Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Malware - USB Stick wandelt Ordner in Verknüpfungen (https://www.trojaner-board.de/154663-malware-usb-stick-wandelt-ordner-verknuepfungen.html)

Reiselust 02.06.2014 11:16
Malware - USB Stick wandelt Ordner in Verknüpfungen
 
Hallo ihr wunderbaren Helfer des Internetzeitalters :daumenhoc,

Bei der Benutzung eines Internetcafes im Osten Indien habe ich mir über einen USB Stick anscheinend schlimme Backdoor Malware eingefangen und den PC, sowie mehrere eigene Sticks verseucht (anscheinend das selbe Problem, wie bei anderen Benutzern des Forums auch)...
Alle Ordner lassen sich zwar noch öffnen, werden jedoch als Verknüpfung angezeigt (z.B: C:\Windows\system32\cmd.exe /c start uktormgszh.vbe&start explorer Albums&exit).

Aufgrund der extrem abgeschiedenen Lage habe ich gerade nur mobiles Internet - Downloads stellen also eine zeitintensive Aufgabe dar...

Was ich bereits getan habe: Avira Scan - kein Fund, Malwarebites scan - kein Fund, mit USBVaccine Computer und Sticks geimpft.

Die Logfiles von Farbar und Gmer folgen unten.

Schon mal ein riiiiesen Dank im Voraus für eure Hilfe - vor Ort kann ich nicht auf die geringste Hilfe zählen. Wenn es Strom gibt, ist das schon mehr als positiv :lach:


Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Jan (administrator) on NOKIA-3G on 01-06-2014 22:56:42
Running from C:\Users\Jan\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\prldrsrv.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(RapidSolution Software AG) C:\Program Files\Audials\Audials 11\VCDWriter\32\VCDAudioService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Nokia) C:\Program Files\Power Management\NpwrMngr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\WINWORD.EXE
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] => [X]
HKLM\...\Run: [NpwrMngr] => C:\Program Files\Power Management\NpwrMngr.exe [472432 2009-09-29] (Nokia)
HKLM\...\Run: [IgfxExt] => C:\Windows\system32\IgfxExt.exe [174616 2010-09-29] (Intel Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HDPSrv] => C:\Windows\system32\HDPSrv.exe [172032 2009-08-25] ()
HKLM\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\MountPoints2: {1c234fcb-238c-11e3-8c78-002308fd56eb} - Iomega Encryption Utility.exe
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\MountPoints2: {a3c30cd8-2266-11e3-b835-832bfd4a9bb4} - E:\Loader.exe
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\MountPoints2: {e53ad974-d5e4-11e3-9bc5-d99fc36684ac} - D:\NokiaPCIA_Autorun.exe
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
Startup: C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D82A1295CB5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} https://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: Sony Corporation/PMCADownloader - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderHelper - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderLib - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\firebug@software.joehewitt.com.xpi [2013-11-24]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2013-09-20]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-17] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-03-17] (Avira Operations GmbH & Co. KG)
S4 HDPSrv; C:\WINDOWS\system32\HDPSrv.exe [172032 2009-08-25] ()
R2 PrLdrSrv; C:\Windows\system32\PrLdrSrv.exe [11776 2013-09-21] ()
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [111488 2009-09-10] (CSR, plc)
R2 Virtual CDAudio Service; C:\Program Files\Audials\Audials 11\VCDWriter\32\VCDAudioService.exe [179464 2013-12-04] (RapidSolution Software AG)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-22] (Avira Operations GmbH & Co. KG)
R0 EMSC; C:\Windows\System32\DRIVERS\EvMngr.SYS [19824 2009-06-24] ()
R3 GTNDIS62; C:\Windows\System32\DRIVERS\Gtuhs62.sys [159744 2010-04-13] (Option N.V.)
R3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [151552 2010-03-12] (Option N.V.)
R3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2010-02-25] (Option N.V.)
R0 HDFilter; C:\Windows\System32\DRIVERS\HDFilter.sys [20848 2009-07-03] (COMPAL ELECTRONIC INC.)
R3 igd; C:\Windows\System32\DRIVERS\igdkmd32.sys [648832 2010-09-16] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-18] (Intel Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [22184 2013-12-04] (Audials AG)
R3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [35976 2013-12-04] (RapidSolution Software AG)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1760384 2009-08-20] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-22] (Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2013-12-04] (RapidSolution Software AG)
S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-01 22:56 - 2014-06-01 22:57 - 00011853 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-01 22:56 - 2014-06-01 22:56 - 00000000 ____D () C:\FRST
2014-06-01 22:47 - 2014-06-01 22:50 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 19:58 - 2014-06-01 20:05 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:41 - 2014-06-01 18:43 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-06-01 10:49 - 2014-06-01 10:49 - 00000000 ____D () C:\Users\Jan\Desktop\Statistik Hochladen 05 2014
2014-05-30 22:35 - 2014-05-30 22:42 - 00003526 _____ () C:\Windows\DPINST.LOG
2014-05-30 21:26 - 2014-06-01 15:33 - 00000280 _____ () C:\Windows\setupact.log
2014-05-30 21:26 - 2014-05-30 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-20 11:50 - 2014-03-20 15:10 - 00458752 ___SH () C:\ProgramData\uktormgszh.vbe
2014-05-20 11:29 - 2014-06-01 22:49 - 00137220 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-06 14:16 - 2014-05-08 19:50 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems

==================== One Month Modified Files and Folders =======

2014-06-01 22:57 - 2014-06-01 22:56 - 00011853 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-01 22:57 - 2013-09-18 15:03 - 00000000 ____D () C:\Users\Jan\AppData\Local\Temp
2014-06-01 22:56 - 2014-06-01 22:56 - 00000000 ____D () C:\FRST
2014-06-01 22:50 - 2014-06-01 22:47 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 22:49 - 2014-05-20 11:29 - 00137220 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 21:39 - 2013-09-23 08:06 - 00000000 ____D () C:\Users\Karina Derl\Documents\ALLES Nie Mehr Radlos
2014-06-01 21:12 - 2013-09-22 21:18 - 00000000 ____D () C:\Users\Jan\Documents\Sonstige Texte Nie-Mehr-Radlos
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 20:05 - 2014-06-01 19:58 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:43 - 2014-06-01 18:41 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-06-01 15:43 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 15:43 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 15:38 - 2013-09-18 23:23 - 01658526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-01 15:34 - 2013-09-18 23:36 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-01 15:33 - 2014-05-30 21:26 - 00000280 _____ () C:\Windows\setupact.log
2014-06-01 15:28 - 2013-10-08 15:37 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\Temp
2014-06-01 10:49 - 2014-06-01 10:49 - 00000000 ____D () C:\Users\Jan\Desktop\Statistik Hochladen 05 2014
2014-05-30 22:42 - 2014-05-30 22:35 - 00003526 _____ () C:\Windows\DPINST.LOG
2014-05-30 22:23 - 2013-09-20 00:02 - 00000000 ____D () C:\Program Files\Nokia
2014-05-30 21:26 - 2014-05-30 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-30 13:08 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Myanmar
2014-05-30 13:00 - 2014-02-23 20:42 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Thailand
2014-05-26 18:27 - 2013-09-18 23:36 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:04 - 2014-03-26 23:21 - 00000000 ____D () C:\Users\Jan\Documents\Wichtige Dokumente 27.03.14
2014-05-20 18:53 - 2013-09-22 21:17 - 00000000 ____D () C:\Users\Karina Derl\Documents\K a r i n a s  Docs
2014-05-20 15:26 - 2014-04-25 16:49 - 00000000 ____D () C:\Users\Jan\Desktop\Galerie Myanmar
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\DivX
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-05-20 14:55 - 2013-09-21 17:33 - 00000000 ____D () C:\ProgramData\DivX
2014-05-20 14:43 - 2013-09-22 21:15 - 00000000 ____D () C:\Users\Jan\Documents\J a n
2014-05-19 09:45 - 2013-11-09 05:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-08 19:50 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-07 07:40 - 2013-10-09 05:57 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\vlc
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems
2014-05-05 21:37 - 2013-09-20 01:17 - 00000000 ____D () C:\Users\Jan\AppData\Local\ACD Systems

Some content of TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\avgnt.exe
C:\Users\Karina Derl\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 03:00

==================== End Of Log ============================
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014 01
Ran by Jan at 2014-06-01 22:58:40
Running from C:\Users\Jan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ACDSee Pro 6 (HKLM\...\{D40B2C78-30CA-4A8F-A157-C86B491C73AF}) (Version: 6.3.221 - ACD Systems International Inc.)
Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.01 - Adobe Systems)
Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
AIDA64 Extreme Edition v3.20 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Ampps 2.0 (HKLM\...\Ampps_is1) (Version:  - Softaculous Ltd.)
Atheros 802.11 bgn Network Adapter (Version: 1.0.0.0 - Broadcom) Hidden
Atheros 802.11g Network Adapter (HKLM\...\InstallShield_{06A6143C-0703-4946-9E20-355F306ADF11}) (Version: 1.0.0.0 - Broadcom)
Audials (HKLM\...\{9DDE35B3-AAD2-496F-84F0-66F66FCC49F7}) (Version: 11.0.46200.0 - Audials AG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.12 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version:  -  Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kels' Win7 CPL Bonus Pack! (HKLM\...\CPLBonus) (Version: 1.3 - Kelsenellenelvian EverDawn)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60810 (HKLM\...\{70B7F782-CA10-3CAC-98F7-3C748845BD88}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60810 (HKLM\...\{FE695D59-555C-3641-925D-BF65EC37B5D1}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\{DFAA3D2B-7087-464E-823B-738A23C29C27}) (Version: 2.0.50728 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Option WWAN Driver 5.1.37.0 Installer  (HKLM\...\{884BB5CC-108E-41a9-936D-955C999C06A1}_x) (Version: 3.5.1.1140 - Option NV)
Option WWAN Driver 5.1.37.0 Installer (Version: 3.5.1.1140 - Option NV) Hidden
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Power Management (HKLM\...\InstallShield_{C36E5EC0-A87E-4994-844B-1DE75ED22BD8}) (Version: 1.0.0.16C - Nokia)
Power Management (Version: 1.0.0.16C - Nokia) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{60B56C13-56FA-47E9-A5E7-32540117E5FE}) (Version: 5.0.1350.0 - SmartSoft Ltd.)
SmartFTP Client 4.0 Setup Files (remove only) (HKLM\...\SmartFTP Client 4.0 Setup Files) (Version: 4.0 - SmartSoft Ltd)
SMPlayer 0.8.6 (HKLM\...\SMPlayer) (Version: 0.8.6 - Ricardo Villalba)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows 7 Manager (HKLM\...\{92A8D72E-784B-4F09-AC0E-A9E0C1F64D2C}) (Version: 4.3.1 - Yamicsoft)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinHTTrack Website Copier 3.47-27 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

12-05-2014 15:32:12 Geplanter Prüfpunkt
20-05-2014 10:50:30 Geplanter Prüfpunkt
28-05-2014 15:59:44 Geplanter Prüfpunkt
30-05-2014 17:08:43 Installed Hotkey Utility

==================== Hosts content: ==========================

2013-09-18 23:28 - 2013-09-21 11:18 - 00000926 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 acdid.acdsystems.com


==================== Scheduled Tasks (whitelisted) =============

Task: {177023BE-6F80-4FCB-9D73-C0729BF6DEAD} - System32\Tasks\{889FB738-3AD4-4989-B0EF-13387171F078} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {48B66977-17F9-4E69-975A-D20921F93369} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {73D5A2BF-8A59-486B-8A3A-4D12F0E40174} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {80E362B6-D839-4BCB-A7DF-9479A584EBC2} - System32\Tasks\{8A3E7ECB-AB02-4243-90D5-50C3BC3E0E64} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {AD10B1F6-71C8-4F94-A94C-1E968005BB05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B5D249AF-53C5-4932-9079-732735B82AF1} - System32\Tasks\{EA5066EC-FA1B-4041-A39B-A75F69F87CA3} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {BD18EDD1-39D7-4257-869D-0F9B94A20803} - System32\Tasks\{3DD4163B-93EC-4366-942A-FBCD436F5E7D} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {CB74E86E-A362-47DD-B336-0F46E51BC4D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D220DB42-1B65-4DA4-BF3B-98886069DEC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2013-12-11 10:03 - 2013-11-22 09:31 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-09-21 18:21 - 2013-09-21 18:20 - 00011776 _____ () C:\Windows\system32\PrLdrSrv.exe
2013-09-04 16:44 - 2013-09-04 16:44 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-05-18 16:08 - 2014-05-18 16:08 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: HDPSrv => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: TeamViewer8 => 3
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CeEKey => C:\Program Files\Hotkey\CeEKey.exe
MSCONFIG\startupreg: ConMgr => :"C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
MSCONFIG\startupreg: CSRSkype => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2014 03:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 08:58:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:37:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:45:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 10:38:42 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0f974a6e-8a96-4f85-8e4c-8572acfe36bb}

Error: (05/30/2014 09:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 10:13:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 07:00:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 05:14:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 10:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/01/2014 09:45:33 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (06/01/2014 05:31:56 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/01/2014 03:29:25 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/01/2014 03:29:22 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/01/2014 03:29:20 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/01/2014 08:59:10 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (05/31/2014 11:52:45 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (05/31/2014 02:36:35 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (05/31/2014 02:36:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎31.‎05.‎2014 um 14:33:27 unerwartet heruntergefahren.

