Trojaner und Rootkits.htm
2014-03-20 18:49 - 2014-03-20 18:49 - 00000000 ____D () C:\Users\Admin\Desktop\Emsisoft Anti-Malware für besten Schutz - Gratis Malware Entfernung von Viren, Bots, Spyware, Keylogger, Trojaner und Rootkits-Dateien
2014-03-20 11:19 - 2014-03-20 11:19 - 00004027 _____ () C:\Users\Admin\Documents\Warenkorb2.psc
2014-03-20 11:19 - 2014-03-20 11:19 - 00000000 ____D () C:\Users\Admin\Documents\Warenkorb2-Dateien
2014-03-20 09:39 - 2012-04-27 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-19 21:21 - 2014-03-19 21:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 21:18 - 2014-03-06 22:10 - 00000000 ____D () C:\ProgramData\lx_Cats
2014-03-19 21:17 - 2014-03-19 21:17 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (12).txt
2014-03-19 21:12 - 2014-01-27 18:46 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-03-19 21:08 - 2014-03-19 21:08 - 00000873 _____ () C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2014-03-19 21:08 - 2014-03-19 21:08 - 00000000 ____D () C:\Program Files\CPUID
2014-03-19 21:06 - 2013-09-01 09:21 - 00000000 ____D () C:\Users\Admin\Desktop\Tim Melzer
2014-03-19 18:37 - 2014-03-19 18:36 - 00000034 _____ () C:\Users\Admin\Desktop\Neues Textdokument (11).txt
2014-03-19 17:44 - 2012-11-27 17:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-19 17:42 - 2014-03-19 17:42 - 00000800 _____ () C:\Users\Public\Desktop\Speccy.lnk
2014-03-19 17:42 - 2011-04-17 09:05 - 00000000 ____D () C:\Program Files\Speccy
2014-03-19 17:30 - 2014-03-18 21:14 - 00007628 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2014-03-19 17:28 - 2014-03-19 17:28 - 04845384 _____ (Piriform Ltd) C:\Users\Admin\Downloads\spsetup125.exe
2014-03-19 17:28 - 2014-03-19 17:27 - 04765152 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup411.exe
2014-03-19 13:08 - 2014-03-19 13:08 - 00000000 ____D () C:\ProgramData\ATI
2014-03-19 13:08 - 2014-03-19 13:08 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-03-19 13:08 - 2012-03-09 17:12 - 00000000 ____D () C:\ProgramData\AMD
2014-03-19 13:07 - 2014-03-19 13:07 - 00055617 _____ () C:\Windows\SysWOW64\CCCInstall_201403191307538464.log
2014-03-19 13:07 - 2013-02-28 19:49 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-03-19 13:05 - 2014-03-19 13:05 - 00000000 ____D () C:\Program Files\AMD
2014-03-19 12:59 - 2014-03-19 12:59 - 00000000 ____D () C:\AMD
2014-03-19 10:46 - 2014-03-19 10:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-19 09:12 - 2011-04-12 08:43 - 00767914 _____ () C:\Windows\system32\perfh007.dat
2014-03-19 09:12 - 2011-04-12 08:43 - 00174644 _____ () C:\Windows\system32\perfc007.dat
2014-03-19 09:12 - 2009-07-14 06:13 - 01811218 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 20:39 - 2013-07-27 09:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 20:25 - 2014-03-07 06:12 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 11:59 - 2013-01-10 16:58 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000
2014-03-18 11:59 - 2013-01-10 16:58 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000
2014-03-17 19:56 - 2011-01-07 19:19 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-03-17 19:21 - 2014-03-17 19:21 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (9).txt
2014-03-17 17:59 - 2010-03-27 13:18 - 00000000 ____D () C:\Users\Admin\VMLites
2014-03-17 17:46 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-17 09:29 - 2014-03-17 09:29 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser2
2014-03-17 08:13 - 2014-02-10 20:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-17 08:13 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-17 08:13 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-17 07:59 - 2009-07-14 05:45 - 05010784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-17 07:58 - 2011-12-31 10:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-17 07:58 - 2011-12-31 10:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 21:21 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-08 19:20 - 2010-08-29 20:28 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-03-08 19:20 - 2010-08-29 20:27 - 00000000 ____D () C:\ProgramData\DivX
2014-03-08 16:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-03-08 15:58 - 2014-03-08 15:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-08 13:30 - 2014-03-06 22:01 - 00000000 ____D () C:\Windows\Panther
2014-03-08 13:28 - 2014-03-08 13:28 - 00000826 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-07 15:52 - 2014-03-06 22:04 - 00000000 ____D () C:\ProgramData\Creative
2014-03-07 15:46 - 2014-03-07 15:46 - 00119960 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-07 14:16 - 2009-09-17 22:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-07 14:10 - 2014-03-06 22:04 - 00001772 ___RH () C:\Windows\ctfile.rfc
2014-03-07 14:07 - 2014-03-07 14:07 - 00002320 _____ () C:\Users\Public\Desktop\Creative-Produktregistrierung.lnk
2014-03-07 14:07 - 2010-12-24 16:13 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-03-07 13:57 - 2010-09-04 12:45 - 00000000 ___HD () C:\Program Files (x86)\Creative Installation Information
2014-03-07 13:55 - 2010-12-24 16:19 - 00000000 ____D () C:\Program Files\Creative
2014-03-07 12:43 - 2014-02-05 05:02 - 00119960 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-03-07 12:42 - 2014-03-07 05:05 - 00001447 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-07 12:42 - 2014-03-07 05:05 - 00001413 _____ () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-07 12:42 - 2010-02-08 10:13 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-07 12:42 - 2010-02-08 10:13 - 00000000 ___RD () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-07 12:18 - 2011-04-12 08:55 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-07 12:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-07 12:18 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-07 12:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-07 12:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-07 05:34 - 2014-03-07 05:34 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-07 05:34 - 2014-03-07 05:34 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-07 05:34 - 2014-03-07 05:34 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-07 05:34 - 2014-03-07 05:34 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-07 05:34 - 2014-03-07 05:34 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-07 05:34 - 2014-03-07 05:34 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-07 05:34 - 2014-03-07 05:34 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-07 05:34 - 2014-03-07 05:34 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-07 05:34 - 2014-03-07 05:34 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-07 05:16 - 2014-03-07 05:13 - 01784562 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-07 05:10 - 2010-02-26 19:02 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-03-07 05:10 - 2010-02-26 19:02 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-03-07 05:04 - 2014-03-07 05:04 - 00000020 ___SH () C:\Users\Admin\ntuser.ini
2014-03-07 05:04 - 2014-03-06 22:10 - 00000000 ____D () C:\Users\Admin
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Favoriten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-03-07 05:03 - 2014-03-07 05:03 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-03-07 05:03 - 2010-02-08 10:13 - 00000000 ____D () C:\Recovery
2014-03-07 05:03 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-03-07 05:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-07 05:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Windows NT
2014-03-06 23:21 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\restore
2014-03-06 23:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Registration
2014-03-06 23:02 - 2014-03-06 23:02 - 00022960 _____ () C:\Windows\system32\emptyregdb.dat
2014-03-06 23:01 - 2013-05-19 11:47 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-03-06 23:01 - 2010-03-20 14:08 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-03-06 23:01 - 2009-09-17 22:40 - 00000000 ____D () C:\Windows\System32\Tasks\Recovery Management
2014-03-06 22:56 - 2010-03-20 14:08 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default\Documents\Visual Studio 2010
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default User\Documents\Visual Studio 2010
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-06 22:55 - 2014-03-06 22:55 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-06 22:55 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-06 22:55 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-06 22:55 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-06 22:55 - 2009-07-14 04:20 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-06 22:54 - 2013-12-16 19:46 - 00000000 ____D () C:\Users\Admin\Downloads\lame3.99.5
2014-03-06 22:54 - 2013-12-13 16:58 - 00000000 ____D () C:\Users\Admin\Downloads\EVEMon-binaries-1.8.4.4125
2014-03-06 22:54 - 2013-11-30 18:52 - 00000000 ____D () C:\Users\Admin\Downloads\Datie für Photoshop
2014-03-06 22:54 - 2013-11-29 22:13 - 00000000 ____D () C:\Users\Admin\Documents\Warenkorb-Dateien
2014-03-06 22:54 - 2013-01-06 20:45 - 00000000 ____D () C:\Users\Admin\Documents\StreamTransport
2014-03-06 22:54 - 2012-09-10 16:40 - 00000000 ___RD () C:\Users\Admin\Documents\Notes
2014-03-06 22:54 - 2012-08-24 14:56 - 00000000 ____D () C:\Users\Admin\Documents\Sniper - Ghost Warrior
2014-03-06 22:54 - 2012-08-08 19:49 - 00000000 ____D () C:\Users\Admin\Downloads\Neuer Ordner
2014-03-06 22:54 - 2012-04-03 15:49 - 00000000 ____D () C:\Users\Admin\Documents\iRinger Tones
2014-03-06 22:54 - 2012-01-07 18:48 - 00000000 ____D () C:\Users\Admin\Documents\wondertouch
2014-03-06 22:54 - 2011-02-27 13:23 - 00000000 ____D () C:\Users\Admin\Downloads\tomtom
2014-03-06 22:54 - 2011-02-16 19:30 - 00000000 ____D () C:\Users\Admin\Downloads\Nokia Vs Post Mix
2014-03-06 22:54 - 2011-02-04 21:47 - 00000000 ____D () C:\Users\Admin\Documents\webkit
2014-03-06 22:54 - 2011-01-30 13:02 - 00000000 ____D () C:\Users\Admin\Documents\gegl-0.1
2014-03-06 22:54 - 2011-01-28 18:59 - 00000000 ____D () C:\Users\Admin\Documents\ICQ
2014-03-06 22:54 - 2011-01-26 20:35 - 00000000 ____D () C:\Users\Admin\Documents\gegl-0.0
2014-03-06 22:54 - 2011-01-25 20:24 - 00000000 ____D () C:\Users\Admin\dwhelper
2014-03-06 22:54 - 2011-01-19 21:12 - 00000000 ____D () C:\Users\Admin\Library
