Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 16.09.2013, 16:57   #16
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 01
Ran by Marko at 2013-09-16 17:41:40
Running from C:\Users\Marko\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 8.2.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AC3Filter 2.5b (x32 Version: 2.5b)
Adobe AIR (x32 Version: 3.7.0.1860)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Community Help (x32 Version: 3.5.23)
Adobe Download Assistant (x32 Version: 1.2.3)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Photoshop Elements 11 (x32 Version: 11.0)
Adobe Photoshop Lightroom 5 64-bit (Version: 5.0.1)
Adobe Premiere Elements 11 (Version: 11.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0806.1213.19931)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
AMD System Monitor (x32 Version: 1.0.8)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
AMD VISION Engine Control Center (x32 Version: 2012.0806.1213.19931)
AntiBrowserSpy (x32 Version: 3.6.106)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Application Profiles (x32 Version: 2.0.4337.36028)
Application Profiles (x32 Version: 2.0.4365.36132)
Ashampoo Burning Studio 12 v.12.0.5 (x32 Version: 12.0.5)
Ashampoo Home Designer Pro v.1.0.1 (x32 Version: 1.0.1)
Ashampoo Internet Accelerator 3 v.3.20 (x32 Version: 3.1.1)
Ashampoo Music Studio 4 v.4.0.5 (x32 Version: 4.0.5)
Ashampoo Music Studio 4 v.4.1.0 (x32 Version: 4.1.0)
Ashampoo Photo Commander 10 v.10.1.1 (x32 Version: 10.1.1)
Ashampoo Snap 5 v.5.1.5 (x32 Version: 5.1.5)
Ashampoo Video Styler 2013 v.1.0.1 (x32 Version: 1.0.1)
Ashampoo WinOptimizer 10 v.10.2.5 (x32 Version: 10.02.05)
Audio 180% (x32 Version: Audio 180%)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Bewerbungsfoto-/Passbild-Generator v3.5b (x32)
BEWERBUNGSMASTER (e:\Programme\BEWERBUNGSMASTER\) (x32)
BEWERBUNGSMASTER (x32)
BufferChm (x32 Version: 130.0.331.000)
Bullzip PDF Printer 9.3.0.1516 (Version: 9.3.0.1516)
C4400 (x32 Version: 130.0.365.000)
C4500 (x32 Version: 130.0.365.000)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.7.2.11)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.3.9)
Canon MOV Decoder (x32 Version: 1.5.0.7)
Canon MOV Encoder (x32 Version: 1.3.1.3)
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.4.1.9)
Canon Utilities Digital Photo Professional 3.8 (x32 Version: 3.8.0.0)
Canon Utilities EOS Utility (x32 Version: 2.8.1.0)
Canon Utilities PhotoStitch (x32 Version: 3.1.22.46)
Canon Utilities Picture Style Editor (x32 Version: 1.7.0.0)
Canon Utilities WFT Utility (x32 Version: 3.5.1.1)
Canon Utilities ZoomBrowser EX (x32 Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.3.0.4)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931)
CCC Help Czech (x32 Version: 2012.0806.1212.19931)
CCC Help Danish (x32 Version: 2012.0806.1212.19931)
CCC Help Dutch (x32 Version: 2012.0806.1212.19931)
CCC Help English (x32 Version: 2012.0806.1212.19931)
CCC Help Finnish (x32 Version: 2012.0806.1212.19931)
CCC Help French (x32 Version: 2012.0806.1212.19931)
CCC Help German (x32 Version: 2012.0806.1212.19931)
CCC Help Greek (x32 Version: 2012.0806.1212.19931)
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931)
CCC Help Italian (x32 Version: 2012.0806.1212.19931)
CCC Help Japanese (x32 Version: 2012.0806.1212.19931)
CCC Help Korean (x32 Version: 2012.0806.1212.19931)
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931)
CCC Help Polish (x32 Version: 2012.0806.1212.19931)
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931)
CCC Help Russian (x32 Version: 2012.0806.1212.19931)
CCC Help Spanish (x32 Version: 2012.0806.1212.19931)
CCC Help Swedish (x32 Version: 2012.0806.1212.19931)
CCC Help Thai (x32 Version: 2012.0806.1212.19931)
CCC Help Turkish (x32 Version: 2012.0806.1212.19931)
ccc-utility64 (Version: 2012.0806.1213.19931)
Classic Shell (Version: 3.6.8)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
COMPUTERBILD-Abzockschutz (x32 Version: 1.0.40)
Content Manager 2 (x32 Version: 3.10.0.52790)
Copy (x32 Version: 130.0.428.000)
CPUID CPU-Z 1.59
CyberGhost VPN
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Data Lifeguard Diagnostic for Windows 1.24 (x32)
DateiCommander13 Basic (x32)
Desk Drive (x32 Version: 1.8.2)
DeskDrive Version 1.8.5 (x32 Version: 1.8.5)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
Diagnostic Utility (x32 Version: 1.00.0000)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)
DivX-Setup (x32 Version: 2.6.1.44)
DocProc (x32 Version: 13.0.0.0)
DxO FilmPack 2.0 (x32 Version: 2.0.0)
DxO Optics Pro 5.3.5 (x32 Version: 5.3.5)
DxO Optics Pro 6 (x32 Version: 6.6.0)
Elements 11 Organizer (x32 Version: 11.0)
eReg (x32 Version: 1.20.138.34)
erLT (x32 Version: 1.20.0137)
Fahrtenbuch professionell (x32)
FileBox eXtender (x32)
FileZilla Client 3.5.3 (x32 Version: 3.5.3)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
FolderVisualizer (x32 Version: 2012)
GeoSetter 3.4.16 (x32)
Gigaset QuickSync (Version: 7.2.0844.6)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo Creations (x32 Version: 1.0.0.9452)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.003.001.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPProductAssistant (x32 Version: 130.0.371.000)
Inpaint 3 Installation & Registrierung (x32)
Inpaint 3.0 (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JavaFX 2.1.1 (x32 Version: 2.1.1)
KeePass Password Safe 2.21 (x32)
Logitech Flow Scroll 4.0 (Version: 4.00.33)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Unifying-Software 2.10 (Version: 2.10.37)
MadAppLauncher version 1.10.0.0 (x32 Version: 1.10.0.0)
MAGIX Foto Designer 7 (x32 Version: 7.0.1.1)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
MediaCoder x64 0.8.25.5553 (Version: 0.8.25.5553)
Mediencenter 3.8.1.2208 (HKCU Version: 3.8.1.2208)
Mediencenter Assistent (Version: 2.7.0.1451)
MEDION NAS TOOL (x32)
Memeo Instant Backup (x32 Version: 4.60.0.7939)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Professional 2013 - de-de (Version: 15.0.4517.1509)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Miso 1.0 (x32 Version: 1.0)
Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)
Mozilla Firefox 23.0.1 (x86 de) (HKCU Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 18.0.1)
Mp3tag v2.57 (x32 Version: v2.57)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Naviextras Toolbox Prerequesities (x32 Version: 1.0.0)
Nero 8 (x32 Version: 8.3.312)
neroxml (x32 Version: 1.0.0)
Network64 (Version: 130.0.572.000)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0)
Nokia Suite (x32 Version: 3.8.30.0)
NTRIP (x32)
O&O DriveLED Professional (Version: 4.2.157)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Ocster Backup Pro (Version: 8.08)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4517.1509)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4517.1509)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4517.1509)
ON_OFF Charge B11.1102.1 (x32 Version: 1.00.0001)
Paragon Festplatten Manager™ 2011 Kompakt 2nd Edition (x32 Version: 90.00.0003)
PC Connectivity Solution (x32 Version: 12.0.109.0)
PDF Experte 8 Ultimate (x32 Version: 8.0.0140.0)
Perfect Effects 4.0.4 (x32 Version: 4.0.4)
PL-2303 USB-to-Serial (x32 Version: 1.7.0)
PRE11 STI 64Installer (x32 Version: 11.0)
PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000)
PS_AIO_04_C4500_Software_Min (x32 Version: 130.0.365.000)
PSE11 STI Installer (x32 Version: 11.0)
Q-Dir (x32)
QuickTime (x32 Version: 7.74.80.86)
Rainmeter (x32 Version: 2.4 r1678)
Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6650)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30126)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0)
Scan (x32 Version: 13.0.0.0)
SeaTools for Windows (x32 Version: 1.2.0.7)
Send To Toys v2.61
SiSoftware Sandra Lite 2012.SP5c (Version: 18.74.2012.10)
SmartTools Publishing • Excel AutoBackup (x32 Version: v2.50)
SmartTools Publishing • Outlook Adress-Assistent (x32 Version: v3.50)
SmartTools Publishing • Word Adressfenster-Assistent (x32 Version: v2.50)
SmartWebPrinting (x32 Version: 130.0.457.000)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
swMSM (x32 Version: 12.0.0.1)
TomTom HOME (x32 Version: 2.9.2)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
Treiber-Studio 2013 (Version: 8.0.519)
Treiber-Studio 2013 (Version: 8.1.428)
Unknown Device Identifier 8.00
UnloadSupport (x32 Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VCRedistSetup (x32 Version: 1.0.0)
WebReg (x32 Version: 130.0.132.017)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
XnView Shell Extension 3.2.0 (64bits) (x32 Version: 3.2.0)

==================== Restore Points  =========================

11-09-2013 07:41:38 Windows Update
15-09-2013 09:37:46 Windows-Sicherung
15-09-2013 09:57:18 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-05 15:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {07FD82E2-B526-4FC7-8798-FCA387122C0B} - System32\Tasks\One-Click Optimizer => E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-05-15] (Ashampoo Development GmbH & Co. KG)
Task: {18E87A3D-D345-46C8-83A0-765A4D34BF98} - System32\Tasks\{0DC1FC84-5EDB-4337-ABC3-B6DDCF71C3C2} => Firefox.exe 
Task: {479C03B9-CEC4-41F3-A69F-F81E31FC295D} - System32\Tasks\{485AAEC7-0CDC-4324-B369-6564E05046FA} => Firefox.exe 
Task: {55D08572-AF0D-4D79-B374-B2288E853937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-21] (Google Inc.)
Task: {94E7BDC3-C5CF-4EFB-A69A-8C6218A52551} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9D61BA86-511D-4EF2-9642-5A4E7FC5D66A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-09] (Microsoft Corporation)
Task: {9E55C402-A616-4ED1-B9A3-DDE6CCFFCF6A} - System32\Tasks\Microsoft\Windows\MemDiag => C:\Windows\system32\mdres.exe [2009-07-14] (Microsoft Corporation)
Task: {A00464E8-6BBC-4CE0-B494-EA214C5F7098} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {B308AAA6-6861-4A1E-B7FE-4945F3AA459C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {B5FF5D24-9746-49F5-9A08-EE16078E7451} - System32\Tasks\{68FCBDDC-F452-4549-97AD-356CC5E03486} => E:\Programme\Nero\Nero\Nero8\Nero Burning Rom\nero.exe [2008-06-24] (Nero AG)
Task: {BE32AC8B-F571-4959-965A-8CCC10A0E121} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-21] (Google Inc.)
Task: {C820FD4E-DC50-452F-A5E7-1350854F076E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {E47767F2-BC3A-463D-8CBD-A409DEA7DCA3} - System32\Tasks\AdobeAAMUpdater-1.0-Kobolt-Marko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F07079E8-DB7A-4819-8454-71FE70E5A687} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-08-23] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe

==================== Loaded Modules (whitelisted) =============

2013-07-02 17:21 - 2013-07-02 17:21 - 04712104 _____ () e:\Programme\Ocster Backup\bin\ox.dll
2013-04-12 10:45 - 2013-04-12 10:45 - 00641024 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_xrc_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00622592 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_html_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 03663872 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_core_vc_ox.dll
2013-04-12 10:42 - 2013-04-12 10:42 - 01488384 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxbase28u_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00875520 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_adv_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00157696 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxbase28u_xml_vc_ox.dll
2013-04-12 10:42 - 2013-04-12 10:42 - 00152576 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxbase28u_net_vc_ox.dll
2011-02-23 17:09 - 2011-02-23 17:09 - 00313344 _____ (Hyperionics Technology LLC) E:\Programme\FileBX\FileBXH.dll
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-02-03 17:06 - 2013-02-03 17:06 - 00244696 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00661448 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00828872 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll
2013-04-04 10:22 - 2013-04-04 10:22 - 00558592 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll
2013-06-29 10:50 - 2013-06-29 10:50 - 00724992 _____ (IvoSoft) E:\Programme\Classic Shell\ClassicExplorer64.dll
2013-06-29 10:50 - 2013-06-29 10:50 - 01750528 _____ (IvoSoft) E:\Programme\Classic Shell\ClassicStartMenuDLL.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () e:\Programme\FileZilla FTP Client\fzshellext_64.dll
2013-07-29 14:57 - 2013-05-15 15:22 - 00117096 _____ (TODO: <Company name>) E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\WinOptimizerContextHandler64.dll
2013-07-10 13:15 - 2011-02-01 20:09 - 00593788 _____ (Friedemann Schmidt) e:\Programme\GeoSetter\GeoSetterShellExt64.dll
2012-08-06 13:01 - 2012-08-06 13:01 - 00004608 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\atiamdeu.dll
2012-05-22 11:07 - 2011-05-18 17:47 - 00137216 _____ (Gabriele Ponti) e:\Programme\Send To Toys\SendToFolderShellExt.dll
2012-05-22 11:07 - 2011-05-18 17:47 - 00140800 _____ (Gabriele Ponti) e:\Programme\Send To Toys\SendToClipboardShellExt.dll
2013-04-24 15:25 - 2013-04-24 15:25 - 00402432 _____ (Florian Heidenreich) E:\Programme\MP3-Tag\Mp3tag\Mp3tagShell64.dll
2013-04-04 10:22 - 2013-04-04 10:22 - 00152064 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.ContextMenuHandler.dll
2012-08-15 11:55 - 2012-08-13 17:25 - 00149504 _____ (Deutsche Telekom AG) C:\Windows\system32\DTAG.Mediencenter.ShellExtension.dll
2012-05-22 11:01 - 2012-02-23 21:44 - 02409472 _____ () e:\Programme\XnView\ShellEx\XnViewShellExt64.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () E:\Programme\Logitech\SetPointP\Macros\MacroCore.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 06088360 _____ () E:\Programme\Ocster Backup\bin\backupClientLib.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00388264 _____ () E:\Programme\Ocster Backup\bin\updateman.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00468648 _____ () E:\Programme\Ocster Backup\bin\twirl.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00343208 _____ () E:\Programme\Ocster Backup\bin\tomb.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 04712104 _____ () E:\Programme\Ocster Backup\bin\ox.dll
2013-04-12 10:45 - 2013-04-12 10:45 - 00641024 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxmsw28u_xrc_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00622592 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxmsw28u_html_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 03663872 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxmsw28u_core_vc_ox.dll
2013-04-12 10:42 - 2013-04-12 10:42 - 01488384 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxbase28u_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00875520 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxmsw28u_adv_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00157696 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxbase28u_xml_vc_ox.dll
2013-04-12 10:42 - 2013-04-12 10:42 - 00152576 _____ (wxWidgets development team) E:\Programme\Ocster Backup\bin\wxbase28u_net_vc_ox.dll
2013-04-12 10:30 - 2013-04-12 10:30 - 00076288 _____ () E:\Programme\Ocster Backup\bin\zdll.dll
2013-04-12 11:13 - 2013-04-12 11:13 - 00239104 _____ (The cURL library, hxxp://curl.haxx.se/) E:\Programme\Ocster Backup\bin\libcurl.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 10897576 _____ () E:\Programme\Ocster Backup\bin\backupCore.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00156328 _____ () E:\Programme\Ocster Backup\bin\deemon.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00491176 _____ () E:\Programme\Ocster Backup\bin\veem.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00060072 _____ () E:\Programme\Ocster Backup\bin\minizutil.dll
2013-06-27 07:56 - 2013-06-27 07:56 - 00020992 _____ () E:\Programme\Ocster Backup\bin\zlibutil.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00052392 _____ () E:\Programme\Ocster Backup\bin\lzmaUtil.dll
2013-06-27 07:58 - 2013-06-27 07:58 - 00049664 _____ () E:\Programme\Ocster Backup\bin\lzma.dll
2013-06-27 08:01 - 2013-06-27 08:01 - 00309248 _____ () E:\Programme\Ocster Backup\bin\party.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00112808 _____ () E:\Programme\Ocster Backup\bin\scoolite.dll
2013-06-27 07:56 - 2013-06-27 07:56 - 00626688 _____ () E:\Programme\Ocster Backup\bin\sqlite.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00204968 _____ () E:\Programme\Ocster Backup\bin\netutil.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 00147112 _____ () E:\Programme\Ocster Backup\bin\featback.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00035744 _____ (unknown) E:\Programme\AntiBrowserSpy\AbFlexTrans.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00037792 _____ () E:\Programme\AntiBrowserSpy\AbCommons.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 06362528 _____ () E:\Programme\AntiBrowserSpy\Commons.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 02648480 _____ (Developer Express Inc.) E:\Programme\AntiBrowserSpy\DevExpress.Data.v10.2.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00173984 _____ () E:\Programme\AntiBrowserSpy\AbBrowserLibs.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 03414944 _____ (Developer Express Inc.) E:\Programme\AntiBrowserSpy\DevExpress.Utils.v10.2.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00018336 _____ () E:\Programme\AntiBrowserSpy\VersionInfo.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00018848 _____ () E:\Programme\AntiBrowserSpy\AbSettingsKeeper.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 01750432 _____ (Developer Express Inc.) E:\Programme\AntiBrowserSpy\DevExpress.XtraEditors.v10.2.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00012704 _____ () E:\Programme\AntiBrowserSpy\AbProcessManager.dll
2013-06-07 09:59 - 2013-06-07 09:59 - 00012520 _____ () C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\CoreTempReader.dll
2013-06-07 09:59 - 2013-06-07 09:59 - 00015080 _____ () C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\GetCoreTempInfoNET.dll
2013-06-07 09:59 - 2013-06-07 09:59 - 00014056 _____ () C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\SystemInfo.dll
2011-02-23 17:04 - 2011-02-23 17:04 - 00080896 _____ () E:\Programme\FileBX\FbxRes.dll
2013-08-20 17:55 - 2013-08-20 17:55 - 00287232 _____ (The Apache Software Foundation) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\log4net.dll
2013-08-22 09:49 - 2013-08-22 09:49 - 00073728 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.ProxyClient.dll
2013-08-22 09:49 - 2013-08-22 09:49 - 00008192 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.Common.dll
2013-08-22 09:49 - 2013-08-22 09:49 - 00881664 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\de-DE\Mediencenter.resources.dll
2013-08-22 09:49 - 2013-08-22 09:49 - 00030720 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.ProxyContracts.dll
2012-11-04 16:25 - 2012-11-04 16:25 - 00736968 _____ () E:\Programme\Rainmeter\Rainmeter.dll
2012-11-04 16:23 - 2012-11-04 16:23 - 00056832 _____ () E:\Programme\Rainmeter\Plugins\WebParser.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00097280 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-08-06 13:03 - 2012-08-06 13:03 - 00031232 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00025088 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00048128 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00022016 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00015360 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00061440 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00018432 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00038400 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00029184 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\ATICCCom.dll
2012-07-17 09:58 - 2012-07-17 09:58 - 00175104 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\ADL.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00034816 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Server.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00006144 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00047616 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00006656 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00007168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00006144 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 00045056 _____ (ATI Technologies Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2010-03-04 02:27 - 2010-03-04 02:27 - 00016384 _____ (ATI Technologies Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00006656 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.dll
2010-10-07 14:07 - 2010-10-07 14:07 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00311296 _____ (Advanced Mirco Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00196608 _____ (Advanced Mirco Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2009-06-17 06:27 - 2009-06-17 06:27 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005120 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.Audio.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00008704 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2008-04-03 17:29 - 2008-04-03 17:29 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00025600 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00028672 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00045056 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00053248 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2009-12-08 08:49 - 2009-12-08 08:49 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2007-08-09 17:58 - 2007-08-09 17:58 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00144384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00065536 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00053248 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00028672 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2008-12-30 13:04 - 2008-12-30 13:04 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00050688 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.shared.dll
2007-05-02 18:44 - 2007-05-02 18:44 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00110592 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00081920 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2010-11-05 15:18 - 2010-11-05 15:18 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00110592 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00081920 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00013824 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00045056 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2009-01-20 15:51 - 2009-01-20 15:51 - 00007168 _____ ( ) C:\ATI\ATI.ACE\Core-Static\atixclib.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00013824 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00008192 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00015872 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00012288 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00019968 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00010752 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00013312 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\Fuel.Foundation.dll
2012-08-06 13:24 - 2012-08-06 13:24 - 00037376 _____ (AMD) C:\ATI\ATI.ACE\Fuel\FUEL.Implementation.dll
2012-08-06 13:24 - 2012-08-06 13:24 - 00103424 _____ () C:\ATI\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-06 13:03 - 2012-08-06 13:03 - 00479232 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00352256 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\Localization.Foundation.Implementation.de_Localization.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00071168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00012800 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00011264 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00007168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00013824 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00018944 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00018944 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00011264 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00015360 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00012800 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00011776 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00066048 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\APM.Server.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00024576 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\APM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00007168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00380928 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00036352 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00007680 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 01395200 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00413696 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00175104 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00172032 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 01007616 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00028160 _____ (Advanced Mirco Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00057344 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 01406464 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00441344 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00369152 _____ () C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00393216 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 02400256 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00024576 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00237568 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00159744 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00100864 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00021504 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00044544 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 01260032 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00026112 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00021504 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00048128 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00029696 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00037376 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00007680 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00039936 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00008192 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00307200 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00060928 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00528384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2011-02-23 17:09 - 2011-02-23 17:09 - 00301568 _____ (Hyperionics Technology LLC) E:\Programme\FileBX\FileBXH32.dll
2013-07-10 10:19 - 2013-07-10 10:19 - 00313000 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2013-08-14 22:22 - 2013-08-14 22:22 - 00358056 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-01-15 19:16 - 2012-04-11 20:06 - 01186816 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\TMSlite160.bpl
2013-01-15 19:16 - 2012-03-13 14:50 - 03660800 _____ (Project JEDI) E:\Programme\Avanquest\PDF Experte 8 Ultimate\Jcl160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00087552 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspropsaver160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 02478080 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsvector160.bpl
2013-01-15 19:16 - 2012-03-29 18:00 - 04119552 _____ (visagesoft) E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsgdi.dll
2013-01-15 19:16 - 2012-04-11 20:06 - 04680704 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfcore160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 02693120 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\BBlite160.bpl
2013-01-15 19:16 - 2012-02-23 16:11 - 00025088 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vstrees160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00064512 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsprinters160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00064512 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprinter160.bpl
2013-01-15 19:16 - 2011-09-30 19:10 - 00684032 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\js32.dll
2013-01-15 19:16 - 2012-04-11 20:06 - 00097280 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\expertpdfcore160.bpl
2013-01-15 19:16 - 2012-02-24 02:55 - 00253952 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) E:\Programme\Avanquest\PDF Experte 8 Ultimate\IndySystem160.bpl
2013-01-15 19:16 - 2012-02-24 02:55 - 02506752 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) E:\Programme\Avanquest\PDF Experte 8 Ultimate\IndyProtocols160.bpl
2013-01-15 19:16 - 2012-02-24 02:55 - 00387584 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) E:\Programme\Avanquest\PDF Experte 8 Ultimate\IndyCore160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 02253824 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\PKIECtrl160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00517120 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfeditor160.bpl
2013-01-15 19:16 - 2011-01-19 17:49 - 00156160 _____ (Avanquest Software) E:\Programme\Avanquest\PDF Experte 8 Ultimate\Snapu.dll
2013-01-15 19:16 - 2010-04-06 15:41 - 00316416 _____ (Avanquest Software) E:\Programme\Avanquest\PDF Experte 8 Ultimate\OLRegist.dll
2013-01-15 19:16 - 2010-08-05 10:57 - 00599296 _____ (Avanquest Software) E:\Programme\Avanquest\PDF Experte 8 Ultimate\bvrpctln.dll
2011-09-16 15:39 - 2011-09-16 15:39 - 00098664 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-09-16 01:17 - 2011-09-16 01:17 - 00230624 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.dll
2011-09-16 01:17 - 2011-09-16 01:17 - 01660128 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Utility.dll
2011-09-16 01:17 - 2011-09-16 01:17 - 00020704 _____ (Stan Schultes, VBNetExpert.com) C:\Program Files (x86)\Memeo\AutoBackup\XMLSettings.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 01557728 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 00054496 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Interop.dll
2011-09-16 01:17 - 2011-09-16 01:17 - 02888416 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2011-09-16 01:17 - 2011-09-16 01:17 - 00025824 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2011-09-16 01:17 - 2011-09-16 01:17 - 00015872 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Memeo.Client.resources.dll
2011-09-16 01:18 - 2011-09-16 01:18 - 00028672 _____ () C:\Program Files (x86)\Memeo\AutoBackup\de-DE\InstantBackup.resources.dll
2010-04-05 20:52 - 2010-04-05 20:52 - 00013824 _____ ( ) C:\Program Files (x86)\Memeo\AutoBackup\Interop.eWebControl.dll
2010-04-05 20:50 - 2010-04-05 20:50 - 00143360 _____ (Digital River, Inc.) C:\Program Files (x86)\Common Files\Memeo\eWebControl365.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 00025824 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.Third-party.Security.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 00296160 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.DataClad.DataAccess.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 00067808 _____ (Newtonsoft) C:\Program Files (x86)\Memeo\AutoBackup\Newtonsoft.Json.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 02798816 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\Tanagra.BMU.dll
2011-09-16 01:18 - 2011-09-16 01:18 - 00057344 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Tanagra.DataClad.resources.dll
2011-09-16 01:16 - 2011-09-16 01:16 - 00074976 _____ (Finisar Corporation) C:\Program Files (x86)\Memeo\AutoBackup\SQLite.NET.dll
2010-04-05 20:52 - 2010-04-05 20:52 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2011-09-16 01:16 - 2011-09-16 01:16 - 00042208 _____ (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoRemoteCore.dll
2011-09-16 01:18 - 2011-09-16 01:18 - 00036864 _____ (Memeo Inc.) C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Tanagra.Utility.resources.dll
2010-04-05 20:52 - 2010-04-05 20:52 - 00053248 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Mono.Nat.dll
2011-09-16 01:18 - 2011-09-16 01:18 - 00114688 _____ () C:\Program Files (x86)\Memeo\AutoBackup\de-DE\Memeo.Client.UI.resources.dll
2013-08-14 22:23 - 2013-08-14 22:27 - 01026728 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2013-03-12 15:31 - 2013-03-12 15:31 - 00321088 _____ () C:\Program Files\Microsoft Office 15\root\office15\msfad.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00220632 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00534480 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCP110.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00862664 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\MSVCR110.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00537560 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\Telemetry.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00038360 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\logging.dll
2003-07-11 03:09 - 2003-07-11 03:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\microsoft shared\Web Folders\1031\NSEXTINT.DLL
2009-07-14 02:07 - 2009-07-14 03:14 - 00064000 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\SysWOW64\l3codeca.acm
2013-08-18 14:19 - 2013-08-18 14:20 - 03551640 _____ () E:\Programme\Mozilla Firefox\mozjs.dll
2013-04-16 21:01 - 2013-04-16 21:01 - 00424960 _____ (AVM Berlin) C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\s0d1rked.default\extensions\fb_add_on@avm.de\components\windows\FB_AddOn4.dll
2013-04-16 21:01 - 2013-04-16 21:01 - 01085440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\Profiles\s0d1rked.default\extensions\fb_add_on@avm.de\components\windows\libeay32.dll
2013-03-12 15:29 - 2013-03-12 15:29 - 00121920 _____ () C:\Program Files\Microsoft Office 15\root\Office15\JitV.dll
2013-07-10 10:19 - 2013-07-10 10:19 - 00313000 _____ () C:\Program Files\Microsoft Office 15\root\Office15\AppVIsvStream32.dll
2013-08-14 22:22 - 2013-08-14 22:22 - 00358056 _____ () C:\Program Files\Microsoft Office 15\root\Office15\c2r32.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\Microsoft:cJP8NoA3alrUCM20
AlternateDataStreams: C:\ProgramData\Microsoft:V6rvehwmRjYqRAkFBpLsBNz
AlternateDataStreams: C:\Users\Marko\Cookies:xfyRDFyvnvb5tEWMQke9kc
AlternateDataStreams: C:\Users\Marko\Lokale Einstellungen:ESx4L4fSedPdx1ERV9rqEL
AlternateDataStreams: C:\Users\Marko\AppData\Local:ESx4L4fSedPdx1ERV9rqEL
AlternateDataStreams: C:\Users\Marko\AppData\Local\Anwendungsdaten:ESx4L4fSedPdx1ERV9rqEL