Error: (05/31/2014 01:22:08 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14


Microsoft Office Sessions:
=========================
Error: (06/01/2014 03:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 08:58:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:37:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:45:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 10:38:42 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0f974a6e-8a96-4f85-8e4c-8572acfe36bb}

Error: (05/30/2014 09:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 10:13:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 07:00:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 05:14:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/29/2014 10:26:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 96%
Total physical RAM: 1014.27 MB
Available physical RAM: 35.98 MB
Total Pagefile: 2383.7 MB
Available Pagefile: 545.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:24.02 GB) NTFS
Drive d: (KLEINSCHATZ) (Removable) (Total:14.89 GB) (Free:7.87 GB) FAT32
Drive f: () (Removable) (Total:29.71 GB) (Free:28.18 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 000D7148)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: E28F0842)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

========================================================
Disk: 2 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-02 15:36:42
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_MMCQE28G8MUP-0VA rev.VAM08L1Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\Jan\AppData\Local\Temp\ugryqpod.sys


---- System - GMER 2.1 ----

SSDT            805CA1BE                                                                                ZwCreateSection
SSDT            805CA1C8                                                                                ZwRequestWaitReplyPort
SSDT            805CA1C3                                                                                ZwSetContextThread
SSDT            805CA1CD                                                                                ZwSetSecurityObject
SSDT            805CA1D2                                                                                ZwSystemDebugControl
SSDT            805CA15F                                                                                ZwTerminateProcess

---- Kernel code sections - GMER 2.1 ----

.text          ntkrnlpa.exe!ZwRollbackComplete + 1441                                                  81C45E95 1 Byte  [06]
.text          ntkrnlpa.exe!KiDispatchInterrupt + 5A2                                                  81C7F522 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text          ntkrnlpa.exe!KeRemoveQueueEx + 11F7                                                      81C8688C 4 Bytes  [BE, A1, 5C, 80]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1553                                                      81C86BE8 4 Bytes  CALL DE6A346E
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1597                                                      81C86C2C 4 Bytes  [C3, A1, 5C, 80]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1613                                                      81C86CA8 4 Bytes  [CD, A1, 5C, 80]
.text          ntkrnlpa.exe!KeRemoveQueueEx + 1667                                                      81C86CFC 4 Bytes  JMP DE6A3F82
.text          ...                                                                                     

---- Devices - GMER 2.1 ----

AttachedDevice  \FileSystem\fastfat \Fat                                                                fltmgr.sys

---- Registry - GMER 2.1 ----

Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice       
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice@Progid  WMP11.AssocFile.CDA
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice       
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice@Progid  WMP11.AssocFile.WMD
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice       
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice@Progid  WMP11.AssocFile.WMS
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice       
Reg            HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice@Progid  WMP11.AssocFile.WMZ

---- EOF - GMER 2.1 ----

schrauber 02.06.2014 12:03
hi,

Zitat:
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 acdid.acdsystems.com
Erstmal bitte die gecrackten programme entfernen, vorher gibt es keinen Support.

Reiselust 02.06.2014 15:09
Hallo Schrauber,

danke für die schnelle Antwort! Ein Bekannter, der mir häufig bei Computerproblemen hilft, hat mir das Netbook in einer Reisepause neu aufgesetzt. Von gecrackten Programmen wusste ich bisher nichts.. Danke also für den Hinweis - wäre mir das bewusst gewesen, hätte ich das wohl besser nicht der Weltöffentlichkeit mitgeteilt ;).

Habe Adobe Reader 11 pro und ACDSee deinstalliert. Sorry für meine Unwissenheit, aber sind das die besagten Programme gewesen?

Unten das neue FRST log


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Jan (administrator) on NOKIA-3G on 02-06-2014 18:35:43
Running from C:\Users\Jan\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\System32\prldrsrv.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Nokia) C:\Program Files\Power Management\NpwrMngr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NpwrMngr] => C:\Program Files\Power Management\NpwrMngr.exe [472432 2009-09-29] (Nokia)
HKLM\...\Run: [IgfxExt] => C:\Windows\system32\IgfxExt.exe [174616 2010-09-29] (Intel Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HDPSrv] => C:\Windows\system32\HDPSrv.exe [172032 2009-08-25] ()
HKLM\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\MountPoints2: {1c234fcb-238c-11e3-8c78-002308fd56eb} - Iomega Encryption Utility.exe
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\MountPoints2: {a3c30cd8-2266-11e3-b835-832bfd4a9bb4} - E:\Loader.exe
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\MountPoints2: {e53ad974-d5e4-11e3-9bc5-d99fc36684ac} - D:\NokiaPCIA_Autorun.exe
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
Startup: C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D82A1295CB5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} https://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Sony Corporation/PMCADownloader - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderHelper - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderLib - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\firebug@software.joehewitt.com.xpi [2013-11-24]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-17] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-03-17] (Avira Operations GmbH & Co. KG)
S4 HDPSrv; C:\WINDOWS\system32\HDPSrv.exe [172032 2009-08-25] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 PrLdrSrv; C:\Windows\system32\PrLdrSrv.exe [11776 2013-09-21] ()
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [111488 2009-09-10] (CSR, plc)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-22] (Avira Operations GmbH & Co. KG)
R0 EMSC; C:\Windows\System32\DRIVERS\EvMngr.SYS [19824 2009-06-24] ()
R3 GTNDIS62; C:\Windows\System32\DRIVERS\Gtuhs62.sys [159744 2010-04-13] (Option N.V.)
R3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [151552 2010-03-12] (Option N.V.)
R3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2010-02-25] (Option N.V.)
R0 HDFilter; C:\Windows\System32\DRIVERS\HDFilter.sys [20848 2009-07-03] (COMPAL ELECTRONIC INC.)
R3 igd; C:\Windows\System32\DRIVERS\igdkmd32.sys [648832 2010-09-16] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-18] (Intel Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [35976 2013-12-04] (RapidSolution Software AG)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1760384 2009-08-20] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-22] (Avira GmbH)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2013-12-04] (RapidSolution Software AG)
S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-02 18:24 - 2014-06-02 18:36 - 00010885 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:56 - 2014-06-02 18:18 - 00001592 _____ () C:\Windows\PFRO.log
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:35 - 2014-06-02 00:35 - 00012980 _____ () C:\ProgramData\361..vbe
2014-06-02 00:14 - 2014-06-02 18:23 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 00:13 - 2014-06-02 00:13 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-02 00:13 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-02 00:13 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-02 00:13 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-01 22:59 - 2014-06-02 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:56 - 2014-06-02 18:35 - 00000000 ____D () C:\FRST
2014-06-01 22:47 - 2014-06-01 22:50 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 19:58 - 2014-06-01 20:05 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:41 - 2014-06-01 18:43 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-06-01 10:49 - 2014-06-01 10:49 - 00000000 ____D () C:\Users\Jan\Desktop\Statistik Hochladen 05 2014
2014-05-30 22:35 - 2014-05-30 22:42 - 00003526 _____ () C:\Windows\DPINST.LOG
2014-05-30 21:26 - 2014-06-02 18:19 - 00000448 _____ () C:\Windows\setupact.log
2014-05-30 21:26 - 2014-05-30 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-20 11:50 - 2014-03-20 15:10 - 00458752 ___SH () C:\ProgramData\uktormgszh.vbe
2014-05-20 11:29 - 2014-06-02 18:25 - 00152192 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-06 14:16 - 2014-05-08 19:50 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems

==================== One Month Modified Files and Folders =======

2014-06-02 18:36 - 2014-06-02 18:24 - 00010885 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-02 18:36 - 2013-09-18 15:03 - 00000000 ____D () C:\Users\Jan\AppData\Local\Temp
2014-06-02 18:35 - 2014-06-01 22:56 - 00000000 ____D () C:\FRST
2014-06-02 18:29 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 18:29 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 18:25 - 2014-05-20 11:29 - 00152192 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 18:25 - 2013-09-18 23:23 - 01658526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 18:23 - 2014-06-02 00:14 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 18:19 - 2014-05-30 21:26 - 00000448 _____ () C:\Windows\setupact.log
2014-06-02 18:19 - 2013-09-19 22:32 - 00111520 _____ () C:\Users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-02 18:19 - 2013-09-18 23:36 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 18:19 - 2013-09-18 23:21 - 00445632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-02 18:18 - 2014-06-02 00:56 - 00001592 _____ () C:\Windows\PFRO.log
2014-06-02 17:02 - 2013-09-20 01:10 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-06-02 17:00 - 2013-09-20 00:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-02 17:00 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-02 16:58 - 2013-09-20 00:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-02 16:03 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Myanmar
2014-06-02 14:27 - 2014-02-23 20:42 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Thailand
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 14:09 - 2013-09-18 23:14 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-02 13:02 - 2013-10-08 15:37 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\Temp
2014-06-02 13:01 - 2013-09-23 08:06 - 00000000 ____D () C:\Users\Karina Derl\Documents\ALLES Nie Mehr Radlos
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:35 - 2014-06-02 00:35 - 00012980 _____ () C:\ProgramData\361..vbe
2014-06-02 00:13 - 2014-06-02 00:13 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-02 00:12 - 2014-06-01 22:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:50 - 2014-06-01 22:47 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 21:12 - 2013-09-22 21:18 - 00000000 ____D () C:\Users\Jan\Documents\Sonstige Texte Nie-Mehr-Radlos
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 20:05 - 2014-06-01 19:58 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:43 - 2014-06-01 18:41 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-06-01 10:49 - 2014-06-01 10:49 - 00000000 ____D () C:\Users\Jan\Desktop\Statistik Hochladen 05 2014
2014-05-30 22:42 - 2014-05-30 22:35 - 00003526 _____ () C:\Windows\DPINST.LOG
2014-05-30 22:23 - 2013-09-20 00:02 - 00000000 ____D () C:\Program Files\Nokia
2014-05-30 21:26 - 2014-05-30 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-26 18:27 - 2013-09-18 23:36 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:04 - 2014-03-26 23:21 - 00000000 ____D () C:\Users\Jan\Documents\Wichtige Dokumente 27.03.14
2014-05-20 18:53 - 2013-09-22 21:17 - 00000000 ____D () C:\Users\Karina Derl\Documents\K a r i n a s  Docs
2014-05-20 15:26 - 2014-04-25 16:49 - 00000000 ____D () C:\Users\Jan\Desktop\Galerie Myanmar
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\DivX
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-05-20 14:55 - 2013-09-21 17:33 - 00000000 ____D () C:\ProgramData\DivX
2014-05-20 14:43 - 2013-09-22 21:15 - 00000000 ____D () C:\Users\Jan\Documents\J a n
2014-05-19 09:45 - 2013-11-09 05:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 07:26 - 2014-06-02 00:13 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-02 00:13 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-06-02 00:13 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-08 19:50 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-07 07:40 - 2013-10-09 05:57 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\vlc
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems
2014-05-05 21:37 - 2013-09-20 01:17 - 00000000 ____D () C:\Users\Jan\AppData\Local\ACD Systems

Some content of TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\avgnt.exe
C:\Users\Jan\AppData\Local\Temp\xxx.exe
C:\Users\Karina Derl\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 03:00

==================== End Of Log ============================
--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014 01
Ran by Jan at 2014-06-02 18:37:01
Running from C:\Users\Jan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
AIDA64 Extreme Edition v3.20 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Ampps 2.0 (HKLM\...\Ampps_is1) (Version:  - Softaculous Ltd.)
Atheros 802.11 bgn Network Adapter (Version: 1.0.0.0 - Broadcom) Hidden
Atheros 802.11g Network Adapter (HKLM\...\InstallShield_{06A6143C-0703-4946-9E20-355F306ADF11}) (Version: 1.0.0.0 - Broadcom)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bluetooth Feature Pack 5.0 (HKLM\...\{0439D13F-C7CD-458A-90DE-44135CBD40B8}) (Version: 5.0.12 - CSR Plc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version:  -  Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kels' Win7 CPL Bonus Pack! (HKLM\...\CPLBonus) (Version: 1.3 - Kelsenellenelvian EverDawn)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60810 (HKLM\...\{70B7F782-CA10-3CAC-98F7-3C748845BD88}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60810 (HKLM\...\{FE695D59-555C-3641-925D-BF65EC37B5D1}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\{DFAA3D2B-7087-464E-823B-738A23C29C27}) (Version: 2.0.50728 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Option WWAN Driver 5.1.37.0 Installer  (HKLM\...\{884BB5CC-108E-41a9-936D-955C999C06A1}_x) (Version: 3.5.1.1140 - Option NV)
Option WWAN Driver 5.1.37.0 Installer (Version: 3.5.1.1140 - Option NV) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Power Management (HKLM\...\InstallShield_{C36E5EC0-A87E-4994-844B-1DE75ED22BD8}) (Version: 1.0.0.16C - Nokia)
Power Management (Version: 1.0.0.16C - Nokia) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{60B56C13-56FA-47E9-A5E7-32540117E5FE}) (Version: 5.0.1350.0 - SmartSoft Ltd.)
SmartFTP Client 4.0 Setup Files (remove only) (HKLM\...\SmartFTP Client 4.0 Setup Files) (Version: 4.0 - SmartSoft Ltd)
SMPlayer 0.8.6 (HKLM\...\SMPlayer) (Version: 0.8.6 - Ricardo Villalba)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows 7 Manager (HKLM\...\{92A8D72E-784B-4F09-AC0E-A9E0C1F64D2C}) (Version: 4.3.1 - Yamicsoft)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinHTTrack Website Copier 3.47-27 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

12-05-2014 15:32:12 Geplanter Prüfpunkt
20-05-2014 10:50:30 Geplanter Prüfpunkt
28-05-2014 15:59:44 Geplanter Prüfpunkt
30-05-2014 17:08:43 Installed Hotkey Utility
02-06-2014 11:24:52 Removed Adobe Acrobat XI Pro.
02-06-2014 11:25:50 Removed Adobe Acrobat XI Pro.
02-06-2014 11:31:15 Removed ACDSee Pro 6.

==================== Hosts content: ==========================

2013-09-18 23:28 - 2013-09-21 11:18 - 00000926 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 acdid.acdsystems.com


==================== Scheduled Tasks (whitelisted) =============

Task: {177023BE-6F80-4FCB-9D73-C0729BF6DEAD} - System32\Tasks\{889FB738-3AD4-4989-B0EF-13387171F078} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {48B66977-17F9-4E69-975A-D20921F93369} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {73D5A2BF-8A59-486B-8A3A-4D12F0E40174} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {80E362B6-D839-4BCB-A7DF-9479A584EBC2} - System32\Tasks\{8A3E7ECB-AB02-4243-90D5-50C3BC3E0E64} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {AD10B1F6-71C8-4F94-A94C-1E968005BB05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B5D249AF-53C5-4932-9079-732735B82AF1} - System32\Tasks\{EA5066EC-FA1B-4041-A39B-A75F69F87CA3} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {BD18EDD1-39D7-4257-869D-0F9B94A20803} - System32\Tasks\{3DD4163B-93EC-4366-942A-FBCD436F5E7D} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {CB74E86E-A362-47DD-B336-0F46E51BC4D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D220DB42-1B65-4DA4-BF3B-98886069DEC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2013-12-11 10:03 - 2013-11-22 09:31 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-09-21 18:21 - 2013-09-21 18:20 - 00011776 _____ () C:\Windows\system32\PrLdrSrv.exe
2013-09-04 16:44 - 2013-09-04 16:44 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: HDPSrv => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: TeamViewer8 => 3
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CeEKey => C:\Program Files\Hotkey\CeEKey.exe
MSCONFIG\startupreg: ConMgr => :"C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
MSCONFIG\startupreg: CSRSkype => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: Atheros AR928X Wireless Network Adapter #2
Description: Atheros AR928X Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2014 06:20:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 02:12:24 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NOKIA-3G)
Description: Die Anwendung oder der Dienst "Virtual CDAudio Service" konnte nicht neu gestartet werden.