2014-03-06 22:54 - 2010-12-19 11:33 - 00000000 ____D () C:\Users\Admin\Documents\SH4
2014-03-06 22:54 - 2010-12-19 11:32 - 00000000 ____D () C:\Users\Admin\Documents\GameShadow
2014-03-06 22:54 - 2010-12-10 19:20 - 00000000 ____D () C:\Users\Admin\Documents\Mein CEWE FOTOBUCH GoldeneHochzeit_mcf-Dateien
2014-03-06 22:54 - 2010-12-10 18:16 - 00000000 ____D () C:\Users\Admin\Documents\Mein CEWE FOTOBUCH_mcf-Dateien
2014-03-06 22:54 - 2010-12-10 17:35 - 00000000 ____D () C:\Users\Admin\Documents\restore
2014-03-06 22:54 - 2010-11-22 19:17 - 00000000 ____D () C:\Users\Admin\Documents\id Software
2014-03-06 22:54 - 2010-10-26 17:26 - 00000000 ____D () C:\Users\Admin\Documents\Visual Studio 2010
2014-03-06 22:54 - 2010-10-02 17:25 - 00000000 ____D () C:\Users\Admin\Unigine Heaven
2014-03-06 22:54 - 2010-09-05 13:41 - 00000000 ____D () C:\Users\Admin\Documents\TomTom
2014-03-06 22:54 - 2010-08-22 21:51 - 00000000 ____D () C:\Users\Admin\Documents\SimBin
2014-03-06 22:54 - 2010-08-22 13:28 - 00000000 ____D () C:\Users\Admin\Documents\RACE07DEMO
2014-03-06 22:54 - 2010-03-16 18:39 - 00000000 ____D () C:\Users\Admin\Documents\TrackMania
2014-03-06 22:54 - 2010-03-06 20:02 - 00000000 ____D () C:\Users\Admin\Documents\RACE
2014-03-06 22:54 - 2010-03-06 11:26 - 00000000 ____D () C:\Users\Admin\Documents\My WeGame Screenshots
2014-03-06 22:54 - 2010-02-26 19:05 - 00000000 ____D () C:\Users\Admin\Documents\My Games
2014-03-06 22:54 - 2010-02-26 12:44 - 00000000 ____D () C:\Users\Admin\Documents\MozBackup-1.4.10-EN
2014-03-06 22:53 - 2014-02-21 09:43 - 00000000 ____D () C:\Users\Admin\Documents\Anti-Malware
2014-03-06 22:53 - 2014-02-12 17:19 - 00000000 ____D () C:\Users\Admin\Desktop\dead_font_walking
2014-03-06 22:53 - 2014-01-19 14:05 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-03-06 22:53 - 2013-12-28 09:17 - 00000000 ____D () C:\Users\Admin\Desktop\Tacho C270CDI
2014-03-06 22:53 - 2013-09-28 15:54 - 00000000 ____D () C:\Users\Admin\Desktop\Photoshop Tuturials
2014-03-06 22:53 - 2013-06-23 16:55 - 00000000 ____D () C:\Users\Admin\Desktop\Gitarren Kurse
2014-03-06 22:53 - 2013-05-20 17:19 - 00000000 ____D () C:\Users\Admin\Desktop\youtube2mp3-1.2.4
2014-03-06 22:53 - 2013-04-27 10:12 - 00000000 ____D () C:\Users\Admin\Desktop\Sound TEST
2014-03-06 22:53 - 2013-04-07 07:40 - 00000000 ____D () C:\Users\Admin\Desktop\download-downloadfile-5840
2014-03-06 22:53 - 2013-04-02 20:02 - 00000000 ____D () C:\Users\Admin\Desktop\fpw_0.6.19
2014-03-06 22:53 - 2012-12-25 21:07 - 00000000 ____D () C:\Users\Admin\Desktop\EVE Online
2014-03-06 22:53 - 2012-05-12 12:29 - 00000000 ____D () C:\Users\Admin\Desktop\sandisk
2014-03-06 22:53 - 2012-03-03 09:49 - 00000000 ____D () C:\Users\Admin\Documents\America's Army 3
2014-03-06 22:53 - 2012-01-07 12:13 - 00000000 ____D () C:\Users\Admin\Desktop\Kfz Schmiede Marnerdeich
2014-03-06 22:53 - 2011-12-25 18:55 - 00000000 ____D () C:\Users\Admin\Documents\ConvertXToDVD
2014-03-06 22:53 - 2011-11-27 14:45 - 00000000 ____D () C:\Users\Admin\Desktop\webSPELL4.2.3a(1)
2014-03-06 22:53 - 2011-10-28 14:52 - 00000000 ____D () C:\Users\Admin\Documents\Battlefield 3
2014-03-06 22:53 - 2011-09-28 06:23 - 00000000 ____D () C:\Users\Admin\Documents\DeadIsland
2014-03-06 22:53 - 2011-08-12 15:44 - 00000000 ____D () C:\Users\Admin\Documents\3DMark 11
2014-03-06 22:53 - 2011-07-10 14:04 - 00000000 ____D () C:\Users\Admin\Desktop\mp3
2014-03-06 22:53 - 2011-07-09 16:37 - 00000000 ____D () C:\Users\Admin\Desktop\Stolen
2014-03-06 22:53 - 2011-05-01 17:49 - 00000000 ____D () C:\Users\Admin\Documents\Ausgaben
2014-03-06 22:53 - 2011-04-02 13:32 - 00000000 ____D () C:\Users\Admin\Desktop\firefox recoveriy
2014-03-06 22:53 - 2011-03-25 18:19 - 00000000 ____D () C:\Users\Admin\Desktop\unplugged
2014-03-06 22:53 - 2011-03-13 13:55 - 00000000 ____D () C:\Users\Admin\Desktop\DataRecovery_EN
2014-03-06 22:53 - 2011-02-13 10:53 - 00000000 ____D () C:\Users\Admin\Desktop\C270 CDI Horst
2014-03-06 22:53 - 2011-02-01 21:08 - 00000000 ____D () C:\Users\Admin\Documents\4A Games
2014-03-06 22:53 - 2010-12-18 16:03 - 00000000 ____D () C:\Users\Admin\Documents\Codemasters
2014-03-06 22:53 - 2010-10-31 13:26 - 00000000 ____D () C:\Users\Admin\Desktop\EM BC2 Configurator 1.12b by psycho063
2014-03-06 22:53 - 2010-10-31 13:08 - 00000000 ____D () C:\Users\Admin\Documents\BFBC2
2014-03-06 22:53 - 2010-10-03 12:59 - 00000000 ____D () C:\Users\Admin\Desktop\Neuer Ordner
2014-03-06 22:53 - 2010-10-02 15:42 - 00000000 ____D () C:\Users\Admin\Documents\CAPCOM
2014-03-06 22:53 - 2010-09-01 17:28 - 00000000 ____D () C:\Users\Admin\Desktop\NL senden
2014-03-06 22:53 - 2010-08-22 11:12 - 00000000 ____D () C:\Users\Admin\Desktop\Maping
2014-03-06 22:53 - 2010-06-15 18:17 - 00000000 ____D () C:\Users\Admin\Documents\EVE
2014-03-06 22:53 - 2010-06-06 20:33 - 00000000 ____D () C:\Users\Admin\Documents\Any Video Converter
2014-03-06 22:53 - 2010-05-21 18:14 - 00000000 ____D () C:\Users\Admin\Documents\DVDVideoSoft
2014-03-06 22:53 - 2010-05-06 18:46 - 00000000 ____D () C:\Users\Admin\Documents\Fax
2014-03-06 22:53 - 2010-03-28 13:00 - 00000000 ____D () C:\Users\Admin\Documents\Electronic Arts
2014-03-06 22:53 - 2010-03-28 12:59 - 00000000 ____D () C:\Users\Admin\Documents\Electrontic Arts
2014-03-06 22:53 - 2010-03-20 14:02 - 00000000 ____D () C:\Users\Admin\Documents\BFBC2_original
2014-03-06 22:53 - 2010-03-13 19:47 - 00000000 ____D () C:\Users\Admin\Documents\Battlefield 2
2014-03-06 22:53 - 2010-02-25 16:16 - 00000000 ____D () C:\Users\Admin\Documents\AquaMark3
2014-03-06 22:53 - 2008-02-27 17:01 - 00000000 ____D () C:\Users\Admin\Documents\Adobe
2014-03-06 22:52 - 2011-12-20 11:13 - 00000000 ____D () C:\Users\Admin\Desktop\AFR Intro
2014-03-06 22:52 - 2011-11-19 21:54 - 00000000 ____D () C:\Users\Admin\Desktop\AFR Page19112011
2014-03-06 22:52 - 2011-02-28 19:19 - 00000000 ____D () C:\Users\Admin\Desktop\af
2014-03-06 22:52 - 2010-12-07 20:06 - 00000000 ____D () C:\Users\Admin\Desktop\afr page
2014-03-06 22:51 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-03-06 22:51 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-03-06 22:51 - 2013-12-13 17:03 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EVEMon
2014-03-06 22:51 - 2013-08-31 08:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2014-03-06 22:51 - 2013-03-10 19:22 - 00000000 ____D () C:\Users\Admin\Desktop\100DICAM
2014-03-06 22:51 - 2013-02-16 08:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DashCommand
2014-03-06 22:51 - 2013-01-26 09:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-03-06 22:51 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-03-06 22:51 - 2012-10-01 20:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-06 22:51 - 2012-09-22 11:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\RealNetworks
2014-03-06 22:51 - 2012-08-10 17:19 - 00000000 ____D () C:\Users\Admin\Desktop\Adobe After Effects CS5.5
2014-03-06 22:51 - 2012-07-22 16:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DVDVideoSoft
2014-03-06 22:51 - 2012-05-04 16:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\eSobi
2014-03-06 22:51 - 2012-04-21 07:54 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mp3tag
2014-03-06 22:51 - 2012-04-01 16:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Rovio
2014-03-06 22:51 - 2012-03-10 14:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Need for Speed World
2014-03-06 22:51 - 2012-02-24 21:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\EVEMon
2014-03-06 22:51 - 2012-01-14 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Media Server
2014-03-06 22:51 - 2012-01-14 09:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TVersity Codec Pack
2014-03-06 22:51 - 2011-12-27 18:51 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ski Challenge 12 (SRF)
2014-03-06 22:51 - 2011-12-18 23:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FreeFLVConverter
2014-03-06 22:51 - 2011-12-11 12:09 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\HandBrake
2014-03-06 22:51 - 2011-12-04 09:53 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FireShot
2014-03-06 22:51 - 2011-11-19 15:44 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-06 22:51 - 2011-10-27 17:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Origin
2014-03-06 22:51 - 2011-10-03 18:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DeepBurner Pro
2014-03-06 22:51 - 2011-09-11 20:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\XBMC
2014-03-06 22:51 - 2011-09-11 20:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\XBMC
2014-03-06 22:51 - 2011-09-01 17:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ImTOO
2014-03-06 22:51 - 2011-08-21 17:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\kiwi.software.NET
2014-03-06 22:51 - 2011-08-21 16:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Exif Viewer
2014-03-06 22:51 - 2011-05-08 11:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\EAC
2014-03-06 22:51 - 2011-04-28 12:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SlySoft
2014-03-06 22:51 - 2011-04-08 20:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-03-06 22:51 - 2011-04-02 13:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\www.shadowexplorer.com
2014-03-06 22:51 - 2011-03-12 10:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Vidalia
2014-03-06 22:51 - 2011-03-12 10:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Tor
2014-03-06 22:51 - 2011-03-05 18:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Stardock
2014-03-06 22:51 - 2011-02-27 16:47 - 00000000 ____D () C:\Users\Admin\Desktop\Adobe CS4
2014-03-06 22:51 - 2011-02-19 16:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Real
2014-03-06 22:51 - 2011-02-18 16:05 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD
2014-03-06 22:51 - 2011-02-11 16:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\MyPhoneExplorer
2014-03-06 22:51 - 2011-02-05 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Leadertech
2014-03-06 22:51 - 2011-01-26 21:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\gtk-2.0
2014-03-06 22:51 - 2011-01-21 15:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Debugmode
2014-03-06 22:51 - 2011-01-16 12:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2014-03-06 22:51 - 2010-12-19 11:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameShadow
2014-03-06 22:51 - 2010-12-05 10:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Ubisoft
2014-03-06 22:51 - 2010-10-30 18:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\teamspeak2
2014-03-06 22:51 - 2010-10-24 17:21 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logishrd
2014-03-06 22:51 - 2010-10-10 09:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Lexmark Productivity Studio
2014-03-06 22:51 - 2010-09-11 13:06 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\U3
2014-03-06 22:51 - 2010-09-05 13:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TomTom
2014-03-06 22:51 - 2010-09-04 12:52 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
2014-03-06 22:51 - 2010-08-29 20:29 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DivX
2014-03-06 22:51 - 2010-07-24 19:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\W
2014-03-06 22:51 - 2010-07-24 19:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\wargaming.net
2014-03-06 22:51 - 2010-07-24 11:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-03-06 22:51 - 2010-07-23 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Realtime Soft
2014-03-06 22:51 - 2010-07-22 18:47 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2014-03-06 22:51 - 2010-07-19 19:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PadWorld Entertainment
2014-03-06 22:51 - 2010-06-26 16:42 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\HLSW
2014-03-06 22:51 - 2010-06-07 09:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2014-03-06 22:51 - 2010-05-21 17:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Logitech
2014-03-06 22:51 - 2010-05-21 17:15 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\InstallShield
2014-03-06 22:51 - 2010-05-12 19:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FRITZ!
2014-03-06 22:51 - 2010-05-12 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-03-06 22:51 - 2010-05-10 17:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\SoftDMA
2014-03-06 22:51 - 2010-05-08 15:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\WinRAR
2014-03-06 22:51 - 2010-04-30 19:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\GetRight
2014-03-06 22:51 - 2010-03-28 15:38 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ICQ
2014-03-06 22:51 - 2010-03-27 14:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nero
2014-03-06 22:51 - 2010-03-27 13:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VMLite Workstation
2014-03-06 22:51 - 2010-03-25 17:40 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-03-06 22:51 - 2010-03-15 11:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\hdbADS
2014-03-06 22:51 - 2010-03-15 11:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nvu
2014-03-06 22:51 - 2010-03-14 12:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-03-06 22:51 - 2010-03-07 18:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FileZilla
2014-03-06 22:51 - 2010-02-26 21:27 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-03-06 22:51 - 2010-02-26 15:57 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Thunderbird
2014-03-06 22:51 - 2010-02-26 13:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mumble
2014-03-06 22:51 - 2010-02-26 12:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2014-03-06 22:51 - 2010-02-26 12:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Google
2014-03-06 22:51 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Macromedia
2014-03-06 22:50 - 2012-10-01 20:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe Mini Bridge CS5
2014-03-06 22:50 - 2012-08-08 19:41 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-03-06 22:50 - 2011-12-18 11:16 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Pro
2014-03-06 22:50 - 2011-10-03 12:35 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-03-06 22:50 - 2011-08-21 08:34 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-03-06 22:50 - 2011-05-08 11:13 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AccurateRip
2014-03-06 22:50 - 2011-01-27 17:26 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\.minecraft
2014-03-06 22:50 - 2011-01-20 19:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\aignes
2014-03-06 22:50 - 2011-01-19 21:12 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\com.adobe.ExMan
2014-03-06 22:50 - 2010-10-09 13:24 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\5600-6600 Series
2014-03-06 22:50 - 2010-09-04 12:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Creative
2014-03-06 22:50 - 2010-07-11 11:11 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Apple Computer
2014-03-06 22:50 - 2010-06-07 09:22 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVS4YOU
2014-03-06 22:50 - 2010-06-06 20:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AnvSoft
2014-03-06 22:50 - 2010-05-10 17:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\CyberLink
2014-03-06 22:50 - 2010-03-27 13:22 - 00000000 ____D () C:\Users\Admin\AppData\Local\VMLite Workstation
2014-03-06 22:50 - 2010-03-13 16:48 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2014-03-06 22:50 - 2010-03-06 11:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\WeGame
2014-03-06 22:50 - 2010-02-26 12:32 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2014-03-06 22:50 - 2010-02-08 10:14 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ATI
2014-03-06 22:50 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\VirtualStore
2014-03-06 22:49 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-03-06 22:49 - 2012-10-20 20:59 - 00000000 ____D () C:\Users\Admin\AppData\Local\SCE
2014-03-06 22:49 - 2012-09-19 10:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\PhotoGenie
2014-03-06 22:49 - 2012-03-28 06:24 - 00000000 ____D () C:\Users\Admin\AppData\Local\Sony Ericsson
2014-03-06 22:49 - 2011-12-11 12:48 - 00000000 ____D () C:\Users\Admin\AppData\Local\MPlayer
2014-03-06 22:49 - 2011-11-27 18:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\PAYDAY
2014-03-06 22:49 - 2011-10-27 17:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Origin
2014-03-06 22:49 - 2010-09-25 17:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\NPE
2014-03-06 22:49 - 2010-09-05 13:41 - 00000000 ____D () C:\Users\Admin\AppData\Local\TomTom
2014-03-06 22:49 - 2010-08-04 18:06 - 00000000 ____D () C:\Users\Admin\AppData\Local\Sunbelt Software
2014-03-06 22:49 - 2010-07-24 08:02 - 00000000 ____D () C:\Users\Admin\AppData\Local\Realtime Soft
2014-03-06 22:49 - 2010-03-20 13:31 - 00000000 ____D () C:\Users\Admin\AppData\Local\PunkBuster
2014-03-06 22:49 - 2010-03-18 21:19 - 00000000 ____D () C:\Users\Admin\AppData\Local\Super Internet TV
2014-03-06 22:49 - 2010-02-26 15:57 - 00000000 ____D () C:\Users\Admin\AppData\Local\Thunderbird
2014-03-06 22:49 - 2010-02-26 12:41 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2014-03-06 22:48 - 2013-08-31 08:22 - 00000000 ____D () C:\Users\Admin\AppData\Local\JDownloader v2.0
2014-03-06 22:48 - 2013-08-13 19:47 - 00000000 ____D () C:\Users\Admin\AppData\Local\ESN
2014-03-06 22:48 - 2013-04-10 16:40 - 00000000 ____D () C:\Users\Admin\AppData\Local\Eraser 6
2014-03-06 22:48 - 2012-06-18 17:18 - 00000000 ____D () C:\Users\Admin\AppData\Local\Macromedia
2014-03-06 22:48 - 2011-12-27 20:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\Electronic_Arts_Inc
2014-03-06 22:48 - 2011-12-11 12:09 - 00000000 ____D () C:\Users\Admin\AppData\Local\HandBrake
2014-03-06 22:48 - 2011-10-30 11:48 - 00000000 ____D () C:\Users\Admin\AppData\Local\ESN Sonar
2014-03-06 22:48 - 2011-08-12 15:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\IsolatedStorage
2014-03-06 22:48 - 2011-08-12 15:44 - 00000000 ____D () C:\Users\Admin\AppData\Local\Futuremark_Corporation
2014-03-06 22:48 - 2011-02-05 16:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Logishrd
2014-03-06 22:48 - 2011-01-01 12:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Games
2014-03-06 22:48 - 2010-11-22 19:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\id Software
2014-03-06 22:48 - 2010-11-10 20:28 - 00000000 ____D () C:\Users\Admin\AppData\Local\Downloaded Installations
2014-03-06 22:48 - 2010-10-26 17:35 - 00000000 ____D () C:\Users\Admin\AppData\Local\FalloutNV
2014-03-06 22:48 - 2010-07-11 11:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\iPodSoft
2014-03-06 22:48 - 2010-06-18 10:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\MAGIX
2014-03-06 22:48 - 2010-05-10 17:50 - 00000000 ____D () C:\Users\Admin\AppData\Local\CyberLink
2014-03-06 22:48 - 2010-03-28 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Local\Electronic Arts
2014-03-06 22:48 - 2010-02-26 14:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\Microsoft Help
2014-03-06 22:48 - 2010-02-26 12:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2014-03-06 22:48 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin\AppData\Local\EgisTec
2014-03-06 22:45 - 2013-10-07 19:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\BetterDS3
2014-03-06 22:45 - 2012-09-30 11:47 - 00000000 ____D () C:\Users\Admin\.jordan
2014-03-06 22:45 - 2011-12-27 20:15 - 00000000 ____D () C:\Users\Admin\AppData\Local\Akamai
2014-03-06 22:45 - 2011-11-14 18:42 - 00000000 ____D () C:\Users\Admin\AppData\Local\BF3_Config_Utility
2014-03-06 22:45 - 2011-02-01 21:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\4A Games
2014-03-06 22:45 - 2011-01-26 21:27 - 00000000 ____D () C:\Users\Admin\.thumbnails
2014-03-06 22:45 - 2011-01-26 20:35 - 00000000 ____D () C:\Users\Admin\.gimp-2.6
2014-03-06 22:45 - 2010-07-11 11:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple Computer
2014-03-06 22:45 - 2010-07-11 11:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apple
2014-03-06 22:45 - 2010-06-15 18:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\CCP
2014-03-06 22:45 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-03-06 22:45 - 2010-03-28 15:38 - 00000000 ____D () C:\Users\Admin\AppData\Local\AOL
2014-03-06 22:45 - 2010-02-08 10:14 - 00000000 ____D () C:\Users\Admin\AppData\Local\ATI
2014-03-06 22:44 - 2014-03-06 22:10 - 00000000 ____D () C:\Users\Surf and Gaming
2014-03-06 22:44 - 2011-11-22 18:02 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\EAC
2014-03-06 22:44 - 2011-11-19 16:20 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Local\BF3_Config_Utility