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/16/2013 02:06:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/16/2013 02:06:43 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/16/2013 02:06:42 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/16/2013 01:23:29 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/15/2013 11:27:09 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/11/2013 10:37:48 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/11/2013 09:29:17 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/09/2013 10:32:41 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/09/2013 03:27:18 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/09/2013 03:27:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (09/16/2013 01:32:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/16/2013 01:32:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/16/2013 01:32:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/16/2013 01:32:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/16/2013 01:32:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/16/2013 01:32:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/16/2013 01:23:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/16/2013 01:23:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/16/2013 01:23:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/16/2013 01:23:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2


Microsoft Office Sessions:
=========================
Error: (09/16/2013 02:06:43 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestE:\Programme\Nero\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (09/16/2013 02:06:43 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestE:\Programme\Nero\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe

Error: (09/16/2013 02:06:42 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Programme\Nero\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (09/16/2013 01:23:29 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/15/2013 11:27:09 AM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/11/2013 10:37:48 AM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/11/2013 09:29:17 AM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/09/2013 10:32:41 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (09/09/2013 03:27:18 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marko\Downloads\esetsmartinstaller_enu.exe

Error: (09/09/2013 03:27:16 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Marko\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2013-09-05 15:33:31.315
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-05 15:33:31.185
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-28 13:37:59.118
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.117
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.100
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.099
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-08 11:24:41.256
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-08 11:24:41.254
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8188.54 MB
Available physical RAM: 5609.3 MB
Total Pagefile: 16375.25 MB
Available Pagefile: 12990.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:104.75 GB) (Free:23.42 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FreeAgent GoFlex Drive) (Fixed) (Total:465.76 GB) (Free:401.88 GB) NTFS
Drive e: (Programme) (Fixed) (Total:41.22 GB) (Free:12.24 GB) NTFS
Drive f: (Daten) (Fixed) (Total:180.27 GB) (Free:43.81 GB) NTFS
Drive g: (Backup) (Fixed) (Total:89.52 GB) (Free:16.88 GB) NTFS
Drive h: (Laufwerk) (Fixed) (Total:50 GB) (Free:27.1 GB) NTFS
Drive k: (Sicherung) (Fixed) (Total:931.51 GB) (Free:18.97 GB) NTFS
Drive p: (SEAGATE_EXP) (Fixed) (Total:1907.32 GB) (Free:1885.23 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4086204)
Partition 1: (Active) - (Size=105 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=361 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 56A6B2F7)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 76942D58)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== End Of Log ============================
         
Kaspersky hat mal wieder geantwortet. Soll ich die beschriebenen Schritte ausführen oder ist von deiner Seite her noch was zu tun?

Zitat:
Code:
ATTFilter
Sehr geehrte(r) Herr xxx,

führen Sie bitte zuerst die folgenden Schritte aus:

Für Windows Vista / Windows 7:

1. Klicken Sie auf "Start --> Systemsteuerung --> Netzwerk- und Freigabecenter" (Sollten Sie diese Punkte nicht direkt sehen, klicken Sie auf der linken Seite bitte auf "Klassische Ansicht"
2. Klicken Sie nun auf "Netzwerkverbindungen verwalten" (bzw. Win7: "Adaptereinstellungen ändern")sodass Ihnen alle LAN-Verbindungen angezeigt werden
3. Klicken Sie mit der rechten Maustaste auf Ihre Netzwerkkarte und wählen "Eigenschaften". Es erscheinen die Eigenschaften der LAN-Verbindung bei denen Sie verschiedene Dienste sehen, wählen Sie hier nun den Dienst "Client für Microsoft-Netzwerke" aus und klicken Sie nun auf "Deinstallieren" (Wenn dieser nicht vorhanden ist, können Sie diesen Schritt überspringen)
4. Klicken Sie nun auf "Installieren" -> "Client" klicken nun bitte "Hinzufügen" wählen bitte im nächsten Fenster "Client für Microsoft-Netzwerke" aus und klicken auf "OK"
5. Schliessen Sie nun alle Fenster (Sollte ein Neustart des Systems empfohlen werden, führen Sie dieses bitte durch)


Versuchen Sie anschließend nochmals die Aktivierung des Kaspersky Programms. Sollte diese wiederum fehlschlagen, führen Sie bitte zusätzlich folgende Schritte durch:

1. Drücken Sie die "Windows"-Taste und "R"-Taste gleichzeitig auf Ihrer Tastatur und geben im neuen Fenster "services.msc" (ohne ") ein. Bestätigen Sie dies bitte mit Enter 
2. Überprüfen Sie hier die auftauchende Liste, ob der "Arbeitsstationsdienst" vorhanden ist.


Ist dieser Arbeitsstationsdienst vorhanden, aber nicht gestartet, so versuchen Sie diesen zuerst durch einen Rechtsklick darauf und auswählen von "Starten" zu starten.


Erhalten Sie hierbei eine Fehlermeldung, gehen Sie bitte noch folgendermaßen vor:

Bei Windows Vista/Windows 7

Klicken Sie auf den Start-Button -> Alle Programme -> Zubehör, klicken die "Eingabeaufforderung" mit der rechten Maustaste an und wählen "Als Administrator ausführen"

Geben Sie bitte die folgenden Befehle der Reihe nach ein und bestätigen jeden mit der Enter-Taste:
(Sie können die Befehlszeile auch kopieren und mit einem Rechtsklick im CMD-Fenster und auswählen von "Einfügen" einfügen)

svchost.exe -k NetworkService 

reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanworkstation\parameters /v ServiceDLL /t REG_EXPAND_SZ /d %SystemRoot%\System32\wkssvc.dll

net start lanmanworkstation

Führen Sie zum Schluß die Aktivierung des Programms durch.

Mit freundlichen Grüßen,
xxx
         

Alt 16.09.2013, 19:54   #17
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Nee lass mal, ich hab da schon ne Idee.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers
HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost
HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost
HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com
%SystemRoot%\system32\*.tsp
%SystemRoot%\system32\*.tsp /64
C:\Windows\system32\*.dll /600
C:\Windows\SysNative\*.dll /600
C:\Windows\SysWOW64\*.dll /600
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 18.09.2013, 15:54   #18
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Code:
ATTFilter
OTL Extras logfile created on: 18.09.2013 15:08:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,07% Memory free
15,99 Gb Paging File | 13,43 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 104,75 Gb Total Space | 24,29 Gb Free Space | 23,19% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 401,88 Gb Free Space | 86,28% Space Free | Partition Type: NTFS
Drive E: | 41,22 Gb Total Space | 11,65 Gb Free Space | 28,26% Space Free | Partition Type: NTFS
Drive F: | 180,27 Gb Total Space | 43,81 Gb Free Space | 24,30% Space Free | Partition Type: NTFS
Drive G: | 89,52 Gb Total Space | 16,88 Gb Free Space | 18,86% Space Free | Partition Type: NTFS
Drive H: | 50,00 Gb Total Space | 27,10 Gb Free Space | 54,20% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 21,68 Gb Free Space | 2,33% Space Free | Partition Type: NTFS
Drive P: | 1907,32 Gb Total Space | 1885,23 Gb Free Space | 98,84% Space Free | Partition Type: FAT32
 