Error: (06/02/2014 09:24:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 00:58:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 03:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 08:58:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:37:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:45:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 10:38:42 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0f974a6e-8a96-4f85-8e4c-8572acfe36bb}

Error: (05/30/2014 09:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/02/2014 06:22:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (06/02/2014 06:19:18 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 05:04:45 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 05:04:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/02/2014 01:05:25 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 01:05:08 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 01:04:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 01:04:49 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 09:47:03 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/02/2014 09:38:26 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.


Microsoft Office Sessions:
=========================
Error: (06/02/2014 06:20:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 02:12:24 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NOKIA-3G)
Description: 0VCDAudioService.exeVirtual CDAudio Service03026217812800

Error: (06/02/2014 09:24:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2014 00:58:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 03:35:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/01/2014 08:58:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:37:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/31/2014 02:45:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2014 10:38:42 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0f974a6e-8a96-4f85-8e4c-8572acfe36bb}

Error: (05/30/2014 09:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Percentage of memory in use: 72%
Total physical RAM: 1014.27 MB
Available physical RAM: 279.8 MB
Total Pagefile: 2328.55 MB
Available Pagefile: 1246.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1930.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:25.87 GB) NTFS
Drive d: () (Removable) (Total:14.29 GB) (Free:7.81 GB) FAT32
Drive e: (KLEINSCHATZ) (Removable) (Total:14.89 GB) (Free:7.87 GB) FAT32
Drive f: () (Removable) (Total:29.71 GB) (Free:28.18 GB) FAT32
Drive g: (Karis Chip2) (Removable) (Total:14.83 GB) (Free:3.79 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 000D7148)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (Size: 14 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: E28F0842)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================

schrauber 03.06.2014 10:19
Genau, das waren die Programme :)

Sticks anklemmen und nicht mehr abklemmen:


Panda USB Vaccine - Download - Filepony
Das laufen lassen zum Absichern des Sticks.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Reiselust 03.06.2014 16:42
Hallo Schrauber,

die Sticks sind angeschlossen und geimpft, Combofix durchgelaufen und unten eingefügt.

Liebe Grüße nach Deutschland!

Code:
ComboFix 14-06-03.01 - Jan 03.06.2014  20:41:59.2.2 - x86
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.1014.322 [GMT 5,5:30]
ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-05-03 bis 2014-06-03  ))))))))))))))))))))))))))))))
.
.
2014-06-03 15:27 . 2014-06-03 15:27        --------        d-----w-        c:\users\Jan\AppData\Local\temp
2014-06-03 15:27 . 2014-06-03 15:27        --------        d-----w-        c:\users\Karina Derl\AppData\Local\temp
2014-06-03 15:27 . 2014-06-03 15:27        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-06-02 15:00 . 2014-06-02 15:00        --------        d-----w-        c:\users\Jan\AppData\Local\Adobe
2014-06-01 18:44 . 2014-06-03 14:17        110296        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-01 18:43 . 2014-06-01 18:43        --------        d-----w-        c:\program files\Malwarebytes Anti-Malware
2014-06-01 18:43 . 2014-06-01 18:43        --------        d-----w-        c:\programdata\Malwarebytes
2014-06-01 18:43 . 2014-05-12 01:56        51928        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-06-01 18:43 . 2014-05-12 01:55        74456        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-06-01 18:43 . 2014-05-12 01:55        23256        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-06-01 17:26 . 2014-06-02 13:08        --------        d-----w-        C:\FRST
2014-06-01 14:39 . 2014-06-01 14:39        --------        d-----w-        c:\programdata\Panda Security
2014-06-01 14:39 . 2014-06-01 14:39        --------        d-----w-        c:\program files\Panda USB Vaccine
2014-06-01 13:14 . 2014-06-01 13:14        --------        d-----w-        c:\program files\ESET
2014-05-20 11:45 . 2014-03-20 09:40        458752        --sha-w-        c:\users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe
2014-05-20 06:20 . 2014-03-20 09:40        458752        --sha-w-        c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe
2014-05-20 06:20 . 2014-03-20 09:40        458752        --sha-w-        c:\programdata\uktormgszh.vbe
2014-05-07 16:37 . 2014-05-07 16:37        --------        d-----w-        c:\users\Jan\AppData\Roaming\dvdcss
2014-05-07 13:36 . 2014-05-07 13:36        --------        d-----w-        c:\users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 13:34 . 2014-05-07 13:34        --------        d-----w-        c:\programdata\Installations
2014-05-06 08:46 . 2014-05-08 14:20        --------        d-----w-        c:\users\Karina Derl\AppData\Local\ACD Systems
2014-05-06 08:46 . 2014-05-06 08:46        --------        d-----w-        c:\users\Karina Derl\AppData\Roaming\ACD Systems
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-16 23:02 . 2014-04-26 10:25        8050496        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{8AAF40D9-9DF3-475C-8D3E-D137A6407843}\mpengine.dll
2014-03-31 03:05 . 2013-09-19 11:30        231584        ------w-        c:\windows\system32\MpSigStub.exe
2014-03-31 00:13 . 2014-04-10 20:53        2724864        ----a-w-        c:\windows\system32\mshtml.tlb
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-09-21 14:44        220632        ----a-w-        c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-09-21 14:44        220632        ----a-w-        c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-09-21 14:44        220632        ----a-w-        c:\users\Jan\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-12 13:37        1728216        ----a-w-        c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-12 13:37        1728216        ----a-w-        c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-12 13:37        1728216        ----a-w-        c:\progra~1\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uktormgszh"="wscript.exe" [2013-10-12 141824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NpwrMngr"="c:\program files\Power Management\NpwrMngr.exe" [2009-09-29 472432]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-09-28 137752]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-09-28 350744]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-03-17 689744]
"uktormgszh"="wscript.exe" [2013-10-12 141824]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-05-08 959904]
.
c:\users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
uktormgszh.vbe [2014-3-20 458752]
.
c:\users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
uktormgszh.vbe [2014-3-20 458752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SynchronousMachineGroupPolicy"= 1 (0x1)
"SynchronousUserGroupPolicy"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2014-05-08 13:48        959904        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKey]
2009-09-11 11:46        1598832        ----a-w-        c:\program files\Hotkey\CeEKey.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 07:16        254336        ----a-w-        c:\program files\Common Files\Java\Java Update\jusched.exe
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-01 108032]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
R3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys [2013-12-04 35976]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 24064]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2013-09-28 1343400]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\avwebg7.exe [2014-03-17 1017424]
R4 HDPSrv;HDPSrv;c:\windows\system32\HDPSrv.exe [2009-08-25 172032]
R4 TeamViewer8;TeamViewer 8;c:\program files\TeamViewer\Version8\TeamViewer_Service.exe [2013-09-12 5071712]
S0 EMSC;HDD Protection - Shock Event Driver;c:\windows\system32\DRIVERS\EvMngr.SYS [2009-06-24 19824]
S0 HDFilter;COMPAL HDD Protection - HDD Filter Driver;c:\windows\system32\DRIVERS\HDFilter.sys [2009-07-03 20848]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2013-07-17 16880]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-22 37352]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-03-17 440400]
S2 PrLdrSrv;PrLdrSrv;c:\windows\system32\PrLdrSrv.exe [2013-09-21 11776]
S3 GTNDIS62;GT62 Zero Config Driver;c:\windows\system32\DRIVERS\Gtuhs62.sys [2010-04-13 159744]
S3 GTUHSBUS;GT UHS BUS;c:\windows\system32\DRIVERS\gtuhsbus.sys [2010-03-12 151552]
S3 GTUHSSER;GT UHS SER;c:\windows\system32\DRIVERS\gtuhsser.sys [2010-02-25 8064]
S3 igd;igd;c:\windows\system32\DRIVERS\igdkmd32.sys [2010-09-15 648832]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [2010-03-15 127488]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          SSDPSRV upnphost SCardSvr TBS fdrespub AppIDSvc QWAVE wcncsvc SensrSvc Mcx2Svc
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://google.de/
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.137.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
DPF: {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} - hxxps://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab
FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.032"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.abr"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.apd"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.arw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.bay"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Bitmap"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.bw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda]
@DACL=(02 0000)
@SACL=
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.cr2"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.crw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.cs1"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dcr"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dcx"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
"Progid"="ACDSee Pro 6.dib"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.djv"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.djvu"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.dng"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.emf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.eps"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.erf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.fff"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Gif"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.hdr"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.icn"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.iff"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ilbm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.int"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.inta"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.iw4"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.j2c"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.j2k"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jbr"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jfif"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jif"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jp2"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpc"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Jpeg"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpk"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.jpx"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.kdc"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.lbm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.mef"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.mos"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.mrw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.nef"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.nrw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.orf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pbm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pbr"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pcd"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pct"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pcx"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pef"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pgm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pic"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pict"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Png"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ppm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.psd"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.psp"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pspbrush"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.pspimage"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.raf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ras"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.raw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rgb"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rgba"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rle"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rsb"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rw2"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.rwl"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.sgi"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.sr2"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.srf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.srw"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.tga"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.thm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (S-1-5-21-2975140-3301007226-1780354805-1000)
@Denied: (2) (LocalSystem)
"Progid"="PhotoViewer.FileAssoc.Tiff"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ttc"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.ttf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v60po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.v60po"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v60pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.v60pp"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v60ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.v60ppf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.wbm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.wbmp"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd]
@DACL=(02 0000)
@SACL=
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.wmf"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms]
@DACL=(02 0000)
@SACL=
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz]
@DACL=(02 0000)
@SACL=
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xbm"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xif"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xmp"
.
[HKEY_USERS\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Pro 6.xpm"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-03  21:03:37
ComboFix-quarantined-files.txt  2014-06-03 15:33
ComboFix2.txt  2014-06-03 14:59
.
Vor Suchlauf: 14 Verzeichnis(se), 25.961.476.096 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 25.915.125.760 Bytes frei
.
- - End Of File - - C9513D731A203A59A2CE2ED9ED3963CE
A36C5E4F47E84449FF07ED3517B43A31

schrauber 04.06.2014 12:16
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Reiselust 04.06.2014 14:47
Hallo Schrauber,

Malwarebytes hatte ich bereits auf dem Netbook, seltsamerweise startete es heute nicht mehr. Hab versucht es neu zu installieren, da gab es schon bei der Installation 3 Fehlermeldungen: "Interner Fehler: Expression error 'Runtime Error (at xx:xx). External exception E06D7363. Somit kann ich leider kein log von MBAM schicken... Kann es daran liegen, dass ich gestern einige Windows Updates heruntergeladen habe?
MBAM habe ich gestern nochmal durchlaufen lassen können, da wurde ein Trojaner gefunden. Vorgestern wurde nichts gefunden...

Die anderen Programme liefen. Logs folgen.

Danke für deine Hilfe!

JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Jan on 04.06.2014 at 18:43:01,83
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\drivergenius"



~~~ FireFox

Emptied folder: C:\Users\Jan\AppData\Roaming\mozilla\firefox\profiles\cxq9gu0g.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2014 at 18:49:55,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Adwcleaner

Code:
# AdwCleaner v3.211 - Bericht erstellt am 04/06/2014 um 18:27:56
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : Jan - NOKIA-3G
# Gestartet von : C:\Users\Jan\Desktop\adwcleaner_3.211.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Program Files\GreenTree Applications
Ordner Gefunden : C:\Users\Jan\AppData\Roaming\pdfforge

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\Software\Software

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\prefs.js ]


[ Datei : C:\Users\Karina Derl\AppData\Roaming\Mozilla\Firefox\Profiles\m9jls6bm.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1283 octets] - [04/06/2014 18:27:56]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1343 octets] ##########
Code:
# AdwCleaner v3.211 - Bericht erstellt am 04/06/2014 um 18:36:15
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzername : Jan - NOKIA-3G
# Gestartet von : C:\Users\Jan\Desktop\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files\GreenTree Applications
Ordner Gelöscht : C:\Users\Jan\AppData\Roaming\pdfforge

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\Software

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\prefs.js ]


[ Datei : C:\Users\Karina Derl\AppData\Roaming\Mozilla\Firefox\Profiles\m9jls6bm.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [1423 octets] - [04/06/2014 18:27:56]
AdwCleaner[S0].txt - [1344 octets] - [04/06/2014 18:36:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1404 octets] ##########
FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Jan (administrator) on NOKIA-3G on 04-06-2014 18:56:34
Running from C:\Users\Jan\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\prldrsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Nokia) C:\Program Files\Power Management\NpwrMngr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\Dxpserver.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NpwrMngr] => C:\Program Files\Power Management\NpwrMngr.exe [472432 2009-09-29] (Nokia)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-17] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
Startup: C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D82A1295CB5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} https://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Sony Corporation/PMCADownloader - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderHelper - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderLib - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\firebug@software.joehewitt.com.xpi [2013-11-24]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-03-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-17] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-03-17] (Avira Operations GmbH & Co. KG)
S4 HDPSrv; C:\WINDOWS\system32\HDPSrv.exe [172032 2009-08-25] ()
R2 PrLdrSrv; C:\Windows\system32\PrLdrSrv.exe [11776 2013-09-21] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-22] (Avira Operations GmbH & Co. KG)
R0 EMSC; C:\Windows\System32\DRIVERS\EvMngr.SYS [19824 2009-06-24] ()
R3 GTNDIS62; C:\Windows\System32\DRIVERS\Gtuhs62.sys [159744 2010-04-13] (Option N.V.)
R3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [151552 2010-03-12] (Option N.V.)
R3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2010-02-25] (Option N.V.)
R0 HDFilter; C:\Windows\System32\DRIVERS\HDFilter.sys [20848 2009-07-03] (COMPAL ELECTRONIC INC.)
R3 igd; C:\Windows\System32\DRIVERS\igdkmd32.sys [648832 2010-09-16] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-18] (Intel Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [35976 2013-12-04] (RapidSolution Software AG)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1760384 2009-08-20] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-22] (Avira GmbH)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2013-12-04] (RapidSolution Software AG)
S3 catchme; \??\C:\Users\Jan\AppData\Local\Temp\catchme.sys [X]
S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 18:54 - 2014-06-04 18:56 - 00009963 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-04 18:49 - 2014-06-04 18:49 - 00000812 _____ () C:\Users\Jan\Desktop\JRT.txt
2014-06-04 18:42 - 2014-06-04 18:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 18:27 - 2014-06-04 18:36 - 00000000 ____D () C:\AdwCleaner
2014-06-04 18:25 - 2014-06-04 18:25 - 01016261 _____ (Thisisu) C:\Users\Jan\Desktop\JRT.exe
2014-06-04 18:23 - 2014-06-04 18:23 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-04 18:23 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-04 18:23 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-04 18:23 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-04 18:07 - 2014-06-04 18:07 - 01327971 _____ () C:\Users\Jan\Desktop\adwcleaner_3.211.exe
2014-06-04 11:13 - 2014-06-04 11:13 - 00143104 _____ () C:\Windows\Minidump\060414-23758-01.dmp
2014-06-03 21:52 - 2014-06-03 21:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-03 21:33 - 2014-05-09 12:36 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-03 21:33 - 2014-05-09 12:34 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 21:33 - 2014-04-12 07:40 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-03 21:33 - 2014-04-12 07:40 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-03 21:33 - 2014-04-12 07:36 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-03 21:33 - 2014-04-12 07:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-06-03 21:33 - 2014-04-12 07:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2014-06-03 21:33 - 2014-04-12 07:33 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-06-03 21:33 - 2014-04-12 07:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-03 21:33 - 2014-04-12 06:47 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-06-03 21:33 - 2014-03-04 16:12 - 03974080 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-06-03 21:33 - 2014-03-04 16:12 - 03918784 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-03 21:33 - 2014-03-04 16:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-03 21:33 - 2014-03-04 14:47 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-03 21:32 - 2014-03-25 07:39 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-03 21:14 - 2014-06-03 21:14 - 00032673 _____ () C:\Users\Jan\Desktop\combofix.log
2014-06-03 21:03 - 2014-06-04 18:56 - 00000000 ____D () C:\Users\Jan\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00032673 _____ () C:\ComboFix.txt
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-03 19:50 - 2011-06-26 12:15 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-03 19:50 - 2010-11-07 22:50 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-03 19:50 - 2009-04-20 10:26 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00098816 _____ () C:\Windows\sed.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00080412 _____ () C:\Windows\grep.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00068096 _____ () C:\Windows\zip.exe
2014-06-03 19:49 - 2014-06-03 21:03 - 00000000 ____D () C:\Qoobox
2014-06-03 19:48 - 2014-06-03 20:21 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 19:39 - 2014-06-03 19:40 - 05206532 ____R (Swearware) C:\Users\Jan\Desktop\ComboFix.exe
2014-06-02 20:30 - 2014-06-02 20:30 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe
2014-06-02 20:28 - 2014-06-02 20:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:56 - 2014-06-04 18:38 - 00003536 _____ () C:\Windows\PFRO.log
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:59 - 2014-06-02 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:56 - 2014-06-04 18:56 - 00000000 ____D () C:\FRST
2014-06-01 22:47 - 2014-06-01 22:50 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 19:58 - 2014-06-01 20:05 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:41 - 2014-06-01 18:43 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-05-30 22:35 - 2014-05-30 22:42 - 00003526 _____ () C:\Windows\DPINST.LOG
2014-05-30 21:26 - 2014-06-04 18:38 - 00000784 _____ () C:\Windows\setupact.log
2014-05-30 21:26 - 2014-05-30 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-20 11:50 - 2014-03-20 15:10 - 00458752 ___SH () C:\ProgramData\uktormgszh.vbe
2014-05-20 11:29 - 2014-06-04 18:47 - 00288554 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-06 14:16 - 2014-05-08 19:50 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems

==================== One Month Modified Files and Folders =======

2014-06-04 18:56 - 2014-06-04 18:54 - 00009963 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-04 18:56 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Jan\AppData\Local\temp
2014-06-04 18:56 - 2014-06-01 22:56 - 00000000 ____D () C:\FRST
2014-06-04 18:49 - 2014-06-04 18:49 - 00000812 _____ () C:\Users\Jan\Desktop\JRT.txt
2014-06-04 18:48 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 18:48 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 18:47 - 2014-05-20 11:29 - 00288554 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 18:43 - 2013-09-18 23:23 - 01658526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-04 18:42 - 2014-06-04 18:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 18:39 - 2013-09-18 23:36 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 18:38 - 2014-06-02 00:56 - 00003536 _____ () C:\Windows\PFRO.log
2014-06-04 18:38 - 2014-05-30 21:26 - 00000784 _____ () C:\Windows\setupact.log
2014-06-04 18:36 - 2014-06-04 18:27 - 00000000 ____D () C:\AdwCleaner
2014-06-04 18:25 - 2014-06-04 18:25 - 01016261 _____ (Thisisu) C:\Users\Jan\Desktop\JRT.exe
2014-06-04 18:23 - 2014-06-04 18:23 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-04 18:07 - 2014-06-04 18:07 - 01327971 _____ () C:\Users\Jan\Desktop\adwcleaner_3.211.exe
2014-06-04 14:39 - 2013-09-23 08:06 - 00000000 ____D () C:\Users\Karina Derl\Documents\ALLES Nie Mehr Radlos
2014-06-04 12:30 - 2013-09-22 21:13 - 00000000 ____D () C:\Users\Jan\Documents\Homepage
2014-06-04 12:16 - 2013-09-18 23:15 - 00000000 ____D () C:\Windows\rescache
2014-06-04 11:59 - 2013-09-18 23:14 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-04 11:45 - 2013-09-22 21:13 - 00000000 ____D () C:\Users\Jan\Documents\Anleitungen&Technik
2014-06-04 11:13 - 2014-06-04 11:13 - 00143104 _____ () C:\Windows\Minidump\060414-23758-01.dmp
2014-06-04 11:13 - 2013-09-21 07:52 - 00000000 ____D () C:\Windows\Minidump
2014-06-03 21:52 - 2014-06-03 21:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-03 21:52 - 2013-09-20 00:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-03 21:52 - 2013-09-18 23:27 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-03 21:47 - 2013-09-20 00:12 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 21:14 - 2014-06-03 21:14 - 00032673 _____ () C:\Users\Jan\Desktop\combofix.log
2014-06-03 21:03 - 2014-06-03 21:03 - 00032673 _____ () C:\ComboFix.txt
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 19:49 - 00000000 ____D () C:\Qoobox
2014-06-03 20:57 - 2013-09-18 23:10 - 00000215 _____ () C:\Windows\system.ini
2014-06-03 20:29 - 2013-09-18 23:10 - 00000000 ___RD () C:\Users\Public
2014-06-03 20:29 - 2013-09-18 23:05 - 00000000 ____D () C:\Users\Administrator
2014-06-03 20:21 - 2014-06-03 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 19:40 - 2014-06-03 19:39 - 05206532 ____R (Swearware) C:\Users\Jan\Desktop\ComboFix.exe
2014-06-03 16:45 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Myanmar
2014-06-03 10:14 - 2013-09-20 22:02 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-06-02 20:40 - 2013-09-22 21:18 - 00000000 ____D () C:\Users\Jan\Documents\Sonstige Texte Nie-Mehr-Radlos
2014-06-02 20:30 - 2014-06-02 20:30 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe
2014-06-02 20:28 - 2014-06-02 20:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 20:27 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-02 20:26 - 2013-09-20 00:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-02 20:26 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Adobe
2014-06-02 19:11 - 2013-09-23 01:42 - 00000000 ____D () C:\Program Files\CSR
2014-06-02 19:08 - 2013-09-20 23:40 - 00000000 ____D () C:\Users\Jan\Documents\Bluetooth FTP Share
2014-06-02 18:19 - 2013-09-19 22:32 - 00111520 _____ () C:\Users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-02 18:19 - 2013-09-18 23:21 - 00445632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-02 17:02 - 2013-09-20 01:10 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-06-02 16:58 - 2013-09-20 00:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-02 14:27 - 2014-02-23 20:42 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Thailand
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 00:12 - 2014-06-01 22:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:50 - 2014-06-01 22:47 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 20:05 - 2014-06-01 19:58 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:43 - 2014-06-01 18:41 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-05-30 22:42 - 2014-05-30 22:35 - 00003526 _____ () C:\Windows\DPINST.LOG
2014-05-30 22:23 - 2013-09-20 00:02 - 00000000 ____D () C:\Program Files\Nokia
2014-05-30 21:26 - 2014-05-30 21:26 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-26 18:27 - 2013-09-18 23:36 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:04 - 2014-03-26 23:21 - 00000000 ____D () C:\Users\Jan\Documents\Wichtige Dokumente 27.03.14
2014-05-20 18:53 - 2013-09-22 21:17 - 00000000 ____D () C:\Users\Karina Derl\Documents\K a r i n a s  Docs
2014-05-20 15:26 - 2014-04-25 16:49 - 00000000 ____D () C:\Users\Jan\Desktop\Galerie Myanmar
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-05-20 14:55 - 2013-09-21 17:33 - 00000000 ____D () C:\ProgramData\DivX
2014-05-20 14:43 - 2013-09-22 21:15 - 00000000 ____D () C:\Users\Jan\Documents\J a n
2014-05-19 09:45 - 2013-11-09 05:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 07:26 - 2014-06-04 18:23 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-04 18:23 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-06-04 18:23 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-09 12:36 - 2014-06-03 21:33 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 12:34 - 2014-06-03 21:33 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 19:50 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-07 07:40 - 2013-10-09 05:57 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\vlc
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems
2014-05-05 21:37 - 2013-09-20 01:17 - 00000000 ____D () C:\Users\Jan\AppData\Local\ACD Systems

Some content of TEMP:
====================
C:\Users\Jan\AppData\Local\temp\avgnt.exe
C:\Users\Jan\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 03:00

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014 01
Ran by Jan at 2014-06-04 18:57:49
Running from C:\Users\Jan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
AIDA64 Extreme Edition v3.20 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Ampps 2.0 (HKLM\...\Ampps_is1) (Version:  - Softaculous Ltd.)
Atheros 802.11 bgn Network Adapter (Version: 1.0.0.0 - Broadcom) Hidden
Atheros 802.11g Network Adapter (HKLM\...\InstallShield_{06A6143C-0703-4946-9E20-355F306ADF11}) (Version: 1.0.0.0 - Broadcom)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version:  -  Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kels' Win7 CPL Bonus Pack! (HKLM\...\CPLBonus) (Version: 1.3 - Kelsenellenelvian EverDawn)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60810 (HKLM\...\{70B7F782-CA10-3CAC-98F7-3C748845BD88}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60810 (HKLM\...\{FE695D59-555C-3641-925D-BF65EC37B5D1}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\{DFAA3D2B-7087-464E-823B-738A23C29C27}) (Version: 2.0.50728 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Option WWAN Driver 5.1.37.0 Installer  (HKLM\...\{884BB5CC-108E-41a9-936D-955C999C06A1}_x) (Version: 3.5.1.1140 - Option NV)
Option WWAN Driver 5.1.37.0 Installer (Version: 3.5.1.1140 - Option NV) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Power Management (HKLM\...\InstallShield_{C36E5EC0-A87E-4994-844B-1DE75ED22BD8}) (Version: 1.0.0.16C - Nokia)