2014-03-06 22:44 - 2011-11-19 16:09 - 00000000 ____D () C:\Users\Surf and Gaming\Documents\Battlefield 3
2014-03-06 22:44 - 2011-11-19 16:09 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Local\PunkBuster
2014-03-06 22:44 - 2011-11-19 15:43 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\WinRAR
2014-03-06 22:44 - 2011-11-19 15:35 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Origin
2014-03-06 22:44 - 2011-11-19 15:35 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Local\Origin
2014-03-06 22:44 - 2011-09-20 16:32 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Logishrd
2014-03-06 22:44 - 2011-09-20 16:27 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Apple Computer
2014-03-06 22:44 - 2011-04-22 18:07 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Adobe
2014-03-06 22:44 - 2011-04-22 18:04 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Mozilla
2014-03-06 22:44 - 2011-04-22 18:04 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Local\Mozilla
2014-03-06 22:44 - 2011-03-22 19:58 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\TS3Client
2014-03-06 22:44 - 2011-03-22 19:58 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ___RD () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ___RD () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Realtime Soft
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Real
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Macromedia
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\Logitech
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Roaming\ATI
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Local\VirtualStore
2014-03-06 22:44 - 2011-03-22 19:57 - 00000000 ____D () C:\Users\Surf and Gaming\AppData\Local\ATI
2014-03-06 22:28 - 2011-10-31 14:25 - 00000000 ____D () C:\Windows\system32\Macromed
2014-03-06 22:28 - 2011-08-21 16:19 - 00000000 ____D () C:\Windows\uninstall
2014-03-06 22:28 - 2011-07-09 07:59 - 00000000 ____D () C:\Windows\SysWOW64\crystalreportviewers12
2014-03-06 22:28 - 2011-04-14 19:14 - 00000000 ____D () C:\Windows\system32\SPReview
2014-03-06 22:28 - 2011-04-14 19:13 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-03-06 22:28 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-03-06 22:28 - 2011-02-27 16:52 - 00000000 ____D () C:\Windows\SysWOW64\spool
2014-03-06 22:28 - 2010-12-05 20:25 - 00000000 ____D () C:\Windows\SysWOW64\Futuremark
2014-03-06 22:28 - 2010-10-26 17:29 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-03-06 22:28 - 2010-10-26 17:29 - 00000000 ____D () C:\Windows\system32\1033
2014-03-06 22:28 - 2010-10-26 17:25 - 00000000 ____D () C:\Windows\symbols
2014-03-06 22:28 - 2010-06-26 09:07 - 00000000 ____D () C:\Windows\pss
2014-03-06 22:28 - 2010-05-13 06:41 - 00000000 ____D () C:\Windows\Sun
2014-03-06 22:28 - 2010-02-26 19:02 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-03-06 22:28 - 2010-01-13 23:19 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-03-06 22:28 - 2009-09-17 22:58 - 00000000 ____D () C:\Windows\SysWOW64\OEM
2014-03-06 22:28 - 2009-09-17 22:58 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-06 22:28 - 2009-09-17 22:39 - 00000000 ____D () C:\Windows\oem
2014-03-06 22:28 - 2009-09-17 22:28 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\nti
2014-03-06 22:28 - 2009-09-17 22:26 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX
2014-03-06 22:28 - 2009-09-17 22:19 - 00000000 ____D () C:\Windows\OOBEOffer
2014-03-06 22:28 - 2009-09-17 22:16 - 00000000 ____D () C:\Windows\RaidTool
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-06 22:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system
2014-03-06 22:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-06 22:26 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-03-06 22:26 - 2014-01-29 18:37 - 00000000 ____D () C:\Windows\erdnt
2014-03-06 22:26 - 2013-12-29 17:30 - 00000000 ____D () C:\ProgramData\PMS
2014-03-06 22:26 - 2013-10-17 19:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-06 22:26 - 2013-03-23 21:39 - 00000000 ____D () C:\ProgramData\Win7codecs
2014-03-06 22:26 - 2013-01-10 16:57 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-03-06 22:26 - 2012-04-27 14:04 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-06 22:26 - 2012-03-28 06:21 - 00000000 ____D () C:\ProgramData\Sony Ericsson
2014-03-06 22:26 - 2012-01-14 09:04 - 00000000 ____D () C:\ProgramData\TVersity
2014-03-06 22:26 - 2012-01-10 21:08 - 00000000 ____D () C:\ProgramData\VS
2014-03-06 22:26 - 2012-01-08 19:48 - 00000000 ____D () C:\ProgramData\pI3_lic_file
2014-03-06 22:26 - 2012-01-07 16:37 - 00000000 ____D () C:\ProgramData\pI3demoLicense
2014-03-06 22:26 - 2011-12-25 20:02 - 00000000 ____D () C:\ProgramData\vsosdk
2014-03-06 22:26 - 2011-10-27 16:59 - 00000000 ____D () C:\ProgramData\Origin
2014-03-06 22:26 - 2011-07-16 08:13 - 00000000 ____D () C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2014-03-06 22:26 - 2011-07-09 07:59 - 00000000 ____D () C:\Windows\3F67FD4A380F4081A5061D2C0091A93E.TMP
2014-03-06 22:26 - 2011-04-12 08:54 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-03-06 22:26 - 2011-03-15 12:19 - 00000000 ____D () C:\Windows\E10DB5DAE57640EAA7FC1CB2A7B283A6.TMP
2014-03-06 22:26 - 2011-03-05 18:40 - 00000000 ____D () C:\ProgramData\Stardock
2014-03-06 22:26 - 2011-02-19 16:42 - 00000000 ____D () C:\ProgramData\Real
2014-03-06 22:26 - 2011-02-11 16:15 - 00000000 ____D () C:\ProgramData\PageshotsPro
2014-03-06 22:26 - 2011-02-05 16:54 - 00000000 ____D () C:\Users\Public\Documents\LogiShrd
2014-03-06 22:26 - 2011-01-15 17:19 - 00000000 ____D () C:\ProgramData\Soluto
2014-03-06 22:26 - 2010-12-10 17:14 - 00000000 ____D () C:\ProgramData\tmp
2014-03-06 22:26 - 2010-12-07 20:02 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-03-06 22:26 - 2010-12-05 10:29 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-03-06 22:26 - 2010-11-21 09:24 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-03-06 22:26 - 2010-09-25 17:50 - 00000000 ____D () C:\ProgramData\Norton
2014-03-06 22:26 - 2010-09-05 13:42 - 00000000 ____D () C:\ProgramData\TomTom
2014-03-06 22:26 - 2010-08-08 18:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-06 22:26 - 2010-07-23 14:43 - 00000000 ____D () C:\ProgramData\Realtime Soft
2014-03-06 22:26 - 2010-07-18 10:39 - 00000000 ____D () C:\ProgramData\Saitek
2014-03-06 22:26 - 2010-07-11 11:11 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-03-06 22:26 - 2010-05-08 17:15 - 00000000 ____D () C:\ProgramData\SlySoft
2014-03-06 22:26 - 2010-05-07 22:05 - 00000000 ____D () C:\ProgramData\Sun
2014-03-06 22:26 - 2010-03-27 12:33 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-03-06 22:26 - 2010-03-18 14:00 - 00000000 ____D () C:\ProgramData\PhotoGenie
2014-03-06 22:26 - 2010-03-16 18:39 - 00000000 ____D () C:\ProgramData\TrackMania
2014-03-06 22:26 - 2010-01-30 10:03 - 00000000 ____D () C:\Users\Public\Documents\Acer
2014-03-06 22:26 - 2010-01-13 23:38 - 00000000 ____D () C:\Users\Public\Documents\Screensaver
2014-03-06 22:26 - 2009-09-17 23:00 - 00000000 ____D () C:\ProgramData\Symantec
2014-03-06 22:26 - 2009-09-17 23:00 - 00000000 ____D () C:\ProgramData\OEM
2014-03-06 22:26 - 2009-09-17 22:58 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-03-06 22:26 - 2009-09-17 22:58 - 00000000 ____D () C:\Windows\DeployWinRE
2014-03-06 22:26 - 2009-09-17 22:46 - 00000000 ____D () C:\ProgramData\Nero
2014-03-06 22:25 - 2012-06-16 16:55 - 00000000 ____D () C:\ProgramData\AVM
2014-03-06 22:25 - 2012-04-03 15:31 - 00000000 ____D () C:\ProgramData\iRinger
2014-03-06 22:25 - 2012-03-28 06:24 - 00000000 ____D () C:\ProgramData\BVRP Software
2014-03-06 22:25 - 2011-12-18 11:16 - 00000000 ____D () C:\ProgramData\DAEMON Tools Pro
2014-03-06 22:25 - 2011-10-28 14:40 - 00000000 ____D () C:\ProgramData\EA Core
2014-03-06 22:25 - 2011-10-27 16:59 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-03-06 22:25 - 2011-10-03 12:35 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-06 22:25 - 2011-09-01 17:27 - 00000000 ____D () C:\ProgramData\ImTOO
2014-03-06 22:25 - 2011-02-05 16:54 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-06 22:25 - 2011-01-16 12:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-06 22:25 - 2011-01-02 18:19 - 00000000 ____D () C:\ProgramData\Futuremark
2014-03-06 22:25 - 2010-12-10 17:14 - 00000000 ____D () C:\ProgramData\hps
2014-03-06 22:25 - 2010-10-26 18:10 - 00000000 __SHD () C:\ProgramData\DSS
2014-03-06 22:25 - 2010-10-01 18:49 - 00000000 ____D () C:\ProgramData\Creative Labs
2014-03-06 22:25 - 2010-08-20 19:47 - 00000000 ____D () C:\ProgramData\InstallShield
2014-03-06 22:25 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-06 22:25 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple
2014-03-06 22:25 - 2010-06-18 12:00 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-03-06 22:25 - 2010-06-15 18:17 - 00000000 ____D () C:\ProgramData\CCP
2014-03-06 22:25 - 2010-06-10 19:24 - 00000000 ____D () C:\ProgramData\Lexmark 5600-6600 Series
2014-03-06 22:25 - 2010-06-07 09:22 - 00000000 ____D () C:\ProgramData\AVS4YOU
2014-03-06 22:25 - 2010-04-05 17:56 - 00000000 ____D () C:\ProgramData\Astroburn Lite
2014-03-06 22:25 - 2010-04-02 11:20 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-06 22:25 - 2010-03-28 15:38 - 00000000 ____D () C:\ProgramData\ICQ
2014-03-06 22:25 - 2010-03-13 16:48 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-06 22:25 - 2010-03-05 14:59 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-06 22:25 - 2010-02-28 18:40 - 00000000 ____D () C:\ProgramData\Ezprint
2014-03-06 22:25 - 2010-02-26 19:05 - 00000000 ____D () C:\ProgramData\Codemasters
2014-03-06 22:25 - 2010-01-13 23:24 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-06 22:25 - 2009-09-17 22:59 - 00000000 ____D () C:\ProgramData\eSobi
2014-03-06 22:25 - 2009-09-17 22:53 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-06 22:25 - 2009-09-17 22:45 - 00000000 ____D () C:\ProgramData\EgisTec
2014-03-06 22:25 - 2009-09-17 22:42 - 00000000 ____D () C:\ProgramData\Google
2014-03-06 22:25 - 2009-09-17 22:42 - 00000000 ____D () C:\ProgramData\G DATA
2014-03-06 22:25 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\BackupManager
2014-03-06 22:25 - 2009-09-17 22:27 - 00000000 ____D () C:\ProgramData\MAGIX
2014-03-06 22:24 - 2014-03-01 09:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 22:24 - 2013-09-04 19:26 - 00000000 ____D () C:\Program Files (x86)\WinCDEmu