Computer Name: KOBOLT | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- E:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- E:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [sendtotoys1add] -- e:\Programme\Send To Toys\SendToAdd.exe "%1" ()
Directory [sendtotoys1remove] -- e:\Programme\Send To Toys\SendToRemove.exe "%1" ()
Directory [sendtotoys2prompt] -- e:\Programme\Send To Toys\SendToCommandPrompt.exe "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE" /n /dde
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- E:\Programme\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [sendtotoys1add] -- e:\Programme\Send To Toys\SendToAdd.exe "%1" ()
Directory [sendtotoys1remove] -- e:\Programme\Send To Toys\SendToRemove.exe "%1" ()
Directory [sendtotoys2prompt] -- e:\Programme\Send To Toys\SendToCommandPrompt.exe "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{013CEB0C-8CFE-4E64-8D61-8B0BB3377A6A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{0294BB2F-6178-459D-8C46-8D1C40D6AD6B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{03426208-B357-4C32-8AAE-0F640CB9E33A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{057550CC-1C7E-4C7B-A2F8-3A8DDC978C8C}" = lport=138 | protocol=17 | dir=in | app=system | 
"{08E024BB-596A-4DFF-A430-159062EB67CE}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{125CFCEB-4A04-4192-9767-A653FDFBECE9}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{19A5737B-0BEE-43C8-BCD3-3CC714AA4FD3}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1F1083FB-5FE7-48EF-B923-DE87E8EF9596}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{2055614F-CB3D-4B66-82CA-168558BD5716}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{24F4B23D-DD0A-4D3C-B140-92394132BCDF}" = lport=rpc | protocol=6 | dir=in | app=e:\programme\sisoftware\sisoftware sandra lite 2012.sp5c\rpcagentsrv.exe | 
"{25B9D31D-64EC-44F5-900B-17177C3E5D3C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{295EF879-34FC-4A05-A484-51AA1443280E}" = lport=445 | protocol=6 | dir=in | app=system | 
"{2D51A963-800D-4D4D-9C16-97043938F2CE}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2FA65B31-3A9D-4C20-AFC6-469495F0EF44}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{37938B21-D3CD-418C-B77D-B5BEB8B38147}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3E359C95-D0CC-4A93-8C45-14AE4E71B0E4}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3ED796B9-5C5D-4CE8-BFD0-0E2E00ADDB2C}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{4084E937-EAAA-47EE-9520-7BE7CE434C09}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{44E454F3-CCCB-411A-841A-A08DB43B16E5}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{4BF5EB07-06A2-40E2-B5B6-244EF5C49A0F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4DBF4A5F-D235-4E5F-90A9-E0E10CAF3FE3}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{5456EA1E-AF45-48BD-9C96-AB99A6CCF1D9}" = lport=139 | protocol=6 | dir=in | app=system | 
"{5B6E381F-F971-4246-A7F6-1A615C63BC34}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6364B77A-8796-4078-B3CC-5963A3E70B4F}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6EFD3216-D4DB-448C-81DA-E8838C66FFD2}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{771A9BCB-A081-42B6-B170-2F4F7E7DF4C7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7A35F951-21EE-45B7-9B49-50E36638E3B6}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7C7BD74E-D59D-40F9-8481-A74C4729E9DD}" = rport=138 | protocol=17 | dir=out | app=system | 
"{7E7B3BAA-E87E-4029-B98D-D7154DA0EA82}" = lport=137 | protocol=17 | dir=in | app=system | 
"{86444BB3-291D-4D31-A046-BB4AA3243C28}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8DA630A9-2CBE-48D1-BF43-B22B3151773D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{95409DAE-8D3B-4FC8-8214-856BB664F4F6}" = lport=445 | protocol=6 | dir=in | app=system | 
"{9CAD0659-89C7-49F7-83BC-7284AB2AEDB2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9DF463EE-C066-4FF3-A975-A2CE0DF45948}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{AC476CF1-7BEA-42E4-A5C6-BDBB30237989}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF8150A9-8B4A-4262-900E-D368942052B3}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{BBBAB6A3-9D8C-48D3-A2E3-E9844A408E86}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{BE10AB93-C4A6-464B-BE93-069E778BFF99}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{BE7AD158-B1FB-4F05-99B4-73E435FDE26A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{C1C1D706-C38F-4D43-AABB-2D527BF071E3}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{C232D951-55E7-4D04-9346-F88A07FC0B22}" = lport=137 | protocol=17 | dir=in | app=system | 
"{C267381F-CF42-4D9D-B527-3054131752DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{C428A183-FD79-40B5-990D-895328F43AC8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C936918A-E48E-4207-8D40-A4F226A03CB8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CC6F96AB-CACB-4823-BC08-3A286D318BFF}" = lport=rpc | protocol=6 | dir=in | app=e:\programme\sisoftware\sisoftware sandra lite 2012.sp5c\wnt500x64\rpcsandrasrv.exe | 
"{CF0676E6-E2EC-438A-9741-7029DEBD00CE}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D32AC71C-66F6-4D26-BC89-4BEE2B4467B1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe | 
"{E2549E13-81F7-4B0B-9E7C-E06CD6666C65}" = rport=137 | protocol=17 | dir=out | app=system | 
"{E3DDA491-14C4-4293-9BE9-912775740658}" = rport=445 | protocol=6 | dir=out | app=system | 
"{F534D21D-02A4-4E48-A237-A3745ED5E6D3}" = rport=137 | protocol=17 | dir=out | app=system | 
"{F6E6DD5E-B88A-43B3-A3DC-5FDD6DF08177}" = lport=138 | protocol=17 | dir=in | app=system | 
"{F88056F6-7012-4476-A4FF-4740761EE601}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F9C1EEE5-72B7-40C6-BC7C-64E9DF7DEB39}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{003C7A18-60D9-4C89-94D8-DE42C1AA1D76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{02A4D600-582A-4C14-ADFE-C125CF0CB18F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{039D486B-A362-45CE-BB15-B76187A535B5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{069ACC7B-8D22-48ED-9ABB-4B45B022F759}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{12F7D6EF-82A4-4487-BE3C-1DE93B91872C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1473D86F-6F04-46A3-9153-CD04272511DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{27BF1A5D-F64B-45EF-BE24-E5C74F6DFFE6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{2BB41996-4B1C-4152-950A-524F98F5EE06}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3598C31E-BC70-4251-9895-8558362D30A8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{368204CF-C783-45F4-BAB4-0130A68B7F69}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{3920C4C8-05BE-45CE-BFB4-52109A583944}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{3CB5E709-125E-4D6A-A444-449390B67494}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{44EB28EE-5793-4F19-AC62-FF4298160AD7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{4849799C-D8E9-4360-8F9A-6B5F2BCC7EA4}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{4E8A529B-3D02-4A68-8792-F672673F3254}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5240730F-FDBC-4D44-B8E3-1FDBD302ADC5}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{56E808A1-BFD0-4B79-B567-B9FA848D697F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{605D2778-9FAA-4956-9AB6-DD110C672C78}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{60617173-AA68-492B-8813-0D5476C0A558}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{61FB8AD2-C831-45AB-9DFB-D685C3A8300D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{62F27534-2769-4D2F-B42F-E96E62F64F44}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{65901CFC-D156-4C8F-90EA-C26D256CA195}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{66DD31F7-0DEB-4739-84CC-616869EC65DC}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{680F54D7-029A-4E6D-A823-476F1158863B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{68F6992D-6E9D-4F14-88EC-3E0B8BEC7EFF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6DD9BE23-4602-456C-8379-64E381654467}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{726F7159-FCF9-40B5-BE8E-C31FF9A9F882}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{73757FBC-BE93-4FA4-B7DB-90D5FEBA535D}" = protocol=6 | dir=out | app=system | 
"{7D214110-9E61-43D1-BD7C-40D6E9028C87}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{80C7DB17-8BF7-42FE-B1F8-F2A83B04CE7C}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{8126EE0A-75C5-4A84-A5E0-E84B5CECD48C}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{81C62302-9E38-4C08-9ADE-AF76E7E48218}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{8642AF85-31DC-4BB3-8E9D-1E478C224084}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{887F6C44-D5A0-4F96-8924-4298C220C996}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8CBC39CA-F810-4E56-AF13-9789EA4E1ED3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{9BE3C49E-D163-41F5-9BEE-74BF93E6244A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A1B9D165-31E5-41FF-8ACB-A12FAB9B9EC5}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{A5589677-56C4-46C1-A86B-1F0B5425786F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AB3FBA72-52C3-4476-9A38-230DBE05659B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B0C45C1F-614F-4901-B0B9-C7A1A7C1FF50}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{B442BAB4-04D6-4E7D-AD32-9DE447D4E1EA}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{B91164AB-C260-4829-A92E-5AC1D0DF27B2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{BC7833D1-AE4B-4CAB-BDD5-6EA587E5C763}" = protocol=6 | dir=out | app=system | 
"{C032E776-CD84-4B03-A493-C9203FAC1099}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{C1F1AC57-2101-476C-8EC6-9EACF212DFFE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{C30A7248-25E8-41C6-A663-70F126727C5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C5108E15-7603-43FB-A7CC-153F10554072}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{C75978A5-EB21-421E-9017-F2316B1B109A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C9CE749B-8FB1-47E3-BF08-C9678E97203C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CA299679-025F-4F66-AF5F-00EC1E27C47D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CE504808-152F-4073-8BB9-0F8E7C4D30C6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D3648D1D-2BA3-4973-9B7E-EDC907B6E342}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D7D27612-8814-4130-B5FE-B1586F253F7A}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{DA479BC0-6433-4B19-A6C5-CB681E87E8E0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{E5FE5156-248D-48EE-92FB-000978267B2E}" = dir=in | app=c:\users\marko\appdata\local\microsoft\skydrive\skydrive.exe | 
"{E8715BB0-E132-4617-B344-62E03BFE2C1C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E926E57D-011D-4F63-BCC5-FFCFDC28D091}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{EE790419-7287-4B3D-A35C-2BE8F3C328A9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{EFA98652-B437-42AA-B7D3-EFFD71ED4ECD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F14EC08B-4244-42E2-A0C2-453BB36704FE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{F7DCF881-DB9D-4779-8D1C-CCCBAC7C73FF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F8FC52ED-C86A-400E-93C2-9552C9CCB690}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{F9275720-A79A-41C5-B539-FDCBCF25D8FB}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe | 
"{F9552755-1899-4B63-9E99-212FDA7E907C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{FEAC4A29-1469-447C-B54F-3CD9CD56A5C5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{120EC191-78F8-CA89-3511-7E90C23F5261}" = AMD Catalyst Install Manager
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2D3471B9-8671-46F0-9947-4C0DB6234403}" = Treiber-Studio 2013
"{2D58E228-ACD8-0B8A-E1FF-D3F7020DA30F}" = AMD Media Foundation Decoders
"{31a52f2e-32e8-4c8f-9d99-6fd0c37c99ef}" = Gigaset QuickSync
"{377672F0-6B8A-467D-8DDC-79338BCCD531}" = 64 Bit HP CIO Components Installer