Power Management (Version: 1.0.0.16C - Nokia) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{60B56C13-56FA-47E9-A5E7-32540117E5FE}) (Version: 5.0.1350.0 - SmartSoft Ltd.)
SmartFTP Client 4.0 Setup Files (remove only) (HKLM\...\SmartFTP Client 4.0 Setup Files) (Version: 4.0 - SmartSoft Ltd)
SMPlayer 0.8.6 (HKLM\...\SMPlayer) (Version: 0.8.6 - Ricardo Villalba)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows 7 Manager (HKLM\...\{92A8D72E-784B-4F09-AC0E-A9E0C1F64D2C}) (Version: 4.3.1 - Yamicsoft)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinHTTrack Website Copier 3.47-27 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

12-05-2014 15:32:12 Geplanter Prüfpunkt
20-05-2014 10:50:30 Geplanter Prüfpunkt
28-05-2014 15:59:44 Geplanter Prüfpunkt
30-05-2014 17:08:43 Installed Hotkey Utility
02-06-2014 11:24:52 Removed Adobe Acrobat XI Pro.
02-06-2014 11:25:50 Removed Adobe Acrobat XI Pro.
02-06-2014 11:31:15 Removed ACDSee Pro 6.
02-06-2014 13:38:57 Removed Bluetooth Feature Pack 5.0.
03-06-2014 16:04:11 Windows Update

==================== Hosts content: ==========================

2013-09-18 23:28 - 2013-09-21 11:18 - 00000926 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 acdid.acdsystems.com


==================== Scheduled Tasks (whitelisted) =============

Task: {177023BE-6F80-4FCB-9D73-C0729BF6DEAD} - System32\Tasks\{889FB738-3AD4-4989-B0EF-13387171F078} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {48B66977-17F9-4E69-975A-D20921F93369} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {73D5A2BF-8A59-486B-8A3A-4D12F0E40174} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {80E362B6-D839-4BCB-A7DF-9479A584EBC2} - System32\Tasks\{8A3E7ECB-AB02-4243-90D5-50C3BC3E0E64} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {AD10B1F6-71C8-4F94-A94C-1E968005BB05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B5D249AF-53C5-4932-9079-732735B82AF1} - System32\Tasks\{EA5066EC-FA1B-4041-A39B-A75F69F87CA3} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {BD18EDD1-39D7-4257-869D-0F9B94A20803} - System32\Tasks\{3DD4163B-93EC-4366-942A-FBCD436F5E7D} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {CB74E86E-A362-47DD-B336-0F46E51BC4D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D220DB42-1B65-4DA4-BF3B-98886069DEC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2013-12-11 10:03 - 2013-11-22 09:31 - 00394808 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2013-09-21 18:21 - 2013-09-21 18:20 - 00011776 _____ () C:\Windows\system32\PrLdrSrv.exe
2013-09-04 16:44 - 2013-09-04 16:44 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: HDPSrv => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: TeamViewer8 => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CeEKey => C:\Program Files\Hotkey\CeEKey.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: Atheros AR928X Wireless Network Adapter #2
Description: Atheros AR928X Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 75%
Total physical RAM: 1014.27 MB
Available physical RAM: 252.39 MB
Total Pagefile: 2328.55 MB
Available Pagefile: 1384.71 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:23.71 GB) NTFS
Drive d: () (Removable) (Total:14.29 GB) (Free:7.81 GB) FAT32
Drive e: (KLEINSCHATZ) (Removable) (Total:14.89 GB) (Free:7.87 GB) FAT32
Drive f: () (Removable) (Total:29.71 GB) (Free:28.18 GB) FAT32
Drive g: (Karis Chip2) (Removable) (Total:14.83 GB) (Free:3.79 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 000D7148)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: E28F0842)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

========================================================
Disk: 3 (Size: 14 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 4 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 05.06.2014 11:51

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Reiselust 05.06.2014 17:58
Hallo Schrauber,

es hat ein wenig gedauert (2 h allein für den Durchlauf von ESET:kaffee:), aber nun sind die Scans fertig. Ist es richtig, dass sich kein Scan mit den mobilen Datenträgern befasst?

Habe gesehen, dass Java und Flash Player nicht mehr aktuell sind - ist es in Ordnung, die schon mal zu updaten?

Zuerst ESET: Da wurde was gefunden, sieht aber nicht im geringsten nach dem aus, was wir suchen...
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=9d0cd87d3f538a46a10e2f6ea2203fef
# engine=18573
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-05 02:02:22
# local_time=2014-06-05 07:32:22 (+0530, Indien Normalzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 3960 16047069 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2331608 153606332 0 0
# scanned=47
# found=0
# cleaned=0
# scan_time=57
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=9d0cd87d3f538a46a10e2f6ea2203fef
# engine=18573
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-05 03:48:06
# local_time=2014-06-05 09:18:06 (+0530, Indien Normalzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 10305 16053414 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2337953 153612677 0 0
# scanned=173981
# found=29
# cleaned=0
# scan_time=6170
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=1F7DEE9C52555D09D0AEA954E343A0DFD56808A1 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Baja & Los Cabos7th Edition  August 2007\baja--southern-baja_v1_m56577569830496005.pdf"
sh=742E2779C4C5699343B5CA648A4212B7F64E6F49 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Baja & Los Cabos7th Edition  August 2007\baja-directory-transport_v1_m56577569830496000.pdf"
sh=22D9CE8A2D40FD5D7388C7936D0DD70E3F714EAC ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Baja & Los Cabos7th Edition  August 2007\baja-health_v1_m56577569830496001.pdf"
sh=1F931FE9428DE9CA8F7D6C9E536E12187A70455F ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Baja & Los Cabos7th Edition  August 2007\baja-language_v1_m56577569830496002.pdf"
sh=23014054B72ED00C6C02EFE1272502D6AB0B61E5 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Baja & Los Cabos7th Edition  August 2007\baja-los-cabos-planning-information.pdf"
sh=9C2DB04EEFE3B3AEF9E9C60860528BEDC15FBD77 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Baja & Los Cabos7th Edition  August 2007\baja-los-cabos_v1_m56577569830496003.pdf"
sh=D94EA87DAEAAFF45C05EAF899869118D41747621 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Guatemala3rd Edition  September 2007\guatemala-language_v1_m56577569830495601.pdf"
sh=D72F804528514E65FCA251F39E911A332E222FCE ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Honduras & the Bay Islands1st Edition  January 2007\central-honduras_v1_m56577569830489916.pdf"
sh=6811183C79B1FC0C09FE7F2C563EF2F90370CC58 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Honduras & the Bay Islands1st Edition  January 2007\honduras-language_v1_m56577569830489923.pdf"
sh=EBE19B076B3DF1996B4B7E74DB25EFD05A5B7E5E ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Honduras & the Bay Islands1st Edition  January 2007\honduras-the-bay-islands-health_v1_m56577569830489922.pdf"
sh=D397C121074EF254BBD51DD45C2C828A30D6CF12 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-english-mexican-spanish_v1_m56577569830491275.pdf"
sh=DBA40161434FDE348FD738C3A91DC1DDF2305FBF ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-food_v1_m56577569830491278.pdf"
sh=F20E3C17D499A07B2E3E4C425902DC127125F498 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-introduction-tools.pdf"
sh=5DC6D6177D28A0FA897C419FA09FE2AB551AEF29 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-practical_v1_m56577569830491276.pdf"
sh=A7169901307775A0DD42E322659F1C40E7EE261C ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-safe-travel_v1_m56577569830491279.pdf"
sh=AEE906896A01D80E66AD68B4F93CB9599F3F40F8 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-social_v1_m56577569830491277.pdf"
sh=83301AB78D20D3D6BAB4D749C25E1B2C3D1DCCA0 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Mexican Spanish1st Edition  October 2003\mexican-spanish-tools-chapter_v1_m56577569830496009.pdf"
sh=053078673C2AB31ED807622B08282CAAAEE1126B ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Nicaragua & El Salvador1st Edition  October 2006\nic-el-directory_v1_m56577569830489993.pdf"
sh=B390BBFB4539590BE18F19E83395571CE36E2426 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Nicaragua & El Salvador1st Edition  October 2006\nic-el-health_v1_m56577569830489994.pdf"
sh=6A0A7FFB429E2A9067580BFC3141A567844173C8 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Nicaragua & El Salvador1st Edition  October 2006\nicaragua-el-salvador-language_v1_m56577569830489995.pdf"
sh=74979FB80FF91D2767FAE28E94DEAC51A65B97A8 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Panama4th Edition  November 2007\panama-language_v1_m56577569830490020.pdf"
sh=E4C1F167B8F4C5A20B7A15265A55E72DAC7BAF0B ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\Ixtapa-Zihuatanejo_v1_m56577569830490069.pdf"
sh=76CB5263ED85577503BE14321BDED34C9A582FA6 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\pv-acapulco_v1_m56577569830490072.pdf"
sh=E3832F0F19C4195E8BC4A787805216C3EE8D9CE6 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\pv-directory_v1_m56577569830490075.pdf"
sh=B22D563B8DD42FD4DE82BEC0EBB2A2441B373DC1 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\pv-health_v1_m56577569830490076.pdf"
sh=DACB6FBC4E0A53E307F972F4FB70DF7C1295C0AF ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\pv-language_v1_m56577569830490078.pdf"
sh=5D4665612573DC6FEE4E229CBE33B3AC06C16037 ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\pv-mazatlan_v1_m56577569830490062.pdf"
sh=6A202C3BBD455FE25F02FB3C06013EAA20EF2E0A ft=0 fh=0000000000000000 vn="JS/Trackware.ReadNotify.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop\LonelyPlanetKL\Puerto Vallarta & Pacific Mexico2nd Edition  August 2006\pv-nayarit_v1_m56577569830490064.pdf"
Als nächstes SecurityCheck
Code:
Results of screen317's Security Check version 0.99.83 
 Windows 7 Service Pack 1 x86 (UAC is disabled!) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner   
 Java 7 Update 51 
 Java version out of Date!
  Adobe Flash Player        11.9.900.117 Flash Player out of Date! 
 Adobe Reader XI 
 Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
und noch mal FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Jan (administrator) on NOKIA-3G on 05-06-2014 21:56:05
Running from C:\Users\Jan\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\prldrsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Nokia) C:\Program Files\Power Management\NpwrMngr.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NpwrMngr] => C:\Program Files\Power Management\NpwrMngr.exe [472432 2009-09-29] (Nokia)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
Startup: C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D82A1295CB5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} https://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Sony Corporation/PMCADownloader - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderHelper - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderLib - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\firebug@software.joehewitt.com.xpi [2013-11-24]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-06-04] (Avira Operations GmbH & Co. KG)
S4 HDPSrv; C:\WINDOWS\system32\HDPSrv.exe [172032 2009-08-25] ()
R2 PrLdrSrv; C:\Windows\system32\PrLdrSrv.exe [11776 2013-09-21] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-22] (Avira Operations GmbH & Co. KG)
R0 EMSC; C:\Windows\System32\DRIVERS\EvMngr.SYS [19824 2009-06-24] ()
R3 GTNDIS62; C:\Windows\System32\DRIVERS\Gtuhs62.sys [159744 2010-04-13] (Option N.V.)
R3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [151552 2010-03-12] (Option N.V.)
R3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2010-02-25] (Option N.V.)
R0 HDFilter; C:\Windows\System32\DRIVERS\HDFilter.sys [20848 2009-07-03] (COMPAL ELECTRONIC INC.)
R3 igd; C:\Windows\System32\DRIVERS\igdkmd32.sys [648832 2010-09-16] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-18] (Intel Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [35976 2013-12-04] (RapidSolution Software AG)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1760384 2009-08-20] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-22] (Avira GmbH)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2013-12-04] (RapidSolution Software AG)
S3 catchme; \??\C:\Users\Jan\AppData\Local\Temp\catchme.sys [X]
S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-05 21:56 - 2014-06-05 21:56 - 00009892 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-05 16:49 - 2014-06-05 16:49 - 00854367 _____ () C:\Users\Jan\Desktop\SecurityCheck.exe
2014-06-04 18:49 - 2014-06-04 18:49 - 00000812 _____ () C:\Users\Jan\Desktop\JRT.txt
2014-06-04 18:42 - 2014-06-04 18:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 18:27 - 2014-06-04 18:36 - 00000000 ____D () C:\AdwCleaner
2014-06-04 18:25 - 2014-06-04 18:25 - 01016261 _____ (Thisisu) C:\Users\Jan\Desktop\JRT.exe
2014-06-04 18:23 - 2014-06-04 18:23 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-04 18:23 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-04 18:23 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-04 18:23 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-04 18:07 - 2014-06-04 18:07 - 01327971 _____ () C:\Users\Jan\Desktop\adwcleaner_3.211.exe
2014-06-03 21:52 - 2014-06-03 21:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-03 21:33 - 2014-05-09 12:36 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-03 21:33 - 2014-05-09 12:34 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 21:33 - 2014-04-12 07:40 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-03 21:33 - 2014-04-12 07:40 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-03 21:33 - 2014-04-12 07:36 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-03 21:33 - 2014-04-12 07:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-06-03 21:33 - 2014-04-12 07:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2014-06-03 21:33 - 2014-04-12 07:33 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-06-03 21:33 - 2014-04-12 07:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-03 21:33 - 2014-04-12 06:47 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-06-03 21:33 - 2014-03-04 16:12 - 03974080 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-06-03 21:33 - 2014-03-04 16:12 - 03918784 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-03 21:33 - 2014-03-04 16:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-03 21:33 - 2014-03-04 14:47 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-03 21:32 - 2014-03-25 07:39 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-03 21:14 - 2014-06-03 21:14 - 00032673 _____ () C:\Users\Jan\Desktop\combofix.log
2014-06-03 21:03 - 2014-06-05 21:56 - 00000000 ____D () C:\Users\Jan\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00032673 _____ () C:\ComboFix.txt
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-03 19:50 - 2011-06-26 12:15 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-03 19:50 - 2010-11-07 22:50 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-03 19:50 - 2009-04-20 10:26 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00098816 _____ () C:\Windows\sed.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00080412 _____ () C:\Windows\grep.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00068096 _____ () C:\Windows\zip.exe
2014-06-03 19:49 - 2014-06-03 21:03 - 00000000 ____D () C:\Qoobox
2014-06-03 19:48 - 2014-06-03 20:21 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 19:39 - 2014-06-03 19:40 - 05206532 ____R (Swearware) C:\Users\Jan\Desktop\ComboFix.exe
2014-06-02 20:30 - 2014-06-02 20:30 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe
2014-06-02 20:28 - 2014-06-02 20:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:59 - 2014-06-02 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:56 - 2014-06-05 21:56 - 00000000 ____D () C:\FRST
2014-06-01 22:47 - 2014-06-01 22:50 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 19:58 - 2014-06-01 20:05 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:41 - 2014-06-01 18:43 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-20 11:50 - 2014-03-20 15:10 - 00458752 ___SH () C:\ProgramData\uktormgszh.vbe
2014-05-20 11:29 - 2014-06-05 21:55 - 00305723 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-06 14:16 - 2014-05-08 19:50 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems

==================== One Month Modified Files and Folders =======

2014-06-05 21:56 - 2014-06-05 21:56 - 00009892 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-05 21:56 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Jan\AppData\Local\temp
2014-06-05 21:56 - 2014-06-01 22:56 - 00000000 ____D () C:\FRST
2014-06-05 21:55 - 2014-05-20 11:29 - 00305723 _____ () C:\Windows\WindowsUpdate.log
2014-06-05 19:33 - 2013-09-21 07:52 - 00000000 ____D () C:\Windows\Minidump
2014-06-05 17:12 - 2013-09-18 23:23 - 01658526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-05 16:49 - 2014-06-05 16:49 - 00854367 _____ () C:\Users\Jan\Desktop\SecurityCheck.exe
2014-06-05 16:45 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-05 16:45 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-05 16:36 - 2013-09-18 23:36 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 12:29 - 2013-09-23 08:06 - 00000000 ____D () C:\Users\Karina Derl\Documents\ALLES Nie Mehr Radlos
2014-06-04 23:57 - 2013-12-11 10:03 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-04 23:57 - 2013-12-11 10:03 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-04 18:49 - 2014-06-04 18:49 - 00000812 _____ () C:\Users\Jan\Desktop\JRT.txt
2014-06-04 18:42 - 2014-06-04 18:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 18:36 - 2014-06-04 18:27 - 00000000 ____D () C:\AdwCleaner
2014-06-04 18:25 - 2014-06-04 18:25 - 01016261 _____ (Thisisu) C:\Users\Jan\Desktop\JRT.exe
2014-06-04 18:23 - 2014-06-04 18:23 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-04 18:23 - 2014-06-04 18:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-04 18:07 - 2014-06-04 18:07 - 01327971 _____ () C:\Users\Jan\Desktop\adwcleaner_3.211.exe
2014-06-04 12:30 - 2013-09-22 21:13 - 00000000 ____D () C:\Users\Jan\Documents\Homepage
2014-06-04 12:16 - 2013-09-18 23:15 - 00000000 ____D () C:\Windows\rescache
2014-06-04 11:59 - 2013-09-18 23:14 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-04 11:45 - 2013-09-22 21:13 - 00000000 ____D () C:\Users\Jan\Documents\Anleitungen&Technik
2014-06-03 21:52 - 2014-06-03 21:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-03 21:52 - 2013-09-20 00:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-03 21:52 - 2013-09-18 23:27 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-03 21:47 - 2013-09-20 00:12 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 21:14 - 2014-06-03 21:14 - 00032673 _____ () C:\Users\Jan\Desktop\combofix.log
2014-06-03 21:03 - 2014-06-03 21:03 - 00032673 _____ () C:\ComboFix.txt
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 19:49 - 00000000 ____D () C:\Qoobox
2014-06-03 20:57 - 2013-09-18 23:10 - 00000215 _____ () C:\Windows\system.ini
2014-06-03 20:29 - 2013-09-18 23:10 - 00000000 ___RD () C:\Users\Public
2014-06-03 20:29 - 2013-09-18 23:05 - 00000000 ____D () C:\Users\Administrator
2014-06-03 20:21 - 2014-06-03 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 19:40 - 2014-06-03 19:39 - 05206532 ____R (Swearware) C:\Users\Jan\Desktop\ComboFix.exe
2014-06-03 16:45 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Myanmar
2014-06-03 10:14 - 2013-09-20 22:02 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-06-02 20:40 - 2013-09-22 21:18 - 00000000 ____D () C:\Users\Jan\Documents\Sonstige Texte Nie-Mehr-Radlos
2014-06-02 20:30 - 2014-06-02 20:30 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe
2014-06-02 20:28 - 2014-06-02 20:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 20:27 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-02 20:26 - 2013-09-20 00:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-02 20:26 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Adobe
2014-06-02 19:11 - 2013-09-23 01:42 - 00000000 ____D () C:\Program Files\CSR
2014-06-02 19:08 - 2013-09-20 23:40 - 00000000 ____D () C:\Users\Jan\Documents\Bluetooth FTP Share
2014-06-02 18:19 - 2013-09-19 22:32 - 00111520 _____ () C:\Users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-02 18:19 - 2013-09-18 23:21 - 00445632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-02 17:02 - 2013-09-20 01:10 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-06-02 16:58 - 2013-09-20 00:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-02 14:27 - 2014-02-23 20:42 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Thailand
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 00:12 - 2014-06-01 22:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:50 - 2014-06-01 22:47 - 01058304 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 20:05 - 2014-06-01 19:58 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:44 - 2014-06-01 18:44 - 00000000 ____D () C:\Program Files\ESET
2014-06-01 18:43 - 2014-06-01 18:41 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-05-30 22:23 - 2013-09-20 00:02 - 00000000 ____D () C:\Program Files\Nokia
2014-05-30 20:20 - 2014-05-30 20:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-05-26 18:27 - 2013-09-18 23:36 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:04 - 2014-03-26 23:21 - 00000000 ____D () C:\Users\Jan\Documents\Wichtige Dokumente 27.03.14
2014-05-20 18:53 - 2013-09-22 21:17 - 00000000 ____D () C:\Users\Karina Derl\Documents\K a r i n a s  Docs
2014-05-20 15:26 - 2014-04-25 16:49 - 00000000 ____D () C:\Users\Jan\Desktop\Galerie Myanmar
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-05-20 14:55 - 2013-09-21 17:33 - 00000000 ____D () C:\ProgramData\DivX
2014-05-20 14:43 - 2013-09-22 21:15 - 00000000 ____D () C:\Users\Jan\Documents\J a n
2014-05-19 09:45 - 2013-11-09 05:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-12 07:26 - 2014-06-04 18:23 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-04 18:23 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-06-04 18:23 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-09 12:36 - 2014-06-03 21:33 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 12:34 - 2014-06-03 21:33 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 19:50 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-07 07:40 - 2013-10-09 05:57 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\vlc
2014-05-06 14:16 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\ACD Systems

Some content of TEMP:
====================
C:\Users\Jan\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 03:00

==================== End Of Log ============================
--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014 01
Ran by Jan at 2014-06-05 21:57:49
Running from C:\Users\Jan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.8.800.174 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
AIDA64 Extreme Edition v3.20 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Ampps 2.0 (HKLM\...\Ampps_is1) (Version:  - Softaculous Ltd.)
Atheros 802.11 bgn Network Adapter (Version: 1.0.0.0 - Broadcom) Hidden
Atheros 802.11g Network Adapter (HKLM\...\InstallShield_{06A6143C-0703-4946-9E20-355F306ADF11}) (Version: 1.0.0.0 - Broadcom)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version:  -  Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kels' Win7 CPL Bonus Pack! (HKLM\...\CPLBonus) (Version: 1.3 - Kelsenellenelvian EverDawn)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60810 (HKLM\...\{70B7F782-CA10-3CAC-98F7-3C748845BD88}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60810 (HKLM\...\{FE695D59-555C-3641-925D-BF65EC37B5D1}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\{DFAA3D2B-7087-464E-823B-738A23C29C27}) (Version: 2.0.50728 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Option WWAN Driver 5.1.37.0 Installer  (HKLM\...\{884BB5CC-108E-41a9-936D-955C999C06A1}_x) (Version: 3.5.1.1140 - Option NV)
Option WWAN Driver 5.1.37.0 Installer (Version: 3.5.1.1140 - Option NV) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Power Management (HKLM\...\InstallShield_{C36E5EC0-A87E-4994-844B-1DE75ED22BD8}) (Version: 1.0.0.16C - Nokia)
Power Management (Version: 1.0.0.16C - Nokia) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{60B56C13-56FA-47E9-A5E7-32540117E5FE}) (Version: 5.0.1350.0 - SmartSoft Ltd.)
SmartFTP Client 4.0 Setup Files (remove only) (HKLM\...\SmartFTP Client 4.0 Setup Files) (Version: 4.0 - SmartSoft Ltd)
SMPlayer 0.8.6 (HKLM\...\SMPlayer) (Version: 0.8.6 - Ricardo Villalba)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows 7 Manager (HKLM\...\{92A8D72E-784B-4F09-AC0E-A9E0C1F64D2C}) (Version: 4.3.1 - Yamicsoft)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinHTTrack Website Copier 3.47-27 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

12-05-2014 15:32:12 Geplanter Prüfpunkt
20-05-2014 10:50:30 Geplanter Prüfpunkt
28-05-2014 15:59:44 Geplanter Prüfpunkt
30-05-2014 17:08:43 Installed Hotkey Utility
02-06-2014 11:24:52 Removed Adobe Acrobat XI Pro.
02-06-2014 11:25:50 Removed Adobe Acrobat XI Pro.
02-06-2014 11:31:15 Removed ACDSee Pro 6.
02-06-2014 13:38:57 Removed Bluetooth Feature Pack 5.0.
03-06-2014 16:04:11 Windows Update

==================== Hosts content: ==========================

2013-09-18 23:28 - 2013-09-21 11:18 - 00000926 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 acdid.acdsystems.com


==================== Scheduled Tasks (whitelisted) =============

Task: {177023BE-6F80-4FCB-9D73-C0729BF6DEAD} - System32\Tasks\{889FB738-3AD4-4989-B0EF-13387171F078} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {48B66977-17F9-4E69-975A-D20921F93369} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {73D5A2BF-8A59-486B-8A3A-4D12F0E40174} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {80E362B6-D839-4BCB-A7DF-9479A584EBC2} - System32\Tasks\{8A3E7ECB-AB02-4243-90D5-50C3BC3E0E64} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {AD10B1F6-71C8-4F94-A94C-1E968005BB05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B5D249AF-53C5-4932-9079-732735B82AF1} - System32\Tasks\{EA5066EC-FA1B-4041-A39B-A75F69F87CA3} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {BD18EDD1-39D7-4257-869D-0F9B94A20803} - System32\Tasks\{3DD4163B-93EC-4366-942A-FBCD436F5E7D} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {CB74E86E-A362-47DD-B336-0F46E51BC4D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D220DB42-1B65-4DA4-BF3B-98886069DEC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2013-09-21 18:21 - 2013-09-21 18:20 - 00011776 _____ () C:\Windows\system32\PrLdrSrv.exe
2013-09-04 16:44 - 2013-09-04 16:44 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-07-27 13:51 - 2013-07-27 13:51 - 01589248 _____ () C:\Program Files\Notepad++\plugins\DSpellCheck.dll
2011-07-19 02:37 - 2011-07-19 02:37 - 00014336 _____ () C:\Program Files\Notepad++\plugins\NppExport.dll
2011-09-22 02:16 - 2011-09-22 02:16 - 01673728 _____ () C:\Program Files\Notepad++\plugins\NppFTP.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: HDPSrv => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: TeamViewer8 => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: CeEKey => C:\Program Files\Hotkey\CeEKey.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: Atheros AR928X Wireless Network Adapter #2
Description: Atheros AR928X Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2014 04:48:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x40660000
ID des fehlerhaften Prozesses: 0xc88
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (06/05/2014 04:38:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 00:42:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 00:34:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xd88
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (06/05/2014 00:34:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xb64
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (06/05/2014 00:31:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 10:41:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xbe4
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (06/04/2014 10:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc6b7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x009c0001
ID des fehlerhaften Prozesses: 0xa04
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3


System errors:
=============
Error: (06/05/2014 04:41:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR2 gefunden.

Error: (06/05/2014 04:41:44 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR2 gefunden.

Error: (06/05/2014 04:41:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR2 gefunden.

Error: (06/05/2014 04:41:43 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR2 gefunden.

Error: (06/05/2014 04:41:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR2 gefunden.

Error: (06/05/2014 04:40:47 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/05/2014 04:37:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (06/05/2014 03:09:59 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/05/2014 06:22:40 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (06/05/2014 00:43:37 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom


Microsoft Office Sessions:
=========================
Error: (06/05/2014 04:48:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1652153114399unknown0.0.0.000000000c000000540660000c8801cf80af6c17e3b9C:\Program Files\Internet Explorer\iexplore.exeunknown14be2dcf-eca3-11e3-b6f0-dd9b96ffbcb1

Error: (06/05/2014 04:38:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 00:42:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 00:34:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd8801cf8027cf6f7ce4C:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll0d767c0f-ec1b-11e3-9b51-9f335c85cd9b

Error: (06/05/2014 00:34:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdb6401cf8027c2c56aafC:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll02363b04-ec1b-11e3-9b51-9f335c85cd9b

Error: (06/05/2014 00:31:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2014 10:41:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdbe401cf8018030d03b6C:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll41e31a98-ec0b-11e3-bd59-e617ec202bed

Error: (06/04/2014 10:40:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c0000005009c0001a0401cf8017ccc924f7C:\Windows\system32\DllHost.exeunknown2ec76ec5-ec0b-11e3-bd59-e617ec202bed


==================== Memory info ===========================

Percentage of memory in use: 78%
Total physical RAM: 1014.27 MB
Available physical RAM: 219.25 MB
Total Pagefile: 2328.55 MB
Available Pagefile: 1334.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:23.02 GB) NTFS
Drive d: () (Removable) (Total:14.29 GB) (Free:7.81 GB) FAT32
Drive e: (KLEINSCHATZ) (Removable) (Total:14.89 GB) (Free:7.87 GB) FAT32
Drive f: () (Removable) (Total:29.71 GB) (Free:28.18 GB) FAT32
Drive g: (Karis Chip2) (Removable) (Total:14.83 GB) (Free:3.79 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 000D7148)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: E28F0842)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

========================================================
Disk: 3 (Size: 14 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 4 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 06.06.2014 11:51
Kannste updaten. Der ESET Onlinescan ist extra für die andern Medien, steht sogar dabei.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
Startup: C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
C:\ProgramData\uktormgszh.vbe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST log bitte.

Reiselust 06.06.2014 14:09
Hallo Schrauber,

das Log ist erstellt und Farbar fix durchgeführt. Das "Stickproblem" besteht unverändert.

- Was soll ich mit den 29 Funden des ESET machen?
- Gibt es einen Trick, wie ich MBAM wieder zum Laufen bekomme?
- Seit gestern erhielt ich zwei Mal die Meldung "Com Surrogate" funktioniert nicht mehr. Ist das bedenklich?

Wie immer vielen Dank für die Hilfe!
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:06-06-2014
Ran by Jan at 2014-06-06 18:17:34 Run:1
Running from C:\Users\Jan\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKLM\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\...\Run: [uktormgszh] => wscript.exe //B "C:\ProgramData\uktormgszh.vbe"
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
Startup: C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe ()
C:\ProgramData\uktormgszh.vbe
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\uktormgszh => value deleted successfully.
HKU\S-1-5-21-2975140-3301007226-1780354805-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uktormgszh => value deleted successfully.