2014-03-06 22:24 - 2012-03-11 13:58 - 00000000 ____D () C:\Program Files (x86)\VID_0E8F&PID_0012
2014-03-06 22:24 - 2012-01-14 09:04 - 00000000 ____D () C:\Program Files (x86)\Xiph.Org
2014-03-06 22:24 - 2011-12-25 18:43 - 00000000 ____D () C:\Program Files (x86)\vso
2014-03-06 22:24 - 2011-09-11 20:02 - 00000000 ____D () C:\Program Files (x86)\XBMC
2014-03-06 22:24 - 2011-08-20 09:07 - 00000000 ____D () C:\Program Files (x86)\Valve
2014-03-06 22:24 - 2011-05-31 17:38 - 00000000 ____D () C:\Program Files (x86)\Virtual
2014-03-06 22:24 - 2011-03-12 10:06 - 00000000 ____D () C:\Program Files (x86)\Vidalia Bundle
2014-03-06 22:24 - 2010-10-09 13:18 - 00000000 ____D () C:\ProgramData\5600-6600 Series
2014-03-06 22:24 - 2010-07-24 11:10 - 00000000 ____D () C:\Program Files (x86)\Unlocker
2014-03-06 22:24 - 2010-07-10 17:00 - 00000000 ____D () C:\Program Files (x86)\Winamp
2014-03-06 22:24 - 2010-01-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Live SkyDrive
2014-03-06 22:24 - 2010-01-13 23:32 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-03-06 22:24 - 2009-09-17 22:39 - 00000000 ____D () C:\ProgramData\Acer
2014-03-06 22:23 - 2014-03-01 08:54 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-06 22:23 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-03-06 22:23 - 2013-01-10 16:57 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-03-06 22:23 - 2012-09-10 16:27 - 00000000 ____D () C:\Program Files (x86)\TABLET
2014-03-06 22:23 - 2012-01-14 09:04 - 00000000 ____D () C:\Program Files (x86)\TVersity Codec Pack
2014-03-06 22:23 - 2011-10-23 19:13 - 00000000 ____D () C:\Program Files (x86)\Sweet Home 3D
2014-03-06 22:23 - 2011-10-02 13:14 - 00000000 ____D () C:\Program Files (x86)\SlySoft
2014-03-06 22:23 - 2011-04-23 11:55 - 00000000 ____D () C:\Program Files (x86)\THQ
2014-03-06 22:23 - 2011-04-14 18:17 - 00000000 ____D () C:\Program Files (x86)\TCPEye
2014-03-06 22:23 - 2011-04-08 16:20 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-06 22:23 - 2011-04-02 13:17 - 00000000 ____D () C:\Program Files (x86)\ShadowExplorer
2014-03-06 22:23 - 2011-03-05 18:40 - 00000000 ____D () C:\Program Files (x86)\Stardock
2014-03-06 22:23 - 2011-03-05 14:06 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-03-06 22:23 - 2011-02-20 13:24 - 00000000 ____D () C:\Program Files (x86)\Sony Ericsson USB
2014-03-06 22:23 - 2011-02-19 16:42 - 00000000 ____D () C:\Program Files (x86)\Real
2014-03-06 22:23 - 2011-02-19 12:13 - 00000000 ____D () C:\Program Files (x86)\TVAnts
2014-03-06 22:23 - 2011-01-28 20:29 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line
2014-03-06 22:23 - 2010-10-30 18:35 - 00000000 ____D () C:\Program Files (x86)\Teamspeak2_RC2
2014-03-06 22:23 - 2010-09-05 13:40 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-03-06 22:23 - 2010-08-08 18:19 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy
2014-03-06 22:23 - 2010-04-01 21:05 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-03-06 22:23 - 2010-02-26 13:39 - 00000000 ____D () C:\Program Files (x86)\SIW
2014-03-06 22:23 - 2009-09-17 23:00 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-03-06 22:22 - 2013-12-29 17:29 - 00000000 ____D () C:\Program Files (x86)\PS3 Media Server
2014-03-06 22:22 - 2012-08-29 18:43 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-06 22:22 - 2012-08-09 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0
2014-03-06 22:22 - 2012-05-25 13:11 - 00000000 ____D () C:\Program Files (x86)\OnlineFotoservice
2014-03-06 22:22 - 2012-04-21 07:53 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-03-06 22:22 - 2011-05-31 17:38 - 00000000 ____D () C:\Program Files (x86)\Native
2014-03-06 22:22 - 2011-02-11 16:15 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-03-06 22:22 - 2011-01-28 13:21 - 00000000 ____D () C:\Program Files (x86)\Phyxion.net
2014-03-06 22:22 - 2011-01-21 15:17 - 00000000 ____D () C:\Program Files (x86)\Pure Motion
2014-03-06 22:22 - 2010-11-27 10:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7
2014-03-06 22:22 - 2010-10-26 17:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-03-06 22:22 - 2010-03-27 19:37 - 00000000 ____D () C:\Program Files (x86)\NetObjects
2014-03-06 22:22 - 2010-03-15 11:24 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-03-06 22:22 - 2010-02-26 19:02 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-03-06 22:22 - 2010-02-26 12:55 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-03-06 22:22 - 2010-01-30 10:03 - 00000000 ____D () C:\Program Files (x86)\OEM
2014-03-06 22:22 - 2010-01-13 23:37 - 00000000 ____D () C:\Program Files (x86)\Northstar
2014-03-06 22:22 - 2010-01-13 23:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-06 22:22 - 2009-09-17 22:46 - 00000000 ____D () C:\Program Files (x86)\Nero
2014-03-06 22:22 - 2009-09-17 22:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-06 22:22 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-06 22:21 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-06 22:21 - 2014-02-26 18:11 - 00000000 ____D () C:\Program Files (x86)\Lexmark 5600-6600 Series
2014-03-06 22:21 - 2014-02-20 16:23 - 00000000 ____D () C:\Program Files (x86)\Lexmark Toolbar
2014-03-06 22:21 - 2011-12-22 19:48 - 00000000 ____D () C:\Program Files (x86)\Lexmark Printable Web
2014-03-06 22:21 - 2011-11-22 18:05 - 00000000 ____D () C:\Program Files (x86)\Lavalys
2014-03-06 22:21 - 2011-08-21 17:01 - 00000000 ____D () C:\Program Files (x86)\kiwi.software.NET
2014-03-06 22:21 - 2011-01-16 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-06 22:21 - 2010-10-26 17:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-03-06 22:21 - 2010-10-26 17:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-03-06 22:21 - 2010-10-26 17:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-03-06 22:21 - 2010-05-07 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-06 22:21 - 2010-04-02 11:20 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-03-06 22:21 - 2010-03-12 17:05 - 00000000 ____D () C:\Program Files (x86)\Microsoft Picture It! 10
2014-03-06 22:21 - 2010-03-02 20:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio
2014-03-06 22:21 - 2010-02-26 19:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-03-06 22:21 - 2010-01-13 23:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-06 22:21 - 2009-09-17 22:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office Suite Activation Assistant
2014-03-06 22:21 - 2009-09-17 22:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-06 22:21 - 2009-09-17 22:26 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-03-06 22:20 - 2013-12-13 17:03 - 00000000 ____D () C:\Program Files (x86)\EVEMon
2014-03-06 22:20 - 2013-03-29 19:41 - 00000000 ____D () C:\Program Files (x86)\FLAC
2014-03-06 22:20 - 2013-03-29 19:41 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-03-06 22:20 - 2013-02-16 08:02 - 00000000 ____D () C:\Program Files (x86)\DashCommand
2014-03-06 22:20 - 2012-05-07 20:28 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-06 22:20 - 2011-12-27 20:13 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-03-06 22:20 - 2011-12-18 23:19 - 00000000 ____D () C:\Program Files (x86)\Free FLV Converter
2014-03-06 22:20 - 2011-12-11 12:47 - 00000000 ____D () C:\Program Files (x86)\DVDx 4.0 Open Edition
2014-03-06 22:20 - 2011-12-11 12:09 - 00000000 ____D () C:\Program Files (x86)\Handbrake
2014-03-06 22:20 - 2011-09-01 17:27 - 00000000 ____D () C:\Program Files (x86)\ImTOO
2014-03-06 22:20 - 2011-08-21 16:19 - 00000000 ____D () C:\Program Files (x86)\Exif Viewer
2014-03-06 22:20 - 2011-08-12 15:42 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-03-06 22:20 - 2011-07-09 07:52 - 00000000 ____D () C:\Program Files (x86)\GFI
2014-03-06 22:20 - 2011-06-21 17:32 - 00000000 ____D () C:\Program Files (x86)\Excel Protection Remover
2014-03-06 22:20 - 2011-01-21 15:17 - 00000000 ____D () C:\Program Files (x86)\DebugMode
2014-03-06 22:20 - 2010-11-20 11:38 - 00000000 ____D () C:\Program Files (x86)\ICQ7.2
2014-03-06 22:20 - 2010-07-16 22:00 - 00000000 ____D () C:\Program Files (x86)\iArt
2014-03-06 22:20 - 2010-07-06 16:16 - 00000000 ____D () C:\Program Files (x86)\FLV Player
2014-03-06 22:20 - 2010-05-12 19:49 - 00000000 ____D () C:\Program Files (x86)\FRITZ!DSL
2014-03-06 22:20 - 2010-05-12 19:47 - 00000000 ____D () C:\Program Files (x86)\FRITZ!Box
2014-03-06 22:20 - 2010-04-30 19:14 - 00000000 ____D () C:\Program Files (x86)\GetRight
2014-03-06 22:20 - 2010-03-25 17:40 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-03-06 22:20 - 2010-03-14 14:53 - 00000000 ____D () C:\Program Files (x86)\Driver Cleaner Pro
2014-03-06 22:20 - 2009-09-17 22:59 - 00000000 ____D () C:\Program Files (x86)\eSobi
2014-03-06 22:20 - 2009-09-17 22:42 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-06 22:20 - 2009-09-17 22:42 - 00000000 ____D () C:\Program Files (x86)\EgisTec Egis Software Update
2014-03-06 22:20 - 2009-09-17 22:42 - 00000000 ____D () C:\Program Files (x86)\EgisTec
2014-03-06 22:20 - 2009-09-17 22:04 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-03-06 22:19 - 2011-03-13 14:02 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-03-06 22:19 - 2011-03-01 10:36 - 00000000 ____D () C:\Program Files (x86)\ConvertHelper
2014-03-06 22:16 - 2013-05-19 11:47 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-06 22:16 - 2013-05-19 11:46 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-06 22:16 - 2013-02-28 19:49 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies
2014-03-06 22:16 - 2013-02-06 20:24 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-03-06 22:16 - 2012-08-08 19:41 - 00000000 ____D () C:\Program Files (x86)\Adobe Download Assistant
2014-03-06 22:16 - 2011-10-28 14:52 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-03-06 22:16 - 2011-07-09 07:59 - 00000000 ____D () C:\Program Files (x86)\Business Objects
2014-03-06 22:16 - 2011-02-18 16:05 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-03-06 22:16 - 2011-01-21 15:54 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-03-06 22:16 - 2010-12-20 20:19 - 00000000 ____D () C:\Program Files (x86)\Codemasters
2014-03-06 22:16 - 2010-06-18 11:56 - 00000000 ____D () C:\Program Files (x86)\Adobe Media Player
2014-03-06 22:16 - 2010-06-07 09:22 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU
2014-03-06 22:16 - 2010-05-22 12:48 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-03-06 22:16 - 2010-02-26 19:03 - 00000000 ____D () C:\Program Files (x86)\BRS
2014-03-06 22:16 - 2009-09-17 22:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-06 22:14 - 2009-09-17 22:19 - 00000000 ____D () C:\Program Files (x86)\Acer GameZone
2014-03-06 22:13 - 2014-03-06 22:10 - 00000000 ____D () C:\Program Files\Lexmark 5600-6600 Series
2014-03-06 22:13 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 22:13 - 2014-03-01 09:08 - 00000000 ____D () C:\Program Files\iPod
2014-03-06 22:13 - 2014-02-26 18:11 - 00000000 ____D () C:\Program Files\Lexmark Printable Web
2014-03-06 22:13 - 2013-04-10 16:28 - 00000000 ____D () C:\Program Files\Eraser
2014-03-06 22:13 - 2012-10-18 17:30 - 00000000 ____D () C:\Program Files\Java
2014-03-06 22:13 - 2012-06-22 17:48 - 00000000 ____D () C:\Program Files\Recuva
2014-03-06 22:13 - 2012-06-16 16:39 - 00000000 ____D () C:\Program Files\FRITZ!Fernzugang
2014-03-06 22:13 - 2012-03-11 13:58 - 00000000 ____D () C:\Program Files\VID_0E8F&PID_0012
2014-03-06 22:13 - 2011-09-04 10:23 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-06 22:13 - 2011-02-26 18:09 - 00000000 ____D () C:\Program Files\Windows XP Mode
2014-03-06 22:13 - 2011-01-30 12:57 - 00000000 ____D () C:\Program Files\GIMP 2
2014-03-06 22:13 - 2010-10-26 17:29 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0
2014-03-06 22:13 - 2010-10-26 17:27 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-03-06 22:13 - 2010-10-26 17:27 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-03-06 22:13 - 2010-10-26 17:27 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-03-06 22:13 - 2010-10-26 17:25 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2014-03-06 22:13 - 2010-10-26 17:25 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-03-06 22:13 - 2010-08-29 20:29 - 00000000 ____D () C:\Program Files\DivX
2014-03-06 22:13 - 2010-07-23 14:43 - 00000000 ____D () C:\Program Files\UltraMon
2014-03-06 22:13 - 2010-07-18 10:40 - 00000000 ____D () C:\Program Files\Saitek
2014-03-06 22:13 - 2010-06-18 11:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-06 22:13 - 2010-05-14 15:41 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2014-03-06 22:13 - 2010-05-12 19:49 - 00000000 ____D () C:\Program Files\FRITZ!DSL
2014-03-06 22:13 - 2010-05-12 19:49 - 00000000 ____D () C:\Program Files\Common Files\AVM
2014-03-06 22:13 - 2010-05-08 17:20 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-06 22:13 - 2010-03-27 13:18 - 00000000 ____D () C:\Program Files\VMLite
2014-03-06 22:13 - 2010-03-14 12:46 - 00000000 ____D () C:\Program Files\Defraggler
2014-03-06 22:13 - 2010-03-12 19:18 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-03-06 22:13 - 2010-01-13 23:19 - 00000000 ____D () C:\Program Files\Realtek
2014-03-06 22:13 - 2009-09-17 22:39 - 00000000 ____D () C:\Program Files (x86)\Acer
2014-03-06 22:13 - 2009-09-17 22:30 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-06 22:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-06 22:12 - 2013-10-12 11:30 - 00000000 ____D () C:\Program Files\Bonjour Print Services
2014-03-06 22:12 - 2013-05-19 11:46 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-06 22:12 - 2013-02-28 19:49 - 00000000 ____D () C:\Program Files\ATI
2014-03-06 22:12 - 2010-07-24 10:46 - 00000000 ____D () C:\Program Files\Adobe1
2014-03-06 22:12 - 2010-01-30 10:04 - 00000000 ____D () C:\Program Files\Acer Accessory Store
2014-03-06 22:12 - 2009-09-17 22:39 - 00000000 ____D () C:\Program Files\Acer
2014-03-06 22:10 - 2014-03-06 22:10 - 00000154 _____ () C:\Windows\system32\LexFiles.ulf
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Vorlagen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Startmenü
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Netzwerkumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Lokale Einstellungen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Eigene Dateien
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Druckumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Documents\Eigene Musik
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Documents\Eigene Bilder
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\AppData\Local\Verlauf
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\AppData\Local\Anwendungsdaten
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Surf and Gaming\Anwendungsdaten
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Vorlagen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Startmenü
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Netzwerkumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Lokale Einstellungen
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Eigene Dateien
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Druckumgebung
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Musik
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Documents\Eigene Bilder
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Verlauf
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\AppData\Local\Anwendungsdaten
2014-03-06 22:10 - 2014-03-06 22:10 - 00000000 _SHDL () C:\Users\Admin\Anwendungsdaten
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-06 22:06 - 2014-03-06 22:06 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-03-06 22:01 - 2009-07-14 06:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-03-06 22:01 - 2009-07-14 06:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-03-06 21:58 - 2014-03-06 21:58 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-03-06 20:33 - 2014-03-06 20:33 - 00003364 _____ () C:\Users\Admin\Desktop\Windows-Kompatibilitätsbericht.htm
2014-03-06 20:24 - 2014-03-05 20:27 - 00002544 _____ () C:\Windows\diagwrn.xml
2014-03-06 20:24 - 2014-03-05 20:27 - 00001890 _____ () C:\Windows\diagerr.xml
2014-03-01 19:01 - 2010-10-08 13:57 - 02029568 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-03-01 09:08 - 2014-03-01 09:08 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-01 08:55 - 2014-03-01 08:55 - 00001809 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-02-26 20:23 - 2014-02-26 19:48 - 00041472 _____ () C:\Users\Admin\Documents\umsatz Format2.xls
2014-02-26 18:11 - 2010-02-28 18:40 - 00003192 _____ () C:\Windows\System32\Tasks\Installation App Launcher
2014-02-26 17:09 - 2014-02-26 17:09 - 00000112 _____ () C:\Windows\system32\snetcfg.log
2014-02-25 22:36 - 2014-02-25 22:36 - 00000966 _____ () C:\Windows\SysWOW64\a2scan_140225-174047.txt
2014-02-25 17:57 - 2010-05-12 19:49 - 00375365 _____ () C:\Users\Admin\DesktopStCenter.txt
2014-02-23 09:49 - 2012-01-14 09:04 - 00284137 _____ () C:\Windows\SysWOW64\TVersityMediaServer.log
2014-02-23 08:12 - 2014-03-13 21:21 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 07:54 - 2014-03-13 21:21 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 07:52 - 2014-03-13 21:21 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 07:48 - 2014-03-13 21:21 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 07:48 - 2014-03-13 21:21 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 07:46 - 2014-03-13 21:21 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 07:46 - 2014-03-13 21:21 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 07:46 - 2014-03-13 21:21 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 07:45 - 2014-03-13 21:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 07:45 - 2014-03-13 21:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 07:45 - 2014-03-13 21:21 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 07:44 - 2014-03-13 21:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 07:44 - 2014-03-13 21:21 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 07:44 - 2014-03-13 21:21 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 07:44 - 2014-03-13 21:21 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 07:43 - 2014-03-13 21:21 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-23 06:50 - 2014-03-13 21:21 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-23 06:47 - 2014-03-13 21:21 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-23 06:43 - 2014-03-13 21:21 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-23 06:41 - 2014-03-13 21:21 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-23 06:40 - 2014-03-13 21:21 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-23 06:39 - 2014-03-13 21:21 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-23 06:38 - 2014-03-13 21:21 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-23 06:38 - 2014-03-13 21:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-23 06:38 - 2014-03-13 21:21 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-23 06:37 - 2014-03-13 21:21 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-23 06:37 - 2014-03-13 21:21 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-23 06:37 - 2014-03-13 21:21 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-23 06:37 - 2014-03-13 21:21 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-23 06:36 - 2014-03-13 21:21 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-23 06:36 - 2014-03-13 21:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-23 06:35 - 2014-03-13 21:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-22 08:46 - 2014-02-22 08:46 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\EurekaLog
2014-02-21 14:41 - 2014-02-21 14:41 - 00001059 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-02-21 09:19 - 2014-02-21 09:19 - 00015395 _____ () C:\Users\Admin\Desktop\umsatz Format1.txt
2014-02-21 08:30 - 2014-02-20 17:03 - 00018181 _____ () C:\Users\Admin\Documents\umsatz Format1.xlsx
2014-02-20 17:18 - 2014-02-20 17:18 - 00018015 _____ () C:\Users\Admin\Documents\umsatz2.1.xlsx
2014-02-20 16:47 - 2014-02-20 16:47 - 00017640 _____ () C:\Users\Admin\Documents\umsatz Format.xlsx
2014-02-20 16:35 - 2014-02-20 16:35 - 00017028 _____ () C:\Users\Admin\Documents\umsatz2.xlsx
2014-02-20 15:04 - 2014-02-20 15:04 - 00015425 _____ () C:\Users\Admin\Documents\umsatz2.csv
2014-02-20 14:38 - 2014-02-20 14:38 - 00015425 _____ () C:\Users\Admin\Documents\umsatz.csv
2014-02-20 12:36 - 2010-02-26 13:10 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-20 12:36 - 2010-02-26 13:10 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\DivXSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 15:02