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{4D533F05-A3F6-F8A9-F1F6-FA6812089D36}" = AMD Drag and Drop Transcoding
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{66CF1DF9-1715-4325-89BC-76B1CA2EE3BE}" = Adobe Premiere Elements 11
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6C1A010F-9108-4162-A26F-9FEC4AC0F0F0}" = Adobe Photoshop Lightroom 5 64-bit
"{7660521A-062D-41F5-AA5E-CBA0E0511131}" = Treiber-Studio 2013
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{AA6F009F-0CCD-4DD6-A462-28419C101D54}" = HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4
"{AAE67184-CE3D-4B92-BD5D-1B448301BCCE}" = MAGIX Speed burnR (MSI)
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2012.SP5c
"{C37EA24C-8D95-468E-93B8-9724A84F4A64}" = O&O DriveLED Professional
"{CF2A565B-1504-BD48-51B5-1D88C621D8C6}" = ccc-utility64
"{E6277150-51D1-1D9F-1B9F-2D28985BE167}" = AMD Fuel
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FEA1590B-540A-41FC-A95C-664493C82A21}" = Classic Shell
"62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F" = Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Bullzip PDF Printer_is1" = Bullzip PDF Printer 9.3.0.1516
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.59
"CyberGhost VPN_is1" = CyberGhost VPN
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Logitech Unifying" = Logitech Unifying-Software 2.10
"MediaCoder x64" = MediaCoder x64 0.8.25.5553
"Mediencenter Software" = Mediencenter Assistent
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Ocster Backup" = Ocster Backup Pro
"PremElem110" = Adobe Premiere Elements 11
"ProfessionalRetail - de-de" = Microsoft Office Professional 2013 - de-de
"Send To Toys_is1" = Send To Toys v2.61
"Sn1" = Logitech Flow Scroll 4.0
"sp6" = Logitech SetPoint 6.32
"Unknown Device Identifier_is1" = Unknown Device Identifier 8.00
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0309F85C-B1CC-DA9F-D184-FE93CCF08E1D}" = Application Profiles
"{06C265CF-F924-491E-8E6C-288460CB5E30}" = Desk Drive
"{0C808377-8C23-44ED-9016-05F42E6D4900}" = Nokia Suite
"{0CC1B2D9-B316-4AE3-902D-EA9A15E0DCF4}_is1" = Audio 180%
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{10EBB586-D21E-60CA-0856-AA753EBE1F16}" = Application Profiles
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{183F67DB-676D-9629-BB8D-5D91CFC5880C}" = CCC Help Chinese Traditional
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1A21C23B-1049-036F-538C-40827D35D35B}" = CCC Help Czech
"{1D181764-DCD0-41B8-AA7B-0A599F027A72}" = Adobe Photoshop Elements 11
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{21EF236B-A428-0641-0A9A-6A9A74BA1996}" = CCC Help Finnish
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 2011 Kompakt 2nd Edition
"{29373274-977E-413C-A4DE-DC0F8E80C429}" = Nokia Connectivity Cable Driver
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{2E7170BC-A6CB-3C69-A940-A07834EAE1E8}" = CCC Help Italian
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3450767E-DD72-E31C-CCA5-8F45FF5FCE08}" = AMD VISION Engine Control Center
"{36F8DBEE-9A1C-44B7-849C-BD2508F2C7F8}_is1" = Fahrtenbuch professionell
"{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}" = Perfect Effects 4.0.4
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{3A027737-A119-FABD-4C43-8385D57FC450}" = Catalyst Control Center Localization All
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1" = Ashampoo WinOptimizer 10 v.10.2.5
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45017FF9-8ABB-DFDE-6BFD-43C8D89277F4}" = CCC Help Norwegian
"{494642A2-96C3-FBF9-A43D-41D78A82AE15}" = CCC Help Hungarian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AAD21AD-EE06-46C9-8B57-28D53DF9FB06}_is1" = NTRIP
"{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1" = Ashampoo Home Designer Pro v.1.0.1
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4FD6306A-E967-F286-DBA1-2A3C26833A2C}" = CCC Help French
"{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1" = Data Lifeguard Diagnostic for Windows 1.24
"{537575D6-3B96-474C-BD8F-DFF667363DBD}" = Naviextras Toolbox Prerequesities
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5A0D71BC-3AB0-4BC1-B241-CABE11EEE731}" = DxO Optics Pro 5.3.5
"{5BA86B8D-D29E-071C-5D7B-E579A54698AD}" = CCC Help Spanish
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{68E6762C-20CA-41B2-8720-1B178B2C6AED}" = DxO FilmPack 2.0
"{69742A9A-B7C4-433B-98B2-53D597598793}_is1" = Inpaint 3 Installation & Registrierung
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}" = PC Connectivity Solution
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{718B4425-80EA-4F64-A05C-48285CE63F73}" = AMD System Monitor
"{71A79918-3497-16D0-3497-E3356F5EE5FB}" = CCC Help Chinese Standard
"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73F59F3E-E753-4D3D-B123-B497B74A549A}_is1" = MadAppLauncher version 1.10.0.0
"{76D0F60C-D265-CFA4-2E06-41E434F9EB41}" = CCC Help Thai
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78FD6E08-6996-7EBF-E3F8-905836E7C220}" = CCC Help Dutch
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{79A3E8B6-37C0-5F75-7E7D-F4D6FB512329}" = CCC Help Japanese
"{7ACB3CAB-68EC-4DCE-8597-50B4DC558F94}" = COMPUTERBILD-Abzockschutz
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{840CAC48-BDE6-490C-AA34-904E10AB1261}_is1" = DeskDrive Version 1.8.5
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8B526040-C3BE-5E3F-E6C1-C01BD32BA2C6}" = CCC Help Greek
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{9068D15E-25B4-EC21-9BC4-8DBD52722F8E}" = CCC Help Russian
"{91B33C97-7650-0EB0-B6C7-DDBA2932B7B4}_is1" = Ashampoo Music Studio 4 v.4.1.0
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.5
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98613C99-1399-416C-A07C-1EE1C585D872}" = SeaTools for Windows
"{987B04C4-B5AC-4AD6-A7E9-8D681085B850}" = AMD USB Filter Driver
"{98CE8819-87AA-4814-8167-ADDDD513485F}" = PSE11 STI Installer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC11D9A-6DCD-4064-8363-63914A0122AB}" = C4500
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA46B5F5-6E96-A623-5AB4-93BE56BEBB28}" = CCC Help Danish
"{AAE31374-02C2-452E-88EC-2F16D92731A9}" = MAGIX Screenshare
"{AC4BBB17-A837-3B36-83D8-7DFC90505F95}" = CCC Help Portuguese
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{B614E5FA-6DA4-45A1-845C-52F870240A89}" = PRE11 STI 64Installer
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{B94CD252-ACBB-36C7-133D-94BB87D70F91}" = Catalyst Control Center InstallProxy
"{BC8CEB2B-647B-BBF1-3923-6250AFA64081}" = CCC Help Polish
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CF408B76-8698-4298-B549-5E6A94931B64}" = PS_AIO_04_C4500_Software_Min
"{D4D065E1-3ABF-41D0-B385-FC6F027F4D00}" = Elements 11 Organizer
"{D6C9AF27-9414-46C8-B9D8-D878BA041031}" = Nero 8
"{D73E5C3C-6975-6957-3799-AB306D8189B0}" = CCC Help Korean
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DF0EBC9C-E2AC-4319-9C69-DC473BBDA319}" = DxO Optics Pro 6
"{E05B61A8-A743-57ED-C0BA-6332CC6452FF}" = CCC Help German
"{E22F5B3F-6D82-7354-F199-0EFFDCC4DD33}" = CCC Help Swedish
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{F0319215-C109-C2C9-ECBC-3F08C50E59B3}" = CCC Help Turkish
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{FBE18FE1-05A4-C5AD-571A-74BC335FDDC6}" = CCC Help English
"{FC279721-37A6-4777-AFD8-7A56681EBA14}" = PDF Experte 8 Ultimate
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Adobe Photoshop Elements 11" = Adobe Photoshop Elements 11
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20
"Ashampoo Music Studio 4_is1" = Ashampoo Music Studio 4 v.4.0.5
"Ashampoo Photo Commander 10_is1" = Ashampoo Photo Commander 10 v.10.1.1
"Ashampoo Snap 5_is1" = Ashampoo Snap 5 v.5.1.5
"Ashampoo Video Styler 2013_is1" = Ashampoo Video Styler 2013 v.1.0.1
"Avira AntiVir Desktop" = Avira Free Antivirus
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Content Manager 2" = Content Manager 2
"DAEMON Tools Lite" = DAEMON Tools Lite
"DateiCommander 13.0 Basic_is1" = DateiCommander13 Basic
"DivX Setup" = DivX-Setup
"DPP" = Canon Utilities Digital Photo Professional 3.8
"EOS Utility" = Canon Utilities EOS Utility
"FileBox eXtender" = FileBox eXtender
"FileZilla Client" = FileZilla Client 3.5.3
"FolderVisualizer_is1" = FolderVisualizer
"GeoSetter_is1" = GeoSetter 3.4.16
"HP Photo Creations" = HP Photo Creations
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.21
"MAGIX_{AAE67184-CE3D-4B92-BD5D-1B448301BCCE}" = MAGIX Speed burnR (MSI)
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MEDION NAS TOOL" = MEDION NAS TOOL
"Miso" = Miso 1.0
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.57
"Nokia Suite" = Nokia Suite
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5b
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Q-Dir" = Q-Dir
"Rainmeter" = Rainmeter
"SmartToolsAdress-Assistentv3.50" = SmartTools Publishing • Outlook Adress-Assistent
"SmartToolsAdressfenster-Assistentv2.50" = SmartTools Publishing • Word Adressfenster-Assistent
"SmartToolsAutoBackupv2.50" = SmartTools Publishing • Excel AutoBackup
"ST6UNST #1" = BEWERBUNGSMASTER
"ST6UNST #2" = BEWERBUNGSMASTER (e:\Programme\BEWERBUNGSMASTER\)
"WFTK" = Canon Utilities WFT Utility
"XnView Shell Extension_is1" = XnView Shell Extension 3.2.0 (64bits)
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.18
"Mediencenter" = Mediencenter 3.8.1.2208
"Mozilla Firefox 23.0.1 (x86 de)" = Mozilla Firefox 23.0.1 (x86 de)
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 09.09.2013 09:27:18 | Computer Name = Kobolt | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Marko\Downloads\esetsmartinstaller_enu.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 09.09.2013 16:32:41 | Computer Name = Kobolt | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 11.09.2013 03:29:17 | Computer Name = Kobolt | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 11.09.2013 04:37:48 | Computer Name = Kobolt | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 15.09.2013 05:27:09 | Computer Name = Kobolt | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 16.09.2013 07:23:29 | Computer Name = Kobolt | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 16.09.2013 08:06:42 | Computer Name = Kobolt | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Programme\Nero\Nero\Nero8\Nero
 Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine
 für die Anwendung erforderliche Komponentenversion steht in Konflikt mit  einer anderen,
 bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.  Komponente
 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error - 16.09.2013 08:06:43 | Computer Name = Kobolt | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Programme\Nero\Nero\Nero8\Nero
 PhotoSnap\PhotoSnap.exe". Fehler in  Manifest- oder Richtliniendatei "" in Zeile 
.  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit  einer
 anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.  Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 16.09.2013 08:06:43 | Computer Name = Kobolt | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "E:\Programme\Nero\Nero\Nero8\Nero
 PhotoSnap\PhotoSnapViewer.exe". Fehler in  Manifest- oder Richtliniendatei "" in 
Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error - 18.09.2013 08:51:25 | Computer Name = Kobolt | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
[ System Events ]
Error - 18.09.2013 08:51:35 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
Error - 18.09.2013 08:51:35 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 18.09.2013 08:51:35 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
Error - 18.09.2013 08:51:35 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 18.09.2013 08:54:01 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
Error - 18.09.2013 08:54:01 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 18.09.2013 08:54:01 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 18.09.2013 08:54:01 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
Error - 18.09.2013 08:54:01 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 18.09.2013 08:54:01 | Computer Name = Kobolt | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
 