C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe => Moved successfully.
C:\Users\Karina Derl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\uktormgszh.vbe => Moved successfully.
Could not move "C:\ProgramData\uktormgszh.vbe" => Scheduled to move on reboot.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-06-06 18:19:03)<=

C:\ProgramData\uktormgszh.vbe => Is moved successfully.

==== End of Fixlog ====

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-06-2014
Ran by Jan (administrator) on NOKIA-3G on 06-06-2014 18:22:08
Running from C:\Users\Jan\Desktop
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\System32\prldrsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Nokia) C:\Program Files\Power Management\NpwrMngr.exe
(Panda Security) C:\Program Files\Panda USB Vaccine\USBVaccine.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(COMPAL ELECTRONIC INC.) C:\Program Files\Hotkey\CeEKey.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NpwrMngr] => C:\Program Files\Power Management\NpwrMngr.exe [472432 2009-09-29] (Nokia)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-06-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [CeEKey] => C:\Program Files\Hotkey\CeEKey.exe [1598832 2009-09-11] (COMPAL ELECTRONIC INC.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4D82A1295CB5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.15.0.cab
DPF: {FFA7A955-5A33-42F7-A77B-8E46AE2FAA64} https://www.playmemoriescameraapps.com/portal/PMCA/PMCADownloader.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.137.1

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Sony Corporation/PMCADownloader - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\npPMCADownloader.dll (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderHelper - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderHelper.exe (Sony Network Entertainment International LLC)
FF Plugin: Sony Corporation/PMCADownloaderLib - C:\ProgramData\Sony Corporation\PMCADownloader\1.1.1975.475\PMCADownloaderLib.dll (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\firebug@software.joehewitt.com.xpi [2013-11-24]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\cxq9gu0g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]

========================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-06-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-06-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-06-04] (Avira Operations GmbH & Co. KG)
S4 HDPSrv; C:\WINDOWS\system32\HDPSrv.exe [172032 2009-08-25] ()
R2 PrLdrSrv; C:\Windows\system32\PrLdrSrv.exe [11776 2013-09-21] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-22] (Avira Operations GmbH & Co. KG)
R0 EMSC; C:\Windows\System32\DRIVERS\EvMngr.SYS [19824 2009-06-24] ()
R3 GTNDIS62; C:\Windows\System32\DRIVERS\Gtuhs62.sys [159744 2010-04-13] (Option N.V.)
R3 GTUHSBUS; C:\Windows\System32\DRIVERS\gtuhsbus.sys [151552 2010-03-12] (Option N.V.)
R3 GTUHSSER; C:\Windows\System32\DRIVERS\gtuhsser.sys [8064 2010-02-25] (Option N.V.)
R0 HDFilter; C:\Windows\System32\DRIVERS\HDFilter.sys [20848 2009-07-03] (COMPAL ELECTRONIC INC.)
R3 igd; C:\Windows\System32\DRIVERS\igdkmd32.sys [648832 2010-09-16] (Intel Corporation)
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2013-07-18] (Intel Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-02] (COMPAL ELECTRONIC INC.)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [35976 2013-12-04] (RapidSolution Software AG)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1760384 2009-08-20] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-22] (Avira GmbH)
S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2013-12-04] (RapidSolution Software AG)
S3 AIDA64Driver; \??\C:\Program Files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 [X]
S3 catchme; \??\C:\Users\Jan\AppData\Local\Temp\catchme.sys [X]
S3 cpudrv; \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-06 18:22 - 2014-06-06 18:23 - 00010210 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-06 18:17 - 2014-06-06 18:17 - 00000000 ____D () C:\Users\Jan\Desktop\FRST-OlderVersion
2014-06-06 00:55 - 2014-06-06 00:55 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe
2014-06-06 00:53 - 2014-06-06 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-06 00:40 - 2014-06-06 00:41 - 00001664 _____ () C:\Windows\DPINST.LOG
2014-06-05 23:42 - 2014-06-05 23:42 - 00143152 _____ () C:\Windows\Minidump\060514-28626-01.dmp
2014-06-05 23:29 - 2014-06-05 23:29 - 00143152 _____ () C:\Windows\Minidump\060514-20373-01.dmp
2014-06-05 23:29 - 2014-06-05 23:29 - 00001208 _____ () C:\Windows\PFRO.log
2014-06-05 23:24 - 2014-06-06 18:18 - 00000280 _____ () C:\Windows\setupact.log
2014-06-05 23:24 - 2014-06-05 23:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-05 23:14 - 2014-06-05 23:14 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2014-06-05 23:14 - 2014-06-05 23:14 - 00000000 ____D () C:\Users\Jan\AppData\Local\eSupport.com
2014-06-05 22:45 - 2014-06-05 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-05 22:45 - 2014-06-05 22:45 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-05 22:45 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-05 22:45 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-05 22:45 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-05 22:45 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-05 22:44 - 2014-06-05 22:45 - 00004591 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-05 16:49 - 2014-06-05 16:49 - 00854367 _____ () C:\Users\Jan\Desktop\SecurityCheck.exe
2014-06-04 18:49 - 2014-06-04 18:49 - 00000812 _____ () C:\Users\Jan\Desktop\JRT.txt
2014-06-04 18:42 - 2014-06-04 18:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 18:27 - 2014-06-04 18:36 - 00000000 ____D () C:\AdwCleaner
2014-06-04 18:25 - 2014-06-04 18:25 - 01016261 _____ (Thisisu) C:\Users\Jan\Desktop\JRT.exe
2014-06-04 18:07 - 2014-06-04 18:07 - 01327971 _____ () C:\Users\Jan\Desktop\adwcleaner_3.211.exe
2014-06-03 21:52 - 2014-06-03 21:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-03 21:33 - 2014-05-09 12:36 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-03 21:33 - 2014-05-09 12:34 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-03 21:33 - 2014-04-12 07:40 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-03 21:33 - 2014-04-12 07:40 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-03 21:33 - 2014-04-12 07:36 - 01060352 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-03 21:33 - 2014-04-12 07:36 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-06-03 21:33 - 2014-04-12 07:36 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-03 21:33 - 2014-04-12 07:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-06-03 21:33 - 2014-04-12 07:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2014-06-03 21:33 - 2014-04-12 07:33 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-06-03 21:33 - 2014-04-12 07:33 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-03 21:33 - 2014-04-12 06:47 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-06-03 21:33 - 2014-03-04 16:12 - 03974080 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-06-03 21:33 - 2014-03-04 16:12 - 03918784 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-03 21:33 - 2014-03-04 16:09 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-03 21:33 - 2014-03-04 16:09 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-03 21:33 - 2014-03-04 14:47 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-03 21:33 - 2014-03-04 14:47 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-03 21:32 - 2014-03-25 07:39 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-03 21:14 - 2014-06-03 21:14 - 00032673 _____ () C:\Users\Jan\Desktop\combofix.log
2014-06-03 21:03 - 2014-06-06 18:23 - 00000000 ____D () C:\Users\Jan\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00032673 _____ () C:\ComboFix.txt
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-03 19:50 - 2011-06-26 12:15 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-03 19:50 - 2010-11-07 22:50 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-03 19:50 - 2009-04-20 10:26 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00098816 _____ () C:\Windows\sed.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00080412 _____ () C:\Windows\grep.exe
2014-06-03 19:50 - 2000-08-31 05:30 - 00068096 _____ () C:\Windows\zip.exe
2014-06-03 19:49 - 2014-06-03 21:03 - 00000000 ____D () C:\Qoobox
2014-06-03 19:48 - 2014-06-03 20:21 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 19:39 - 2014-06-03 19:40 - 05206532 ____R (Swearware) C:\Users\Jan\Desktop\ComboFix.exe
2014-06-02 20:28 - 2014-06-02 20:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-01 22:59 - 2014-06-02 00:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 22:56 - 2014-06-06 18:22 - 00000000 ____D () C:\FRST
2014-06-01 22:47 - 2014-06-06 18:17 - 01063424 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 19:58 - 2014-06-01 20:05 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:41 - 2014-06-01 18:43 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-05-20 11:29 - 2014-06-06 18:17 - 00328843 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations

==================== One Month Modified Files and Folders =======

2014-06-06 18:23 - 2014-06-06 18:22 - 00010210 _____ () C:\Users\Jan\Desktop\FRST.txt
2014-06-06 18:23 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Jan\AppData\Local\temp
2014-06-06 18:23 - 2013-09-18 23:23 - 01658526 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-06 18:22 - 2014-06-01 22:56 - 00000000 ____D () C:\FRST
2014-06-06 18:18 - 2014-06-05 23:24 - 00000280 _____ () C:\Windows\setupact.log
2014-06-06 18:18 - 2013-09-18 23:36 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-06 18:17 - 2014-06-06 18:17 - 00000000 ____D () C:\Users\Jan\Desktop\FRST-OlderVersion
2014-06-06 18:17 - 2014-06-01 22:47 - 01063424 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe
2014-06-06 18:17 - 2014-05-20 11:29 - 00328843 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 18:17 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 18:17 - 2013-09-18 23:21 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 15:42 - 2013-09-23 08:06 - 00000000 ____D () C:\Users\Karina Derl\Documents\ALLES Nie Mehr Radlos
2014-06-06 12:18 - 2014-04-25 16:48 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Myanmar
2014-06-06 00:55 - 2014-06-06 00:55 - 00000000 ____D () C:\Users\Jan\AppData\Local\Adobe
2014-06-06 00:53 - 2014-06-06 00:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-06 00:41 - 2014-06-06 00:40 - 00001664 _____ () C:\Windows\DPINST.LOG
2014-06-05 23:42 - 2014-06-05 23:42 - 00143152 _____ () C:\Windows\Minidump\060514-28626-01.dmp
2014-06-05 23:42 - 2013-09-21 07:52 - 00000000 ____D () C:\Windows\Minidump
2014-06-05 23:29 - 2014-06-05 23:29 - 00143152 _____ () C:\Windows\Minidump\060514-20373-01.dmp
2014-06-05 23:29 - 2014-06-05 23:29 - 00001208 _____ () C:\Windows\PFRO.log
2014-06-05 23:24 - 2014-06-05 23:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-05 23:14 - 2014-06-05 23:14 - 00023456 _____ (Phoenix Technologies) C:\Windows\system32\Drivers\DrvAgent32.sys
2014-06-05 23:14 - 2014-06-05 23:14 - 00000000 ____D () C:\Users\Jan\AppData\Local\eSupport.com
2014-06-05 22:56 - 2013-09-20 04:20 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-05 22:56 - 2013-09-20 04:20 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-05 22:46 - 2013-09-20 04:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-05 22:45 - 2014-06-05 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-05 22:45 - 2014-06-05 22:45 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-05 22:45 - 2014-06-05 22:44 - 00004591 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log
2014-06-05 22:45 - 2013-09-20 04:18 - 00000000 ____D () C:\Program Files\Java
2014-06-05 16:49 - 2014-06-05 16:49 - 00854367 _____ () C:\Users\Jan\Desktop\SecurityCheck.exe
2014-06-04 23:57 - 2013-12-11 10:03 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-04 23:57 - 2013-12-11 10:03 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-06-04 18:49 - 2014-06-04 18:49 - 00000812 _____ () C:\Users\Jan\Desktop\JRT.txt
2014-06-04 18:42 - 2014-06-04 18:42 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 18:36 - 2014-06-04 18:27 - 00000000 ____D () C:\AdwCleaner
2014-06-04 18:25 - 2014-06-04 18:25 - 01016261 _____ (Thisisu) C:\Users\Jan\Desktop\JRT.exe
2014-06-04 18:07 - 2014-06-04 18:07 - 01327971 _____ () C:\Users\Jan\Desktop\adwcleaner_3.211.exe
2014-06-04 12:30 - 2013-09-22 21:13 - 00000000 ____D () C:\Users\Jan\Documents\Homepage
2014-06-04 12:16 - 2013-09-18 23:15 - 00000000 ____D () C:\Windows\rescache
2014-06-04 11:59 - 2013-09-18 23:14 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-06-04 11:45 - 2013-09-22 21:13 - 00000000 ____D () C:\Users\Jan\Documents\Anleitungen&Technik
2014-06-03 21:52 - 2014-06-03 21:52 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-03 21:52 - 2013-09-20 00:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-03 21:52 - 2013-09-18 23:27 - 00000000 ____D () C:\Windows\system32\de-DE
2014-06-03 21:47 - 2013-09-20 00:12 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 21:14 - 2014-06-03 21:14 - 00032673 _____ () C:\Users\Jan\Desktop\combofix.log
2014-06-03 21:03 - 2014-06-03 21:03 - 00032673 _____ () C:\ComboFix.txt
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 21:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp
2014-06-03 21:03 - 2014-06-03 19:49 - 00000000 ____D () C:\Qoobox
2014-06-03 20:57 - 2013-09-18 23:10 - 00000215 _____ () C:\Windows\system.ini
2014-06-03 20:29 - 2013-09-18 23:10 - 00000000 ___RD () C:\Users\Public
2014-06-03 20:29 - 2013-09-18 23:05 - 00000000 ____D () C:\Users\Administrator
2014-06-03 20:21 - 2014-06-03 19:48 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 19:40 - 2014-06-03 19:39 - 05206532 ____R (Swearware) C:\Users\Jan\Desktop\ComboFix.exe
2014-06-03 10:14 - 2013-09-20 22:02 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-06-02 20:40 - 2013-09-22 21:18 - 00000000 ____D () C:\Users\Jan\Documents\Sonstige Texte Nie-Mehr-Radlos
2014-06-02 20:28 - 2014-06-02 20:28 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-02 20:27 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-02 20:26 - 2013-09-20 00:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-02 20:26 - 2013-09-20 00:47 - 00000000 ____D () C:\Program Files\Adobe
2014-06-02 19:11 - 2013-09-23 01:42 - 00000000 ____D () C:\Program Files\CSR
2014-06-02 19:08 - 2013-09-20 23:40 - 00000000 ____D () C:\Users\Jan\Documents\Bluetooth FTP Share
2014-06-02 18:19 - 2013-09-19 22:32 - 00111520 _____ () C:\Users\Jan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-02 18:19 - 2013-09-18 23:21 - 00445632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-02 17:02 - 2013-09-20 01:10 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-06-02 16:58 - 2013-09-20 00:57 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-06-02 14:27 - 2014-02-23 20:42 - 00000000 ____D () C:\Users\Jan\Desktop\Aktuelles Thailand
2014-06-02 14:17 - 2014-06-02 14:17 - 00380416 _____ () C:\Users\Jan\Desktop\Gmer-19357.exe
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\MSDOS.SYS
2014-06-02 00:37 - 2014-06-02 00:37 - 00000000 __RSH () C:\IO.SYS
2014-06-02 00:13 - 2014-06-02 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-02 00:12 - 2014-06-01 22:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jan\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-06-01 20:09 - 2014-06-01 20:09 - 00000000 ____D () C:\Program Files\Panda USB Vaccine
2014-06-01 20:05 - 2014-06-01 19:58 - 00848856 _____ (Panda Security ) C:\Users\Jan\Desktop\USBVaccineSetup.exe
2014-06-01 18:43 - 2014-06-01 18:41 - 02347384 _____ (ESET) C:\Users\Jan\Desktop\esetsmartinstaller_deu.exe
2014-05-30 22:23 - 2013-09-20 00:02 - 00000000 ____D () C:\Program Files\Nokia
2014-05-26 18:27 - 2013-09-18 23:36 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-20 19:04 - 2014-03-26 23:21 - 00000000 ____D () C:\Users\Jan\Documents\Wichtige Dokumente 27.03.14
2014-05-20 18:53 - 2013-09-22 21:17 - 00000000 ____D () C:\Users\Karina Derl\Documents\K a r i n a s  Docs
2014-05-20 15:26 - 2014-04-25 16:49 - 00000000 ____D () C:\Users\Jan\Desktop\Galerie Myanmar
2014-05-20 14:55 - 2013-09-21 18:03 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-05-20 14:55 - 2013-09-21 17:33 - 00000000 ____D () C:\ProgramData\DivX