==================== End Of Log ============================

Vater Sohn 22.03.2014 11:22
und nun das Addition´s Log

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Admin at 2014-03-22 11:12:20
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3004 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0812 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Adobe After Effects CS4 (HKLM-x32\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated)
Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS4 (HKLM-x32\...\Adobe_acce07fd2c8fe7f9e3f26243e626578) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version:  - )
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD System Monitor (HKLM-x32\...\{13EE03A3-7B77-47BC-9C42-B60576AB3A08}) (Version: 1.0.0 - Advanced Micro Devices, Inc.)
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM-x32\...\{626E44DE-8E53-7570-CFDB-06EBF8595CA8}) (Version: 2.0.4232.33935 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{6B3BA8FB-FEE1-E839-2F6E-5C121ECDAE9F}) (Version: 2.0.4385.36018 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{7156BCE1-5D8D-1A41-565E-E8E8EA604328}) (Version: 2.0.4301.35982 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{93DF9F1F-17EB-82C0-F82B-9ABC230D6DE5}) (Version: 2.0.4315.34200 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{A231A6F2-2C80-6203-ED35-2CFB96B25A38}) (Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}) (Version: 2.0.4331.36041 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{DCA75ECE-39A9-0648-CB77-F6D759364CF9}) (Version: 2.0.4469.34733 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{EBBE64F6-7E23-5857-891F-045560AECC7F}) (Version: 2.0.4674.34053 - Advanced Micro Devices, Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Converter 6 (HKLM-x32\...\AVS4YOU Video Converter 6_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
Battlefield 2(TM) (HKLM-x32\...\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}) (Version:  - )
Battlefield 2: Special Forces (HKLM-x32\...\{50D4CB89-AF34-4978-96DC-C3034062E901}) (Version:  - )
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.1.7 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{4CE925AF-6519-4FEB-BEBD-DE2BFE2944EB}) (Version: 2.0.0.36 - Apple Inc.)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1026.2246.39002 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive Beta (HKLM-x32\...\Steam App 730) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Counter-Strike: Source Beta (HKLM-x32\...\Steam App 260) (Version:  - )
CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio-Systemsteuerung (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.00 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - Creative Technology Limited)
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Creative-Diagnose (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Darkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version:  - Darkest Hour Team)
DashCommand (HKLM-x32\...\{FB891630-1C0D-437E-A04E-34543B2CF0A8}) (Version: 3.0.1 - Palmer Performance Engineering)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Deathmatch Classic (HKLM-x32\...\Steam App 40) (Version:  - Valve)
DebugMode Wax 2.0 (HKLM-x32\...\DebugMode Wax 2.0) (Version:  - )
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
DiRT 2 (HKLM-x32\...\Steam App 12840) (Version:  - Codemasters)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC)
DivxToDVD 0.5.2b (HKLM-x32\...\VSO DivxToDVD_is1) (Version: 0.5.2b - VSO-Software SARL)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
DVDx 4.0 Open Edition (HKLM-x32\...\DVDx 4.0 Open Edition) (Version: 4.0 (Open Edition) - labDV)
eBay Worldwide (HKLM-x32\...\{AAF89271-2594-468D-B578-96B2E30C41C4}) (Version: 2.1.0703 - OEM)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Eraser 6.0.10.2620 (HKLM\...\{6E5159B4-A519-41EF-80EF-AD58371515DF}) (Version: 6.0.2620 - The Eraser Project)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.8.4.4125 - battleclinic.com)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Excel Protection Remover (HKLM-x32\...\ST6UNST #1) (Version:  - )
EXIFeditor (HKLM-x32\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Exif-Viewer 2.50  (HKLM-x32\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
FileZilla Client 3.5.3 (HKCU\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
FLV Player 2.0 (build 25) (HKLM-x32\...\FLV Player) (Version: 2.0 (build 25) - Martijn de Visser)
Free Video to MP3 Converter version 3.5 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
FRITZ!DSL64 (HKLM\...\{2D5D9603-22CF-4B99-83F6-0CD20330F62E}) (Version: 2.04.03 - AVM Berlin)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
GameShadow (HKLM-x32\...\{B2390904-74BD-48AA-B2CC-6612F8D46379}) (Version: 2.03.0000 - GameShadow Ltd)
GetRight (HKLM-x32\...\GetRight_is1) (Version:  - Headlight Software, Inc.)
GFI LANguard 9.0 ReportPack (HKLM-x32\...\{3F67FD4A-380F-4081-A506-1D2C0091A93E}) (Version: 9.0.2009.0709 - GFI Software Ltd)
GFI LANguard 9.6 (HKLM-x32\...\InstallShield_{CBE19707-CF6D-4819-9574-3DFD568960FA}) (Version: 9.6.2010.1113 - GFI Software Ltd)
GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) Hidden
GFI ReportCenter Framework (HKLM-x32\...\{722C2EC9-745F-44EA-A119-D548DB55A3B0}) (Version: 3.6.2009.0630 - GFI Software Ltd)
GIMP 2.6.10 (HKLM\...\GIMP-2_is1) (Version: 2.6.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Grand Prix Legends (HKLM-x32\...\Grand Prix Legends) (Version:  - )
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
GRID (HKLM-x32\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.00.0000 - Codemasters)
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin Studios)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)
Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox)
Hama Cromo Pad (HKLM-x32\...\{975E4CAE-D408-48DA-9346-65D7DB72B7DE}) (Version: 1.00.0000 - GASIA)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
HOMEFRONT (HKLM-x32\...\Steam App 55100) (Version:  - THQ)
Host OpenAL (HKLM-x32\...\Host OpenAL) (Version: 1.00 - Creative Technology Limited)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2565057) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
iArt 3 (HKLM-x32\...\iArt_is1) (Version:  - iPodSoft)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
ImTOO Video Converter Ultimate 6 (HKLM-x32\...\ImTOO Video Converter Ultimate 6) (Version: 6.8.0.1101 - ImTOO)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead Authoring Tools (HKLM-x32\...\Steam App 513) (Version:  - Valve)
Lexmark 5600-6600 Series (HKLM\...\Lexmark 5600-6600 Series) (Version:  - Lexmark International, Inc.)
Lexmark Printable Web (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - THQ)
Microsoft .NET Framework 4.5.1 (DEU) (HKLM\...\{C513739C-5F16-37B5-9ACF-99925FF1C1F3}) (Version:  - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Foto Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0715 - Microsoft Corporation)
Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Picture It!-Bibliothek 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{12FE6AA6-65D2-40EE-B925-62193128A0E6}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{f45b48a7-f616-4211-b927-17cab6a96613}) (Version: 8.0.58298 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Mp3tag v2.50 (HKLM-x32\...\Mp3tag) (Version: v2.50 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble and Murmur (HKLM-x32\...\Mumble) (Version: 1.2.2 - Mumble)
Music Manager (HKCU\...\MusicManager) (Version:  - Google, Inc.)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.0 - F.J. Wechselberger)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.659 - Electronic Arts)
Nero 9 Essentials (HKLM-x32\...\{18c5b800-77b3-4e83-9bcd-967c26a1d75a}) (Version:  - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.2.11000.12.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{FE83F463-7E61-4B18-9FA0-B94B90A0B6B9}) (Version: 10.5.10300 - Nero AG)
Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.2.10300.0.102 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.2.10600.0.6 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.17400.8.2 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - )
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4550 - Electronic Arts, Inc.)
PageshotsPro 1.0.0 (HKLM-x32\...\PageshotsPro_is1) (Version: 1.0.0 - PageshotsPro) <==== ATTENTION
particleIllusion 3.0.4 (HKLM-x32\...\{F77685F4-49DC-4B8E-B41F-F399FE2787C7}_is1) (Version: 3.0.4 - wondertouch LLC)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin Studios)
Race: The WTCC Game (HKLM-x32\...\Steam App 4230) (Version:  - SimBin Studios)
Rapture3D 2.3.26 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform)
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version:  - Tripwire Interactive)
RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.)
Ricochet (HKLM-x32\...\Steam App 60) (Version:  - Valve)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0000 - THQ)
Saitek SD6 Programming Software 6.6.6.9 (HKLM\...\{899FCA36-ADAF-4612-8579-B37DDB0C092F}) (Version: 6.6.6.9 - Saitek)
Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
ShadowExplorer 0.8 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.8.430.0 - ShadowExplorer.com)
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version:  - )
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.03.0000 - Ubisoft)
SIW version 2010.07.14 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
SmartCopy (HKLM-x32\...\{B7BD291B-D415-4484-89A4-82077504BE93}_is1) (Version:  - Northstar Systems Corp.)
SmartLauncher (HKLM-x32\...\{57634571-FD82-4BEC-B822-A1ED7765474F}_is1) (Version:  - Northstar Systems Corp.)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version:  - City Interactive S.A.)
Sound Blaster X-Fi (HKLM-x32\...\{0C9D0200-FA32-44B7-BBB3-7C03F700C4A0}) (Version: 1.0 - )
Source SDK (HKLM-x32\...\Steam App 211) (Version:  - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Speccy (HKLM\...\Speccy) (Version: 1.25 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version:  - Oberon Media)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Sweet Home 3D version 3.3 (HKLM-x32\...\Sweet Home 3D_is1) (Version:  - eTeks)
TCPEye 1.0 (HKLM-x32\...\{998C9435-DAF8-4BDF-B9A5-F844B01D524C}_is1) (Version:  - Free Software Relase)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tom Clancy's H.A.W.X (HKLM-x32\...\{6E36A172-06FB-4BC8-B7FC-D30D219E6776}) (Version: 1.02.00000 - Ubisoft)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Trust Tablet Driver (HKLM-x32\...\TabletDriver) (Version:  - )
TVAnts 1.0 (HKLM-x32\...\TVAnts 1.0) (Version:  - )
TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
TVersity Media Server 1.9.7 (HKLM-x32\...\TVersity Media Server) (Version: 1.9.7 - TVersity)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.2.0 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UltraMon (HKLM\...\{B49673F8-7AB6-4A14-8213-C8A7BE370010}) (Version: 3.0.10 - Realtime Soft Ltd)
Unlocker 1.9.1 (HKLM-x32\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM-x32\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VMLite Workstation (HKLM\...\{197F2BEF-2705-406E-8CEB-8E404FFFE414}) (Version: 3.2.6 - VMLite)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
World of Padman (HKLM-x32\...\World of Padman) (Version: 1.1 - Padworld Entertainment)
XBMC (HKCU\...\XBMC) (Version:  - Team XBMC)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)

==================== Restore Points  =========================

11-03-2014 15:55:45 Windows Update
13-03-2014 20:19:17 Windows Update
17-03-2014 07:05:43 Windows Update
18-03-2014 19:25:07 Windows Update
19-03-2014 12:02:36 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
19-03-2014 12:03:56 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
19-03-2014 17:30:57 Installiert Überwachungstool für die Intel® Turbo-Boost-Technolo…ä±