< End of report >
         
__________________

Alt 18.09.2013, 15:57   #19
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Das log-file von OTL musste ich trennen!

Teil 1

Code:
ATTFilter
OTL logfile created on: 18.09.2013 15:08:33 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 5,68 Gb Available Physical Memory | 71,07% Memory free
15,99 Gb Paging File | 13,43 Gb Available in Paging File | 83,96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 104,75 Gb Total Space | 24,29 Gb Free Space | 23,19% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 401,88 Gb Free Space | 86,28% Space Free | Partition Type: NTFS
Drive E: | 41,22 Gb Total Space | 11,65 Gb Free Space | 28,26% Space Free | Partition Type: NTFS
Drive F: | 180,27 Gb Total Space | 43,81 Gb Free Space | 24,30% Space Free | Partition Type: NTFS
Drive G: | 89,52 Gb Total Space | 16,88 Gb Free Space | 18,86% Space Free | Partition Type: NTFS
Drive H: | 50,00 Gb Total Space | 27,10 Gb Free Space | 54,20% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 21,68 Gb Free Space | 2,33% Space Free | Partition Type: NTFS
Drive P: | 1907,32 Gb Total Space | 1885,23 Gb Free Space | 98,84% Space Free | Partition Type: FAT32
 
Computer Name: KOBOLT | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.09.18 15:04:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
PRC - [2013.09.04 11:36:37 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
PRC - [2013.09.04 11:36:27 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.09.04 11:36:27 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- E:\Programme\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012.08.28 08:41:08 | 000,092,632 | ---- | M] (TomTom) -- E:\Programme\TomTom\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.04.23 15:42:36 | 006,082,560 | ---- | M] (Visagesoft) -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe
PRC - [2011.09.16 15:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- e:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.04.11 20:06:12 | 000,517,120 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfeditor160.bpl
MOD - [2012.04.11 20:06:12 | 000,097,280 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\expertpdfcore160.bpl
MOD - [2012.04.11 20:06:10 | 004,680,704 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfcore160.bpl
MOD - [2012.04.11 20:06:08 | 002,478,080 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsvector160.bpl
MOD - [2012.04.11 20:06:08 | 000,064,512 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsprinters160.bpl
MOD - [2012.04.11 20:06:08 | 000,064,512 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprinter160.bpl
MOD - [2012.04.11 20:06:06 | 000,087,552 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspropsaver160.bpl
MOD - [2012.04.11 20:06:04 | 002,693,120 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\bblite160.bpl
MOD - [2012.04.11 20:06:04 | 002,253,824 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\PKIECtrl160.bpl
MOD - [2012.04.11 20:06:02 | 001,186,816 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\TMSlite160.bpl
MOD - [2012.02.23 16:11:28 | 000,025,088 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vstrees160.bpl
MOD - [2011.09.30 19:10:22 | 000,684,032 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\js32.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.07.22 00:25:30 | 001,901,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.04.26 11:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (LanmanWorkstation)
SRV - [2013.09.04 11:36:37 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.09.04 11:36:29 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- E:\Programme\Antivir\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.09.04 11:36:27 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.07.02 17:21:20 | 000,023,720 | ---- | M] () [Auto | Running] -- e:\Programme\Ocster Backup\bin\backupService-ox.exe -- (ocster_backup)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.16 22:09:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- E:\Programme\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.08.28 08:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- E:\Programme\TomTom\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.08.06 13:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\ATI\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.12.05 22:16:03 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
SRV - [2011.11.23 14:02:07 | 000,012,800 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- E:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe -- (MCSWASVR)
SRV - [2011.09.16 01:16:48 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- e:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.08.24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [Auto | Running] -- E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe -- (DfSdkS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.05 02:09:02 | 000,068,760 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- E:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2013.09.04 11:36:39 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.09.04 11:36:39 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.07.29 14:31:56 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.03.06 16:13:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.22 07:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.27 20:39:20 | 000,226,696 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2012.08.27 20:39:16 | 000,107,912 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.06.05 14:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2012.04.12 01:30:00 | 000,708,200 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.30 16:49:08 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 20:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.11.04 16:13:22 | 000,059,184 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011.11.04 16:13:20 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011.11.04 16:13:20 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011.11.04 16:13:18 | 000,039,728 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.09.21 11:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011.09.02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.03.02 17:48:56 | 000,030,800 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\OODrvled.sys -- (oodrvled)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 03:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.29 17:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.21 17:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2009.12.21 17:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2009.10.07 12:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 12:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.20 04:27:34 | 000,027,136 | ---- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.04 18:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.02.20 18:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
DRV:64bit: - [2007.12.03 04:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2000.01.01 02:00:00 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2000.01.01 02:00:00 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2000.01.01 02:00:00 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV - [2012.10.09 16:22:55 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.03.05 17:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\ATI\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.02.01 13:47:46 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.02.01 13:43:38 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- E:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.10.05 17:07:28 | 000,072,608 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\TPkd.sys -- (TPkd)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.jan-records.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 F8 97 CE 93 04 CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{B8043587-EBE9-4754-9E02-4BD5899FE7BA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=971163&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: DeviceDetection%40logitech.com:1.24.0.9
FF - prefs.js..extensions.enabledAddons: maps%40ovi.com:5.9.2.0
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: %7B5D3F3872-91E9-4d59-AD9F-AA174A3145DD%7D:4.00.33
FF - prefs.js..extensions.enabledAddons: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:3.9
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.7.0
FF - prefs.js..extensions.enabledAddons: %7Bd49175b3-3fd8-43b8-b28e-da5d47f3c398%7D:1.0.51
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.182
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130915
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: E:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: e:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: e:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: E:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012.04.19 15:08:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.09.14 09:48:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: e:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.09.02 17:15:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: e:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: e:\Programme\Mozilla Firefox\plugins [2013.08.18 14:19:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.09.14 09:48:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: E:\Programme\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: E:\Programme\Mozilla Firefox\plugins [2013.08.18 14:19:58 | 000,000,000 | ---D | M]
 
[2012.08.03 13:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions
[2012.08.03 13:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.09.15 12:49:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions
[2013.09.15 12:49:35 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.08.28 13:20:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.04.19 14:55:30 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\DeviceDetection@logitech.com
[2013.04.16 21:36:24 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\fb_add_on@avm.de
[2012.05.25 16:40:50 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\maps@ovi.com
[2013.08.21 16:06:56 | 000,346,097 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\langpack-de@firefox.mozilla.org.xpi
[2013.08.25 17:31:49 | 000,149,240 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.02.12 15:27:59 | 000,328,332 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
[2013.08.15 12:00:58 | 000,395,932 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
[2011.12.05 22:33:54 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012.03.05 16:40:50 | 000,000,003 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\maps@ovi.com\plugins\package.XPI
[2012.04.19 15:08:03 | 000,000,000 | ---D | M] (Logitech Flow Scroll) -- C:\PROGRAM FILES\LOGITECH\FLOWSCROLL\LOGISMOOTHFIREFOXEXT
[2013.09.02 17:15:46 | 000,000,000 | ---D | M] (No name found) -- E:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
 
O1 HOSTS File: ([2013.09.05 15:38:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - e:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Classic Start Menu] E:\Programme\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [EvtMgr6] E:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Ocster Backup] E:\Programme\Ocster Backup\bin\backupClient-ox.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] e:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\ATI\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vspdfprsrv.exe] e:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe (Visagesoft)
O4 - HKCU..\Run: [AmazonMP3DownloaderHelper] C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKCU..\Run: [BrowserMask] E:\Programme\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4 - HKCU..\Run: [DeskDriveStartup] E:\Programme\Blue Onion Software\Desk Drive\DeskDrive.exe (Blue Onion Software)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk = C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = E:\Programme\Rainmeter\Rainmeter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - E:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - E:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{439A6B06-4174-4A81-B708-0B408A600E04}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D357B98D-C73F-4A93-BF6C-65F5C3794884}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.18 15:04:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.09.09 15:00:48 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Polli
[2013.09.06 12:18:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.09.06 11:32:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.06 11:00:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.09.06 11:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.09.06 11:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.09.06 11:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.05 15:40:12 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.09.05 15:26:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.09.05 15:26:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.09.05 15:26:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.09.05 15:26:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.05 15:26:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.09.05 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Trojaner-Board
[2013.09.04 14:22:03 | 000,000,000 | ---D | C] -- C:\FRST
[2013.08.29 08:53:12 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Hausbau
[2013.08.28 16:21:52 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Avira
[2013.08.28 16:18:51 | 000,081,112 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.08.28 16:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.08.28 16:17:09 | 000,132,088 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.08.28 16:17:09 | 000,105,344 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.08.28 16:17:09 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.08.28 16:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.08.26 14:38:50 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Kaspersky
[2013.08.25 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\BewerbungsMaster
[2013.08.25 18:14:01 | 000,000,000 | ---D | C] -- C:\Users\Marko\Documents\BewerbungsMaster
[2013.08.25 18:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
[2013.08.25 18:13:16 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
[2013.08.25 17:23:38 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Nick_Ausbildung
[2013.08.22 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\dvdcss
[2013.08.22 14:58:17 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
[2013.08.22 14:58:05 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Broad Intelligence
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.18 15:17:47 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013.09.18 15:15:04 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.18 15:04:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.09.18 15:01:32 | 000,015,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.18 15:01:32 | 000,015,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.18 14:52:05 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.18 14:51:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.16 19:30:30 | 000,076,305 | ---- | M] () -- C:\Windows\SysNative\log.xml
[2013.09.16 19:30:30 | 000,000,008 | ---- | M] () -- C:\Windows\SysNative\log-suffix.xml
[2013.09.11 10:37:18 | 003,584,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.09 15:25:00 | 001,622,098 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.09 15:25:00 | 000,700,370 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.09 15:25:00 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.09 15:25:00 | 000,149,184 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.09 15:25:00 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.05 15:38:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.09.04 14:08:33 | 000,000,344 | ---- | M] () -- C:\Users\Marko\defogger_reenable
[2013.09.04 11:36:39 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.09.04 11:36:39 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.09.04 11:36:39 | 000,081,112 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.09.02 17:15:46 | 000,000,787 | ---- | M] () -- C:\Users\Marko\Desktop\DivX Movies.lnk
[2013.09.02 17:15:40 | 000,000,754 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.08.29 20:08:36 | 000,001,066 | ---- | M] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
[2013.08.26 14:53:05 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2013.08.23 20:20:08 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\One-Click Optimizer.job
[2013.08.23 13:05:58 | 000,001,147 | ---- | M] () -- C:\Users\Marko\Desktop\Mediencenter.lnk
[2013.08.23 13:05:58 | 000,001,139 | ---- | M] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
[2013.08.22 14:58:17 | 000,000,687 | ---- | M] () -- C:\Users\Marko\Desktop\MediaCoder x64.lnk
[2013.08.22 14:33:38 | 000,018,944 | ---- | M] () -- C:\Users\Marko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.22 14:30:49 | 000,000,124 | ---- | M] () -- C:\Users\Marko\Documents\ax_files.xml
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.09.05 15:26:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.09.05 15:26:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.09.05 15:26:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.09.05 15:26:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.09.05 15:26:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.09.04 14:08:33 | 000,000,344 | ---- | C] () -- C:\Users\Marko\defogger_reenable
[2013.09.02 17:15:46 | 000,000,787 | ---- | C] () -- C:\Users\Marko\Desktop\DivX Movies.lnk
[2013.09.02 17:15:40 | 000,000,754 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.08.29 20:08:36 | 000,001,066 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
[2013.08.22 14:58:17 | 000,000,687 | ---- | C] () -- C:\Users\Marko\Desktop\MediaCoder x64.lnk
[2013.06.24 16:22:35 | 000,000,132 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
[2013.06.07 10:07:28 | 000,000,019 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Network Meter_Usage.ini
[2013.02.28 21:03:46 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll
[2012.11.01 19:48:10 | 011,624,448 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Sandra.mdb
[2012.10.22 14:54:56 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\UNRAR.DLL
[2012.10.22 14:54:56 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\UNACEV2.DLL
[2012.10.01 17:08:09 | 000,000,624 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.09.14 11:41:21 | 000,019,159 | ---- | C] () -- C:\Windows\hpqins13.dat.temp
[2012.09.14 11:40:35 | 000,019,159 | ---- | C] () -- C:\Windows\hpqins13.dat
[2012.09.14 11:19:19 | 000,181,225 | ---- | C] () -- C:\Windows\hpoins29.dat.temp
[2012.09.14 11:19:19 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp
[2012.09.14 10:01:52 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012.09.14 09:46:47 | 000,221,040 | ---- | C] () -- C:\Windows\hpoins30.dat
[2012.09.14 09:46:47 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2012.08.29 22:00:20 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.08.15 11:58:52 | 000,000,021 | ---- | C] () -- C:\Users\Marko\AppData\Local\mc.pixel.data
[2012.05.22 11:07:10 | 000,091,136 | ---- | C] () -- C:\Windows\SendToClip.exe
[2012.04.26 22:38:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.28 17:41:26 | 000,725,514 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\unins000.exe
[2012.02.28 17:41:26 | 000,559,104 | ---- | C] () -- C:\Windows\SysWow64\lame.exe
[2012.02.28 17:41:26 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.02.28 17:41:26 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2012.02.28 17:41:26 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2012.02.28 17:41:26 | 000,007,232 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\unins000.dat
[2012.02.01 13:17:14 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.03 18:30:21 | 000,018,944 | ---- | C] () -- C:\Users\Marko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.30 19:51:46 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.12.28 18:56:34 | 001,599,056 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.09 14:00:24 | 000,007,597 | ---- | C] () -- C:\Users\Marko\AppData\Local\Resmon.ResmonCfg
[2011.12.09 13:08:03 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.12.06 19:30:03 | 000,010,349 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2011.12.06 16:22:02 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.05 21:44:45 | 000,000,412 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\All CPU Meter_Settings.ini
[2011.12.05 21:03:06 | 000,180,939 | ---- | C] () -- C:\Windows\hpoins29.dat
[2011.12.05 21:03:06 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2011.12.05 18:35:13 | 000,017,408 | ---- | C] () -- C:\Users\Marko\AppData\Local\WebpageIcons.db
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.06.27 13:53:01 | 000,002,855 | ---- | C] () -- C:\Users\Marko\log.xml
[2011.06.27 13:53:01 | 000,000,008 | ---- | C] () -- C:\Users\Marko\log-suffix.xml
[2008.12.27 20:33:10 | 000,001,024 | ---- | C] () -- C:\Users\Marko\.rnd
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.07.24 15:09:10 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Amazon
[2012.05.22 09:40:32 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\AntiBrowserSpy 2009
[2013.07.25 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Ashampoo
[2012.06.04 22:22:23 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\becker
[2013.08.22 14:58:05 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Broad Intelligence
[2012.02.01 10:36:17 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Canon
[2012.08.13 13:45:38 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.08.03 17:26:09 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.02.28 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\concept design
[2012.11.07 14:31:42 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\DAEMON Tools Lite
[2012.10.22 15:33:01 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Dateicommander
[2012.04.17 13:42:53 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\DxO Labs
[2012.04.17 13:43:05 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\DxO_Labs
[2013.03.20 14:14:11 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\EurekaLog
[2012.08.16 13:49:03 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\FileZilla
[2011.12.20 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Foxit Software
[2012.02.28 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Franzis
[2013.07.10 14:18:11 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\GeoSetter
[2012.05.22 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Hyperionics
[2012.09.13 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\IT-Service Christian Hau (www.a-bit-more.de)
[2012.09.13 22:13:10 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\IT-Service Christian Hau - www.a-bit-more.de
[2013.03.08 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\KeePass
[2012.01.03 21:55:41 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Leadertech
[2012.11.30 10:51:40 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\MAGIX
[2012.03.12 17:56:46 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\map&guide
[2013.08.19 14:00:16 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Memeo
[2013.09.02 17:43:47 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Mp3tag
[2013.01.25 15:12:58 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\NetSpeedMonitor
[2011.12.06 19:47:32 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Nitro PDF
[2012.12.11 18:26:56 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\No Company Name
[2012.07.24 12:02:42 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Nokia
[2012.07.24 12:01:51 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Nokia Suite
[2012.05.24 08:25:37 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\OfficeRecovery
[2012.05.24 08:25:37 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\OfficeRecovery.b3c38332
[2013.08.29 16:39:56 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\onOne Software
[2012.04.17 13:40:41 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PACE Anti-Piracy
[2012.09.17 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PC Suite
[2012.09.25 17:35:55 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PDAppFlex
[2013.03.18 22:57:12 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PDF Experte 8
[2013.01.14 16:07:53 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PDF Writer
[2011.12.06 19:35:21 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Q-Dir
[2013.03.13 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Rainmeter
[2012.01.04 18:37:52 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Samsung
[2012.05.24 08:57:51 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\SmartTools
[2013.04.21 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Telekom
[2012.08.03 13:09:55 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\TomTom
[2012.09.14 10:49:44 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Visan
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 05:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\Windows\CurrentVersion\Telephony\Providers >
"ProviderID0" = 1
"ProviderID1" = 2
"ProviderID2" = 3
"ProviderID3" = 4
"NextProviderID" = 5
"ProviderFileName0" = unimdm.tsp -- [2010.11.20 05:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation)
"ProviderFileName1" = kmddsp.tsp -- [2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation)
"ProviderFileName2" = ndptsp.tsp -- [2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation)
"ProviderFileName3" = hidphone.tsp -- [2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation)
"NumProviders" = 4
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation /S >
"DisplayName" = Arbeitsstationsdienst
"Group" = NetworkProvider
"ImagePath" = %SystemRoot%\System32\svchost.exe -k NetworkService -- [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%systemroot%\system32\wkssvc.dll,-101
"ObjectName" = NT AUTHORITY\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = BowserMRxSmb10MRxSmb20NSI [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeChangeNotifyPrivilegeSeImperson [Binary data over 200 bytes]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Linkage]
"Bind" = \Device\Smb_Tcpip_{72EA0A8B-701E-4 [Binary data over 200 bytes]
"Route" = "Smb" "Tcpip" "{72EA0A8B-701E-4632 [Binary data over 200 bytes]
"Export" = \Device\LanmanWorkstation_Smb_Tcpi [Binary data over 200 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\NetworkProvider]
"DeviceName" = \Device\LanmanRedirector
"Name" = Microsoft Windows Network
"DisplayName" = @%systemroot%\system32\wkssvc.dll,-102
"ProviderPath" = %SystemRoot%\System32\ntlanman.dll -- [2010.11.20 05:20:48 | 000,069,120 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanWorkstation\Parameters]
"ServiceDllUnloadOnStop" = 1
"EnablePlainTextPassword" = 0
"EnableSecuritySignature" = 1
"RequireSecuritySignature" = 0
"OtherDomains" =  [binary data]
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache /S >
"DisplayName" = @%SystemRoot%\System32\dnsapi.dll,-101
"Group" = TDI
"ImagePath" = %SystemRoot%\system32\svchost.exe -k NetworkService -- [2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\System32\dnsapi.dll,-102
"ObjectName" = NT AUTHORITY\NetworkService
"ErrorControl" = 1
"Start" = 2
"Type" = 32
"DependOnService" = Tdxnsi [binary data]
"ServiceSidType" = 1
"RequiredPrivileges" = SeChangeNotifyPrivilegeSeCreateGlobalPrivilege [binary data]
"FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 C0 D4 01 00 01 00 00 00 E0 93 04 00 00 00 00 00 00 00 00 00  [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters]
"ServiceDll" = %SystemRoot%\System32\dnsrslvr.dll
"ServiceDllUnloadOnStop" = 1
"extension" = %SystemRoot%\System32\dnsext.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Parameters\DnsCache]
"ShutdownOnIdle" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\Security]
"Security" = 01 00 14 80 F8 00 00 00 04 01 00 00 14 00 00 00 30 00 00 00 02 00 1C 00 01 00 00 00 02 80 14 00 FF 01 0F 00 01 01 00 00 00 00 00 01 00 00 00 00 02 00 C8 00 08 00 00 00 00 02 18 00 9D 01 02 00 01 02 00 00 00 00 00 05 20 00 00 00 21 02 00 00 00 02 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 02 14 00 FD 01 02 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 14 00 00 00 00 02 14 00 8D 00 02 00 01 01 00 00 00 00 00 05 13 00 00 00 00 02 18 00 CD 00 02 00 01 02 00 00 00 00 00 05 20 00 00 00 2C 02 00 00 00 02 28 00 CD 01 02 00 01 06 00 00 00 00 00 05 50 00 00 00 04 C9 44 AF 94 D9 D3 E5 2B E1 B7 1C 17 84 87 13 6E 1A FA 65 01 01 00 00 00 00 00 05 12 00 00 00 01 01 00 00 00 00 00 05 12 00 00 00  [Binary data over 200 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Dnscache\TriggerInfo\0]
"Type" = 4
"Action" = 1
"GUID" = 07 9E 56 B7 21 84 E0 4E AD 10 86 91 5A FD AD 09  [binary data]
"Data0" = 5355UDP [binary data]
"DataType0" = 2
 
< HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 05:20:56 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
"hpdevmgmt" = hpqcxs08hpqddsvc [binary data]
"Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data]
"Update-Service" = Update-Service [binary data]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost >
"netsvcs" = AeLookupSvcCertPropSvcSCPolicySv [Binary data over 200 bytes]
"LocalService" = RemoteRegistryWinHttpAutoProxySvc [Binary data over 200 bytes]
"LocalSystemNetworkRestricted" = NetmanAudioEndpointBuilderdot3sv [Binary data over 200 bytes]
"LocalServiceNoNetwork" = PLA [binary data] -- [2010.11.20 05:20:56 | 001,508,864 | ---- | M] (Microsoft Corporation)
"rpcss" = RpcSs [binary data]
"LocalServiceNetworkRestricted" = AudioSrvBthHFSrvLmHostswscsvcWPCSvc [binary data]
"LocalServiceAndNoImpersonation" = SSDPSRVupnphostSCardSvrTBSQWAVEwcncsvc [binary data]
"DcomLaunch" = PowerPlugPlayDcomLaunch [binary data]
"NetworkService" = CryptSvcDHCPTermServiceDNSCache [Binary data over 200 bytes]
"imgsvc" = StiSvc [binary data]
"wcssvc" = WcsPlugInService [binary data] -- [2009.07.14 03:16:18 | 000,032,768 | ---- | M] (Microsoft Corporation)
"hpdevmgmt" = hpqcxs08hpqddsvc [binary data]
"Update-Service-Installer-Service" = Update-Service-Installer-Service [binary data]
"Update-Service" = Update-Service [binary data]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceAndNoImpersonation]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalServiceNoNetwork]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\LocalSystemNetworkRestricted]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\netsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkService]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopHyperVAgent]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\NetworkServiceRemoteDesktopPublishing]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\termsvcs]
 
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\wcssvc]
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Joosoft.com >
 
< %SystemRoot%\system32\*.tsp >
[2012.03.01 14:46:38 | 000,495,616 | ---- | M] (Gigaset Communications GmbH) -- C:\Windows\system32\Gqstsp.tsp
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.20 05:16:54 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[8 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
< %SystemRoot%\system32\*.tsp /64 >
[2012.03.01 14:53:22 | 000,794,112 | ---- | M] (Gigaset Communications GmbH) -- C:\Windows\SysNative\Gqstsp.tsp
[2009.07.14 03:38:54 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\hidphone.tsp
[2009.07.14 03:38:54 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kmddsp.tsp
[2009.07.14 03:38:54 | 000,060,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ndptsp.tsp
[2009.07.14 03:38:54 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\remotesp.tsp
[2010.11.20 06:24:26 | 000,321,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\unimdm.tsp
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
< C:\Windows\system32\*.dll /600 >
[2012.08.23 13:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\aaclient.dll
[2012.07.04 22:30:30 | 013,008,896 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\amdocl.dll
[2012.04.06 03:06:04 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\amdpcom32.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
[2013.08.02 03:48:15 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.08.02 02:43:05 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
[2013.08.02 02:43:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
[2013.08.02 02:43:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.13 23:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.01.13 23:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.01.13 23:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.01.13 23:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.01.13 23:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.01.13 23:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.01.13 23:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
[2013.08.02 02:43:05 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
[2013.08.02 03:48:15 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\apisetschema.dll
[2012.04.06 04:14:20 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\system32\ati2edxx.dll
[2012.04.06 03:11:20 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\system32\atiadlxy.dll
[2012.04.06 03:30:06 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\aticalcl.dll
[2012.04.06 03:25:30 | 013,764,096 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\aticaldd.dll
[2012.04.06 03:30:14 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\aticalrt.dll
[2012.04.06 04:21:52 | 000,909,312 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\aticfx32.dll
[2012.04.06 04:13:42 | 006,800,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atidxx32.dll
[2012.04.06 03:10:52 | 000,033,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atigktxx.dll
[2012.04.06 03:11:04 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atiglpxx.dll
[2012.04.06 03:06:04 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atimpc32.dll
[2012.04.06 03:50:56 | 019,753,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\system32\atioglxx.dll
[2012.04.06 03:09:34 | 000,032,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atiu9pag.dll
[2012.04.06 03:34:04 | 006,203,392 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atiumdag.dll
[2012.04.06 03:34:50 | 001,831,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atiumdmv.dll
[2012.04.06 03:22:54 | 004,795,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atiumdva.dll
[2012.04.06 03:09:48 | 000,041,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\system32\atiuxpag.dll
[2012.12.16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\system32\atmfd.dll
[2012.12.16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\system32\atmlib.dll
[2013.02.27 06:49:24 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\authui.dll
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\browcli.dll
[2012.12.05 08:14:00 | 000,139,264 | ---- | M] (Bullzip) -- C:\Windows\system32\bzpdfc.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cdosys.dll
[2013.05.13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\certenc.dll
[2013.07.09 06:46:31 | 001,166,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\crypt32.dll
[2013.05.10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptdlg.dll
[2013.07.09 06:46:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptnet.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\cryptsvc.dll
[2013.01.13 21:37:57 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d2d1.dll
[2013.01.13 21:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10.dll
[2013.01.13 22:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10core.dll
[2013.01.13 21:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10level9.dll
[2013.01.13 22:22:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10warp.dll
[2013.01.13 21:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1.dll
[2013.01.13 22:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d10_1core.dll
[2013.04.26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\d3d11.dll
[2013.06.24 16:22:16 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\deployJava1.dll
[2012.10.09 19:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcore6.dll
[2012.10.09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dhcpcsvc6.dll
[2012.07.10 11:43:08 | 000,759,176 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLAV32.dll
[2012.07.10 11:43:08 | 000,157,064 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLCPY32.dll
[2012.07.10 11:43:08 | 000,226,696 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLDEV32.dll
[2012.11.27 21:58:25 | 000,120,200 | ---- | M] () -- C:\Windows\system32\DLLDEV32i.dll
[2012.07.10 11:43:06 | 000,218,504 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLDRV32.dll
[2012.07.10 11:43:06 | 000,099,720 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLIO32.dll
[2012.07.10 11:43:06 | 000,083,336 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLPNT32.dll
[2012.07.10 11:43:06 | 000,095,624 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLPRF32.dll
[2012.07.10 11:43:04 | 000,304,520 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\DLLRES32.dll
[2012.11.02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dpnet.dll
[2013.04.10 01:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\DWrite.dll
[2013.01.13 22:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxgi.dll
[2013.03.12 20:16:54 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtmsft.dll
[2013.03.12 20:16:54 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\dxtrans.dll
[2013.03.12 20:16:54 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\elshyph.dll
[2012.12.07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\gameux.dll
[2013.03.12 20:16:54 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\icardie.dll
[2013.03.12 20:16:54 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\IEAdvpack.dll
[2013.03.12 20:16:54 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieapfltr.dll
[2013.03.12 20:16:54 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iedkcs32.dll
[2013.08.10 05:58:05 | 013,761,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieframe.dll
[2013.03.12 20:16:54 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iepeers.dll
[2013.08.10 05:58:05 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iernonce.dll
[2013.08.10 05:58:06 | 002,048,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iertutil.dll
[2013.08.10 05:58:06 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesetup.dll
[2013.08.10 05:58:06 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\iesysprep.dll
[2013.08.10 05:58:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imagehlp.dll
[2013.03.12 20:16:54 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\imgutil.dll
[2013.03.12 20:16:54 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\inseng.dll
[2013.08.10 05:58:09 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript.dll
[2013.08.10 05:58:09 | 002,876,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jscript9.dll
[2013.08.10 05:58:09 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\jsproxy.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | M] () -- C:\Windows\system32\kdbsdk32.dll
[2012.08.11 01:56:14 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kerberos.dll
[2013.08.02 03:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kernel32.dll
[2013.08.02 03:50:42 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\KernelBase.dll
[2013.03.12 20:16:54 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\licmgr10.dll
[2013.08.10 05:58:21 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeeds.dll
[2013.03.12 20:16:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msfeedsbs.dll
[2013.08.10 05:58:23 | 014,332,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtml.dll
[2013.03.12 20:16:54 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmled.dll
[2013.03.12 20:16:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmler.dll
[2013.03.12 20:16:54 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mshtmlmedia.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msi.dll
[2013.03.12 20:16:54 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msls31.dll
[2013.01.04 08:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msmpeg2vdec.dll
[2013.03.12 20:16:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msrating.dll
[2012.08.23 15:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\MsRdpWebAccess.dll
[2012.08.23 10:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\mstscax.dll
[2012.11.01 06:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml3.dll
[2012.11.08 12:29:12 | 001,402,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml4.dll
[2012.11.01 06:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\msxml6.dll
[2012.11.20 06:51:09 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncrypt.dll
[2012.10.03 18:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ncsi.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netapi32.dll
[2012.10.03 18:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netcorehc.dll
[2012.10.03 18:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\netevent.dll
[2013.06.24 16:22:16 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\npDeployJava1.dll
[2013.08.02 03:51:23 | 001,292,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntdll.dll
[2013.08.02 02:45:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ntvdm64.dll
[2013.03.12 20:16:54 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\occache.dll
[2012.03.09 01:24:14 | 000,048,128 | ---- | M] (Khronos Group) -- C:\Windows\system32\OpenCL.dll
[2012.07.04 22:31:32 | 000,065,024 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\OpenVideo.dll
[2012.07.04 22:31:22 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\system32\OVDecode.dll
[2013.03.12 20:16:54 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\pngfilt.dll
[2012.05.04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qdvd.dll
[2013.06.04 06:53:07 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\qedit.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpcore.dll
[2012.08.23 13:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rdpendp_winip.dll
[2013.07.09 06:52:33 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\rpcrt4.dll
[2012.08.24 18:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\schannel.dll
[2012.08.24 18:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\secur32.dll
[2013.07.26 03:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shdocvw.dll
[2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\shell32.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\srclient.dll
[2012.08.24 18:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\sspicli.dll
[2012.07.10 11:43:04 | 000,071,048 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\system32\STRING32.dll
[2012.09.26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\synceng.dll
[2012.08.23 15:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tsgqec.dll
[2013.07.19 03:41:01 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\tzres.dll
[2013.01.13 21:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\UIAnimation.dll
[2013.03.12 20:16:54 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\url.dll
[2013.08.10 05:59:01 | 001,141,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\urlmon.dll
[2012.11.22 06:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\usp10.dll
[2013.03.12 20:16:54 | 000,523,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\vbscript.dll
[2013.03.12 20:16:54 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\webcheck.dll
[2013.04.26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\win32spl.dll
[2013.06.24 16:22:16 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\system32\WindowsAccessBridge-32.dll
[2013.04.17 09:02:06 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecs.dll
[2013.01.13 21:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WindowsCodecsExt.dll
[2013.08.10 05:59:10 | 001,767,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wininet.dll
[2013.07.09 06:52:10 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wintrust.dll
[2012.08.23 15:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wksprtPS.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wmi.dll
[2013.01.13 21:02:06 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMPhoto.dll
[2013.07.25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\WMVDECOD.DLL
[2013.08.02 03:50:42 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\wow32.dll
[2012.12.07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\Wpc.dll
[2013.01.13 20:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsGdiConverter.dll
[2013.01.13 19:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\XpsPrint.dll
[8 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.21 16:30:26 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.21 16:30:27 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.14 10:49:17 | 000,000,338 | ---- | C] () -- C:\Windows\Tasks\HP Photo Creations Communicator.job
[2013.07.29 14:57:22 | 000,000,370 | ---- | C] () -- C:\Windows\Tasks\One-Click Optimizer.job
         