2014-05-20 14:43 - 2013-09-22 21:15 - 00000000 ____D () C:\Users\Jan\Documents\J a n
2014-05-19 09:45 - 2013-11-09 05:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-18 16:08 - 2014-05-18 16:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-11 19:13 - 2014-05-11 19:13 - 00001489 _____ () C:\Users\Jan\Desktop\ALLES Nie Mehr Radlos - Verknüpfung.lnk
2014-05-09 12:36 - 2014-06-03 21:33 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 12:34 - 2014-06-03 21:33 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 19:50 - 2014-05-06 14:16 - 00000000 ____D () C:\Users\Karina Derl\AppData\Local\ACD Systems
2014-05-07 22:07 - 2014-05-07 22:07 - 00000000 ____D () C:\Users\Jan\AppData\Roaming\dvdcss
2014-05-07 19:06 - 2014-05-07 19:06 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\PC Suite
2014-05-07 19:04 - 2014-05-07 19:04 - 00000000 ____D () C:\ProgramData\Installations
2014-05-07 15:02 - 2014-06-05 22:45 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-05-07 14:59 - 2014-06-05 22:45 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-05-07 14:59 - 2014-06-05 22:45 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-05-07 14:58 - 2014-06-05 22:45 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-05-07 07:40 - 2013-10-09 05:57 - 00000000 ____D () C:\Users\Karina Derl\AppData\Roaming\vlc

Some content of TEMP:
====================
C:\Users\Jan\AppData\Local\temp\avgnt.exe
C:\Users\Jan\AppData\Local\temp\jre-7u60-windows-i586-iftw.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 03:00

==================== End Of Log ============================
--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-06-2014
Ran by Jan at 2014-06-06 18:24:16
Running from C:\Users\Jan\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Ampps 2.0 (HKLM\...\Ampps_is1) (Version:  - Softaculous Ltd.)
Atheros 802.11 bgn Network Adapter (Version: 1.0.0.0 - Broadcom) Hidden
Atheros 802.11g Network Adapter (HKLM\...\InstallShield_{06A6143C-0703-4946-9E20-355F306ADF11}) (Version: 1.0.0.0 - Broadcom)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Intel(R) Graphics Media Accelerator 500 (HKLM\...\LPCO) (Version:  -  Intel Corporation)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kels' Win7 CPL Bonus Pack! (HKLM\...\CPLBonus) (Version: 1.3 - Kelsenellenelvian EverDawn)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM\...\M2742597) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.51078 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60810 (HKLM\...\{70B7F782-CA10-3CAC-98F7-3C748845BD88}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60810 (HKLM\...\{FE695D59-555C-3641-925D-BF65EC37B5D1}) (Version: 11.0.60810 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\{DFAA3D2B-7087-464E-823B-738A23C29C27}) (Version: 2.0.50728 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Notepad++ (HKLM\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Option WWAN Driver 5.1.37.0 Installer  (HKLM\...\{884BB5CC-108E-41a9-936D-955C999C06A1}_x) (Version: 3.5.1.1140 - Option NV)
Option WWAN Driver 5.1.37.0 Installer (Version: 3.5.1.1140 - Option NV) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Panda USB Vaccine 1.0.1.4 (HKLM\...\{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1) (Version:  - Panda Security)
PC Connectivity Solution (HKLM\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayMemories Camera Apps Downloader (HKLM\...\{E4B95A36-0EF2-44C6-B939-5B3DBBC34502}) (Version: 1.1.1975.475 - Sony Network Entertainment International LLC)
Power Management (HKLM\...\InstallShield_{C36E5EC0-A87E-4994-844B-1DE75ED22BD8}) (Version: 1.0.0.16C - Nokia)
Power Management (Version: 1.0.0.16C - Nokia) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
Shape Collage (HKLM\...\ShapeCollage) (Version:  - Shape Collage Inc.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartFTP Client (HKLM\...\{60B56C13-56FA-47E9-A5E7-32540117E5FE}) (Version: 5.0.1350.0 - SmartSoft Ltd.)
SmartFTP Client 4.0 Setup Files (remove only) (HKLM\...\SmartFTP Client 4.0 Setup Files) (Version: 4.0 - SmartSoft Ltd)
SMPlayer 0.8.6 (HKLM\...\SMPlayer) (Version: 0.8.6 - Ricardo Villalba)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2768008) 32-Bit Edition (HKLM\...\{90150000-0015-0407-0000-0000000FF1CE}_Office15.PROPLUS_{02DD2FBD-76D9-4B8B-AAE6-657542F4F6E6}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FB31ABE4-BB41-4E9A-A252-1A4BC9DC8C43}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{F15AA550-A0B9-44AD-9067-2294CCA51F1C}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{7FBE2D23-9F3C-4983-B927-2A4BF600B7A7}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{885A0D95-13A8-4A31-B01C-B02454F414AA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F307363-49DA-4AE7-9D9D-DAA1FF59274F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E6B2968-B9D7-40C9-9FC2-8E729DDBB39C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{49893259-C896-4972-9B6C-6B75790945F1}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AFDC9BDD-5608-4A21-8066-13E2ACE1EDB4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4F8AD68D-9F41-446E-AA81-C43BF88671BF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BCD0EA38-A8FB-4F3D-B04E-DFFB38BC7849}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9E03AB38-EF60-4DE6-92FB-656E23403BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E58009CD-D950-4CAE-89B4-E97C3B78319B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{03FC8649-9511-4FB1-BE34-67A442505DCF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B299B17D-874D-43DD-84AA-414BD9C70021}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{65D789FD-9118-45AF-8DE4-F49F358A8525}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{B9DB28D9-15D0-4DDE-A123-C9B82AC9A579}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{B9A3A7A7-8B5B-4D07-9816-80EE2EA5B9B7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{670559E6-5725-4B84-A16C-0859771F25DE}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5EFADE14-CE0B-43BF-ADD2-850FCB79485F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{8E942418-D7DE-48A4-8210-AD994006EFAA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{188DFB16-BA3F-4AD3-9432-45C8FA64EC8B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{BC369230-B0E0-4BB0-82D6-E93196060BFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FD782270-0456-4B87-AC5E-C6EE2D063C48}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{C5CF8938-646A-41A5-A4E6-6EEE4205CBA4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUS_{08F8B8BC-97B5-4110-8FC1-A840DEAD0DF9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUS_{F75F8521-118D-4DE2-927F-073BE7B6DC7F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUS_{E11A0DDD-9F6D-49C6-8F02-850D44DD7639}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 32-Bit Edition (HKLM\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUS_{A1416C8A-2BA0-43D0-BCD5-C6C29D029327}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{954A0EA5-CCCB-4B4E-8664-40E2CC8BBCBB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4B1A48FA-CAE2-49BB-A912-6F96AE7875D9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUS_{DA3F3D63-4C9F-407B-9CA1-39638F85BDDD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{696ACAB0-DCE3-4050-849A-629CE94A9E3A}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 32-Bit Edition (HKLM\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUS_{67F8928F-664E-47A9-B283-3121D5F904CC}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{166909FC-6736-4EE5-9491-1BF9A4EE84E7}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Windows 7 Manager (HKLM\...\{92A8D72E-784B-4F09-AC0E-A9E0C1F64D2C}) (Version: 4.3.1 - Yamicsoft)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinHTTrack Website Copier 3.47-27 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinRAR 5.00 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

==================== Restore Points  =========================

28-05-2014 15:59:44 Geplanter Prüfpunkt
30-05-2014 17:08:43 Installed Hotkey Utility
02-06-2014 11:24:52 Removed Adobe Acrobat XI Pro.
02-06-2014 11:25:50 Removed Adobe Acrobat XI Pro.
02-06-2014 11:31:15 Removed ACDSee Pro 6.
02-06-2014 13:38:57 Removed Bluetooth Feature Pack 5.0.
03-06-2014 16:04:11 Windows Update
05-06-2014 17:13:14 Installed Java 7 Update 60
05-06-2014 17:33:27 Removed Java 7 Update 60
05-06-2014 18:40:18 Installed Hotkey Utility

==================== Hosts content: ==========================

2013-09-18 23:28 - 2013-09-21 11:18 - 00000926 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 acdid.acdsystems.com


==================== Scheduled Tasks (whitelisted) =============

Task: {177023BE-6F80-4FCB-9D73-C0729BF6DEAD} - System32\Tasks\{889FB738-3AD4-4989-B0EF-13387171F078} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {48B66977-17F9-4E69-975A-D20921F93369} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe [2009-09-23] ()
Task: {73D5A2BF-8A59-486B-8A3A-4D12F0E40174} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-02] (Microsoft Corporation)
Task: {80E362B6-D839-4BCB-A7DF-9479A584EBC2} - System32\Tasks\{8A3E7ECB-AB02-4243-90D5-50C3BC3E0E64} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {AD10B1F6-71C8-4F94-A94C-1E968005BB05} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B5D249AF-53C5-4932-9079-732735B82AF1} - System32\Tasks\{EA5066EC-FA1B-4041-A39B-A75F69F87CA3} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {BD18EDD1-39D7-4257-869D-0F9B94A20803} - System32\Tasks\{3DD4163B-93EC-4366-942A-FBCD436F5E7D} => C:\Program Files\Hotkey\CeEKey.exe [2009-09-11] (COMPAL ELECTRONIC INC.)
Task: {CB74E86E-A362-47DD-B336-0F46E51BC4D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D220DB42-1B65-4DA4-BF3B-98886069DEC2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2013-09-21 18:21 - 2013-09-21 18:20 - 00011776 _____ () C:\Windows\system32\PrLdrSrv.exe
2013-09-04 16:44 - 2013-09-04 16:44 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2009-06-03 15:44 - 2009-06-03 15:44 - 00024576 _____ () C:\Windows\system32\EKECioCtl.dll
2013-07-19 16:26 - 2013-07-19 16:26 - 01027240 _____ () C:\Program Files\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: HDPSrv => 3
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: TeamViewer8 => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2014 06:20:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 06:09:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 00:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 00:31:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DllHost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc6b7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72746e6d
ID des fehlerhaften Prozesses: 0xeb4
Startzeit der fehlerhaften Anwendung: 0xDllHost.exe0
Pfad der fehlerhaften Anwendung: DllHost.exe1
Pfad des fehlerhaften Moduls: DllHost.exe2
Berichtskennung: DllHost.exe3

Error: (06/06/2014 00:10:18 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3f6de8a0-195d-4d6b-ad30-d29391facb4d}

Error: (06/06/2014 00:08:38 AM) (Source: MsiInstaller) (EventID: 1013) (User: NOKIA-3G)
Description: Product: Hotkey Utility -- 1: This installation cannot be run by directly launching the MSI package. You must run setup.exe.

Error: (06/06/2014 00:07:57 AM) (Source: MsiInstaller) (EventID: 1013) (User: NOKIA-3G)
Description: Product: Hotkey Utility -- 1: This installation cannot be run by directly launching the MSI package. You must run setup.exe.

Error: (06/05/2014 11:44:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 11:33:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 11:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.532, Zeitstempel: 0x53518532
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x5bc
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (06/06/2014 06:20:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (06/06/2014 06:18:58 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/06/2014 06:17:46 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/06/2014 06:09:54 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (06/06/2014 06:08:40 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/06/2014 05:08:41 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/06/2014 00:50:07 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/06/2014 00:50:04 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (06/06/2014 00:47:59 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "PrLdrSrv" hat einen ungültigen aktuellen Status gemeldet: 14

Error: (06/06/2014 00:47:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (06/06/2014 06:20:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 06:09:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 00:50:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 00:31:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.1.7600.163854a5bc6b7unknown0.0.0.000000000c000000572746e6deb401cf80f07e1c4a37C:\Windows\system32\DllHost.exeunknownddb470ff-ece3-11e3-b752-a1b8e60490bc

Error: (06/06/2014 00:10:18 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {3f6de8a0-195d-4d6b-ad30-d29391facb4d}

Error: (06/06/2014 00:08:38 AM) (Source: MsiInstaller) (EventID: 1013) (User: NOKIA-3G)
Description: Product: Hotkey Utility -- 1: This installation cannot be run by directly launching the MSI package. You must run setup.exe. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/06/2014 00:07:57 AM) (Source: MsiInstaller) (EventID: 1013) (User: NOKIA-3G)
Description: Product: Hotkey Utility -- 1: This installation cannot be run by directly launching the MSI package. You must run setup.exe. (NULL)(NULL)(NULL)(NULL)(NULL)

Error: (06/05/2014 11:44:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 11:33:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2014 11:30:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd5bc01cf80e80a8eef50C:\Program Files\Malwarebytes Anti-Malware\mbam.exeC:\Program Files\Malwarebytes Anti-Malware\MSVCR100.dll48c0c740-ecdb-11e3-a331-ce45394146bd


==================== Memory info ===========================

Percentage of memory in use: 84%
Total physical RAM: 1014.27 MB
Available physical RAM: 153.73 MB
Total Pagefile: 2328.55 MB
Available Pagefile: 1145.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.9 GB) (Free:24.41 GB) NTFS
Drive d: () (Removable) (Total:14.29 GB) (Free:7.81 GB) FAT32
Drive e: (KLEINSCHATZ) (Removable) (Total:14.89 GB) (Free:7.87 GB) FAT32
Drive f: () (Removable) (Total:29.71 GB) (Free:28.18 GB) FAT32
Drive g: (Karis Chip2) (Removable) (Total:14.83 GB) (Free:3.79 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 000D7148)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 15 GB) (Disk ID: E28F0842)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)

========================================================
Disk: 3 (Size: 14 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 4 (Size: 15 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 07.06.2014 06:02
Die ESET Funde sind allesamt PDF in einem Ordner auf deinem DEsktop, kannste löschen.


Supi, Malware ist unten. JEtzt bitte im WIndows Explorer den Stick öffnen, versteckte Dateien anzeigen lassen in den Ordneroptionen, Haken raus bei geschützte Dateien ausblenden.

Jetzt solltest Du neben den Verknüpfungen auch die Originale sehen. Auf einen Original-Ordner Rechtsklick Eigenschaften, Haken raus bei Versteckt.

Reiselust 07.06.2014 10:23
Hallo Schrauber,

das hört sich eigentlich prima an, leider werden die Originalordner immer noch nicht angezeigt (weiterhin Verknüpfungen) und MBAM kann ich weder richtig installieren, noch starten...

Irgendwelche Ideen?

Schönes Wochenende ansonsten :D

schrauber 08.06.2014 09:17
Zitat:
JEtzt bitte im WIndows Explorer den Stick öffnen, versteckte Dateien anzeigen lassen in den Ordneroptionen, Haken raus bei geschützte Dateien ausblenden.
Das wurde gemacht? Trotzdem nur Verknüpfungen auf dem Stick? Screenshot des Sticks bitte.

Reiselust 08.06.2014 14:38
Liste der Anhänge anzeigen (Anzahl: 2)
Hallo Schrauber,

eine gute Neuigkeit gibt es: Nach der Deinstallation von MBAM verblieb ein gleichnamiger Ordner, den ich nicht löschen konnte. Gestern ging es problemlos und ich konnte MBAM endlich ohne Fehlermeldungen installieren und starten.

hier der Screenshot des Sticks
Anhang 67496

und dann noch die Ordneroptionen - vielleicht habe ich ja etwas falsch verstanden!?
Anhang 67497


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:31 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19