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-01-29 18:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0115A5A6-E64A-403E-ACAA-CC03CCEA8961} - System32\Tasks\{BEC36182-3C31-41AF-903B-DA5417E01792} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {0286D2A2-1E63-4032-841E-4B977FBD7810} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {03720371-86AE-43B6-B7F3-CCCD57810264} - System32\Tasks\{1C5F50C9-41C0-4A0A-A6B2-3E2F0B13CB70} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {213B6E15-7BE6-418F-8F75-647F45A8AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {235F1315-633F-499C-BF8D-B6181DF4CCE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {38A89AE3-A38B-4CD6-8BDC-5975B69B9DE2} - System32\Tasks\{0D6D11F9-1C40-46D7-8CA3-4C7C0D126EBD} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {3B9857BE-320A-4982-BFEE-A6C0E0C60B7F} - System32\Tasks\{A399484D-F591-4733-818C-DC7338273965} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {6A521AEA-E589-4809-ADBF-FCFD96E53A6B} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {70577F12-FB82-400B-AE8A-2F65F7CA8ECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.)
Task: {71E9F36C-EAFA-43DE-9D06-E10AD4DAB409} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {729350B7-1537-4BD9-800C-4747F4334C0D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2715126414-4153456669-2541334608-1010
Task: {8B0B1CDA-71D1-48E7-A959-E5E3773CB4A5} - System32\Tasks\{A9F987D8-E27B-4A6E-AF95-591274BBCFE1} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {8D9B1BA3-47A8-40DA-BF16-BEE94378AE41} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {8EC55220-8702-49AC-A22D-1920809C22C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {91C39897-7AD6-452A-9089-B91838183D53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.)
Task: {99CE50B9-986C-46A7-B0DB-F48DEE09F083} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {9A2FD0BA-7ABB-4DCF-B0FC-0C513C3C9B3A} - System32\Tasks\{0D305426-792B-4830-AD55-34D63689F52D} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {9E14EB50-1670-438F-9CFE-D6355012E8C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {B13BF095-8749-44B1-BDD1-441F4E7BFFC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-17] (Adobe Systems Incorporated)
Task: {BA83B7BA-EB12-4347-B67A-BAF1C658BAE0} - System32\Tasks\{42B98F6C-E6A1-449C-864F-8840083F92D0} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {BE199766-D48C-4DC1-9550-A18B77B7D460} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {BF24A726-5A9A-4E70-BFBF-DD3F82A8C814} - System32\Tasks\{19667509-9130-4E49-922E-3A85A064D196} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C0F6313F-C440-45B2-8CD7-C7A9DAD819B1} - System32\Tasks\{C26A75A3-8B13-4FA8-9F1E-A1E2761ABEDB} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {C3B15D4E-F036-45FA-B197-E9157035C5C5} - System32\Tasks\{40252C16-B304-4946-A21A-A72C62710961} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe
Task: {C3BA5DA4-6B3E-4D2F-B2B1-E1844B234BFA} - System32\Tasks\{B049F9BB-5F69-4D85-8268-E17D45B6EEBA} => C:\Users\Admin\Downloads\Sony Ericsson PC Suite 2.10.46.exe
Task: {D4CBE930-AE02-4F01-B436-B1B1E2DB499C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {DD8F72FA-2BD2-4376-9223-B2ACAF44D269} - System32\Tasks\{FA0972CC-1C72-4D7D-B73F-EA0731EAA574} => C:\Adobe After Effects CS5.5\Set-up.exe
Task: {E1D0CF52-AE3F-4B90-A040-F7F7DCFFD02B} - System32\Tasks\{E69133B3-03F7-47EA-9DD3-C1E9E8FB0D20} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc.
Bellevue, WA 98007)
Task: {EC0F8BBE-33EC-4DFB-AA57-AF4A72872C88} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {EF70E2A3-ECEE-4200-B9EC-029EFB9A6D83} - System32\Tasks\Installation App Launcher => C:\Program Files (x86)\Lexmark 5600-6600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.)
Task: {F25783B2-2843-4A07-A384-80AD1BF7669B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-02-20 16:29 - 2009-05-14 07:24 - 00045568 _____ () C:\Windows\System32\LXDUPMON.DLL
2014-02-20 16:29 - 2010-02-04 05:40 - 00086016 _____ () C:\Windows\System32\LXDUOEM.DLL
2014-03-06 22:10 - 2009-10-16 12:07 - 00186880 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdudrpp.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-26 18:11 - 2010-02-04 06:10 - 00676520 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
2009-09-17 22:58 - 2009-08-11 04:51 - 00337920 _____ () C:\Windows\System32\OEM\RunCmd_X64.exe
2009-08-26 12:08 - 2009-08-26 13:31 - 00225280 _____ () c:\windows\system32\oem\setEvent.exe
2014-02-20 16:14 - 2009-08-19 20:49 - 01400320 _____ () C:\Windows\system32\lxdudrs64.dll
2014-02-20 16:14 - 2009-08-19 20:49 - 00025600 _____ () C:\Windows\system32\lxducaps64.dll
2014-02-20 16:14 - 2009-08-19 20:39 - 00054784 _____ () C:\Windows\system32\lxducnv464.dll
2014-01-10 06:26 - 2014-01-10 06:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-26 18:11 - 2010-02-04 05:51 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\iptk.dll
2014-02-26 18:11 - 2007-09-06 06:11 - 00151552 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduptp.dll
2014-02-26 18:11 - 2010-02-04 05:52 - 00380928 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
2014-02-26 18:11 - 2010-02-04 05:36 - 00188416 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
2014-02-26 18:11 - 2009-10-16 11:53 - 00073728 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducats.dll
2014-02-26 18:11 - 2010-02-04 05:52 - 01036288 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
2014-02-26 18:11 - 2010-02-04 05:52 - 00081920 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
2014-02-26 18:11 - 2010-02-04 05:35 - 00069632 _____ () C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
2013-12-10 22:06 - 2013-12-10 22:06 - 10683392 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-10 22:06 - 2013-12-10 22:06 - 07741952 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-10 22:06 - 2013-12-10 22:06 - 02248192 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-12-10 22:06 - 2013-12-10 22:06 - 01681408 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-03-03 19:13 - 2014-03-03 19:13 - 00117248 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-03-03 19:13 - 2014-03-03 19:13 - 00231936 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-03-03 19:14 - 2014-03-03 19:14 - 00253440 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-03-03 19:13 - 2014-03-03 19:13 - 00344064 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-10 22:06 - 2013-12-10 22:06 - 00026624 _____ () C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-03-07 14:10 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-03-07 14:10 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2009-03-17 11:39 - 2009-03-17 11:39 - 00148992 _____ () C:\Windows\SysWOW64\OemSpiE.dll
2014-01-10 06:28 - 2014-01-10 06:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: avmike => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: certsrv => 2
MSCONFIG\Services: Creative Audio Engine Licensing Service => 3
MSCONFIG\Services: CTAudSvcService => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gfi_lanss9_attservice => 2
MSCONFIG\Services: GFI_ReportCenter35 => 2
MSCONFIG\Services: Greg_Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAANTMON => 2
MSCONFIG\Services: IGDCTRL => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Lavasoft Ad-Aware Service => 2
MSCONFIG\Services: lxdu_device => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Nero BackItUp Scheduler 4.0 => 3
MSCONFIG\Services: nwtsrv => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: sesvc => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TomTomHOMEService => 3
MSCONFIG\Services: TurboBoost => 3
MSCONFIG\Services: TVersityMediaServer => 2
MSCONFIG\Services: Updater Service => 2
MSCONFIG\Services: VMLiteService => 2
MSCONFIG\Services: WinTabService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartCopy.lnk => C:\Windows\pss\SmartCopy.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartLauncher.lnk => C:\Windows\pss\SmartLauncher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk => C:\Windows\pss\UltraMon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Device Detection => G:\Tools\Lidl_Fotos\dd.exe
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: emsisoft anti-malware => "C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe" /d=60
MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart
MSCONFIG\startupreg: Google Update => "C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: MusicManager => "C:\Users\Admin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: ProfilerU => C:\Program Files\Saitek\SD6\Software\ProfilerU.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Spotify => "C:\Users\Admin\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "D:\Games\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: UnlockerAssistant => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2014 11:10:35 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/22/2014 10:54:12 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/22/2014 09:44:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/22/2014 08:33:11 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 10:00:10 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/21/2014 06:55:47 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 02:55:51 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xmllite.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4df985db
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6904eb55
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (03/21/2014 11:10:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/21/2014 08:10:02 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/21/2014 08:08:30 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (03/22/2014 10:52:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/22/2014 10:52:47 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (03/22/2014 09:43:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/22/2014 09:43:05 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (03/22/2014 08:31:34 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/22/2014 08:31:34 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (03/21/2014 06:54:13 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/21/2014 06:54:13 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.

Error: (03/21/2014 11:09:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (03/21/2014 11:09:15 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht.


Microsoft Office Sessions:
=========================
Error: (12/04/2010 07:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/10/2010 04:07:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 560 seconds with 420 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-01-29 18:49:26.310
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-29 18:49:26.248
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-19 18:31:31.406
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.288
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-19 18:31:31.165
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.949
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:29:18.731
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.921
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-01-16 22:28:18.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 6135.08 MB
Available physical RAM: 4147.68 MB
Total Pagefile: 12268.34 MB
Available Pagefile: 9687.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:117.02 GB) NTFS
Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:220 GB) NTFS
Drive f: (ACER) (Fixed) (Total:366.76 GB) (Free:195.97 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Volume) (Fixed) (Total:274.98 GB) (Free:234.69 GB) NTFS
Drive h: (Games) (Fixed) (Total:275.12 GB) (Free:77.13 GB) NTFS
Drive p: (MS) (Removable) (Total:1.88 GB) (Free:0 GB) FAT
Drive q: (Iomega HDD) (Fixed) (Total:596.17 GB) (Free:358.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 7E8E1FA3)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=367 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=275 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=275 GB) - (Type=OF Extended)

========================================================
Disk: 5 (Size: 2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CBD306F8)

Partition: GPT Partition Type.

==================== End Of Log ============================

Probleme gibt es folgende...

PC hängt sich auf ... es kommt die Meldung Programme können nicht ausgeführt werden...
mit klick auf abbrechen.. verschwinden alle Icons auf dem Desktop und tauchen dann wieder auf...

ich mache danach immer einen Neustart... die arbeiten sind dann aber verloren..:-(

Gruß Vater Sohn

schrauber 23.03.2014 10:04
Haben wir WIndows schonmal mit ner Reparatur Installation beglückt? ICh weiß es gar nicht mehr...

Vater Sohn 23.03.2014 17:19
Hi Schrauber...

also wir haben von der Win7 DVD die Upgrade Installation ausgeführt...
wenn du das meinst...

und ein Tweaking.com Windows Repair... auch.. das war aber vor der Upgrade Aktion..

Gruß Vater Sohn

schrauber 24.03.2014 11:29
So langsam denke ich es wäre die sauberste Lösung einfach mal Daten zu sichern und einmal neu aufzusetzen.

Vater Sohn 30.03.2014 13:52
Hallo Schrauber....

ich denke das ich im Moment noch nicht neu aufsetzen werde...
die letzte tage kam es zu keinen Problemen...

wir haben hier eine 2000 DSL Leitung bei gutem Wetter:eek: das dauert ewig.
ca. Ende das Jahres gibt es Glasfaser, 100Mbit sind schon bestellte :crazy:

da hatte ich das schon eingeplant evtl. mit einer SSD platte..
gibt es eine gute Anleitung wie man sie Daten Perfekt und ohne Verlust sichert..

Gruß Vater Sohn

schrauber 31.03.2014 10:44
gibt es :)

http://www.trojaner-board.de/51262-a...sicherung.html

Vater Sohn 31.03.2014 19:44
Hi Schrauber...
Super.. schau ich mir an...

da steht eine menge Arbeit an..
ich hoffe das, das System solange durchhält !!



Gruß Vater Sohn..

P.S.:
was war denn so auf unserem Rechner los.. damit der so rum zickt.. also so Viren oder Trojanischer.. haben ja doch ne Mengen gemacht.. an was lag es... ?

und nochmal :dankeschoen::dankeschoen::dankeschoen:

schrauber 01.04.2014 12:39
Das meiste war eigentlich nur nervige Adware und so Kram, bissl was stärkeres. Aber im ganzen nix wildes. Was meist bei sowas nervt sind die nachfolgenden Fehler in Windows weil was verbogen wurde :)

Vater Sohn 13.04.2014 17:58
Hi Schrauber..

das mit dem Vm Lite habe ich selbst hin bekommen...
Bei den Netzwerk Einstellungen im VM Lite musste ich nur auf NAT wechseln...
dann ging es..

hab noch ne frage... wie kann ich ein neues Benutzerkonto erstellen?
Ich surf ja immer mit dem Admin Konto und das soll ja nicht so gut sein...
Muss ich alle Programme in einem neuen Benutzer Konto neu installieren oder kann ich die so übernehmen?

hast du eine Anleitung zum erstellen?

Gruß Vater Sohn

schrauber 14.04.2014 14:59
Nee die haste direkt übernommen. Einfach in der Systemsteuerung > Benutzerkonten.


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131