Alt 18.09.2013, 15:57   #20
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Teil 2

Code:
ATTFilter
< C:\Windows\SysNative\*.dll /600 >
[2012.08.23 12:54:24 | 000,322,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.07.04 22:31:14 | 016,457,728 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\amdocl64.dll
[2012.04.06 03:06:08 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.08.02 04:12:18 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.08.02 04:12:18 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 04:12:19 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.08.02 04:12:19 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.08.02 04:12:19 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.08.02 04:12:19 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.08.02 04:12:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.08.02 04:12:20 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.08.02 04:12:20 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.08.02 04:12:20 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.13 22:35:18 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.01.13 22:32:07 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.01.13 22:35:31 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.01.13 22:31:41 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.01.13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.01.13 22:35:31 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.01.13 22:31:40 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.01.13 22:31:48 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.01.13 22:31:40 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-downlevel-version-l1-1-0.dll
[2013.08.02 04:12:20 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.08.02 04:12:20 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
[2013.02.27 07:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\appinfo.dll
[2012.04.06 03:11:28 | 000,514,560 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2012.04.06 03:30:08 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2012.04.06 03:29:54 | 016,090,624 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2012.04.06 03:30:16 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2012.04.06 04:20:04 | 001,067,520 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2012.04.06 04:16:52 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2012.04.06 03:54:46 | 007,479,296 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2012.04.06 04:14:26 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2012.04.06 03:11:06 | 000,017,408 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2012.04.06 03:11:00 | 000,041,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2012.04.06 03:11:04 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2012.04.06 03:06:08 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2012.04.06 04:14:30 | 000,021,504 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012.04.06 04:10:50 | 026,181,632 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2012.04.06 04:14:44 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012.04.06 03:09:42 | 000,044,544 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2012.04.06 03:23:24 | 007,431,680 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2012.04.06 03:34:34 | 004,731,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2012.04.06 03:35:24 | 001,120,768 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6v.dll
[2012.04.06 03:09:56 | 000,054,784 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2012.12.16 16:45:03 | 000,367,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.16 19:11:22 | 000,046,080 | ---- | M] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2013.02.27 07:48:00 | 001,930,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2012.07.05 00:13:27 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012.07.05 00:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\browser.dll
[2012.12.05 08:14:00 | 000,218,624 | ---- | M] (Bullzip) -- C:\Windows\SysNative\bzpdf.dll
[2013.01.23 10:31:52 | 000,166,912 | ---- | M] (Nokia) -- C:\Windows\SysNative\ccdcmbwux64.dll
[2012.06.06 08:02:54 | 001,133,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2013.05.13 07:50:40 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2012.04.06 04:00:10 | 000,064,000 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2013.07.09 07:46:20 | 001,472,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.05.10 07:49:27 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.07.09 07:46:20 | 000,139,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.07.09 07:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\cryptsvc.dll
[2013.08.02 04:12:47 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.01.13 21:10:36 | 003,928,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2013.01.13 21:20:04 | 001,238,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10.dll
[2013.01.13 21:38:21 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10core.dll
[2013.01.13 21:24:33 | 000,648,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll
[2013.01.13 21:51:30 | 002,565,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2013.01.13 21:20:42 | 000,194,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1.dll
[2013.01.13 21:38:39 | 000,333,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10_1core.dll
[2013.04.01 00:52:16 | 001,887,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2012.10.09 20:17:13 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.10.09 20:17:13 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.02 07:59:11 | 000,478,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dpnet.dll
[2012.08.13 17:25:14 | 000,149,504 | ---- | M] (Deutsche Telekom AG) -- C:\Windows\SysNative\DTAG.Mediencenter.ShellExtension.dll
[2013.04.03 00:51:57 | 001,643,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.01.13 21:49:17 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxgi.dll
[2013.03.12 20:16:54 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.03.12 20:16:54 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.03.12 20:16:54 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.01.13 21:58:28 | 001,175,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\FntCache.dll
[2012.12.07 15:15:31 | 002,746,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.03.12 20:16:54 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.03.12 20:16:54 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.03.12 20:16:54 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.03.12 20:16:54 | 000,270,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2013.08.10 07:20:55 | 015,404,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieframe.dll
[2013.03.12 20:16:54 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.08.10 07:20:55 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.08.10 07:20:55 | 002,647,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iertutil.dll
[2013.08.10 07:20:55 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.08.10 07:20:55 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.08.10 07:20:55 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.03.01 08:33:50 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.03.12 20:16:54 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.03.12 20:16:54 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.10.03 19:42:16 | 000,569,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iphlpsvc.dll
[2013.08.10 07:20:59 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.08.10 07:20:59 | 003,959,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.08.10 07:21:00 | 000,053,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsproxy.dll
[2012.01.31 07:02:26 | 000,021,504 | ---- | M] () -- C:\Windows\SysNative\kdbsdk64.dll
[2012.08.11 02:56:03 | 000,715,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kerberos.dll
[2013.08.02 04:13:34 | 001,161,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.08.02 04:13:34 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.03.12 20:16:54 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.05.14 07:26:34 | 000,956,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012.09.20 22:02:06 | 001,832,760 | ---- | M] (Logitech, Inc.) -- C:\Windows\SysNative\LogiLDA.DLL
[2012.08.24 20:03:09 | 001,448,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.08.10 07:21:15 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.12 20:16:54 | 000,052,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2013.08.10 07:21:17 | 019,246,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtml.dll
[2013.03.12 20:16:54 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.03.12 20:16:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.03.12 20:16:54 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2012.04.07 14:31:40 | 003,216,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2013.03.12 20:16:54 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.01.04 08:11:13 | 002,776,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msmpeg2vdec.dll
[2013.03.12 20:16:54 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.08.23 15:20:40 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.08.23 10:13:07 | 005,773,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.11.01 07:43:42 | 001,882,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3.dll
[2012.11.01 07:43:42 | 002,002,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msxml6.dll
[2012.11.20 07:48:49 | 000,307,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.10.03 19:44:16 | 000,216,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.07.05 00:16:43 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012.10.03 19:44:17 | 000,246,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.10.03 19:44:17 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.10.03 19:44:21 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlaapi.dll
[2012.10.03 19:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\nlasvc.dll
[2013.01.23 10:31:52 | 000,057,856 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdclsx64.dll
[2013.01.23 10:31:52 | 000,074,752 | ---- | M] (Nokia) -- C:\Windows\SysNative\nmwcdcoclsx64.dll
[2013.08.02 04:15:44 | 001,732,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2013.08.02 04:14:11 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.03.12 20:16:54 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.03.09 01:24:22 | 000,054,272 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.07.04 22:31:38 | 000,075,776 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OpenVideo64.dll
[2012.07.04 22:31:24 | 000,063,488 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\OVDecode64.dll
[2013.03.12 20:16:54 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.05.01 07:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\profsvc.dll
[2012.05.04 13:00:43 | 000,366,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.06.04 08:00:13 | 000,624,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2012.05.17 12:29:20 | 000,123,744 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64H.dll
[2012.05.17 12:29:20 | 000,433,504 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64H.dll
[2012.05.17 12:29:22 | 000,074,592 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64H.dll
[2012.05.17 12:29:22 | 000,141,152 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64H.dll
[2012.05.17 12:29:24 | 007,163,744 | ---- | M] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64H.dll
[2012.02.17 08:38:26 | 001,031,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012.04.26 07:41:55 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.08.23 11:51:57 | 003,174,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.08.23 12:51:14 | 000,228,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.08.23 15:24:57 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.08.23 16:13:11 | 000,243,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.04.26 07:41:56 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2013.07.09 07:51:16 | 001,217,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
[2012.04.12 01:30:00 | 000,074,344 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RtNicProp64.dll
[2012.04.12 01:30:00 | 000,107,552 | ---- | M] (Realtek Semiconductor Corporation) -- C:\Windows\SysNative\RTNUninst64.dll
[2012.08.24 20:05:03 | 000,340,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\schannel.dll
[2013.07.26 04:24:56 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\shell32.dll
[2012.05.05 10:36:55 | 000,503,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012.09.26 00:46:17 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.08.23 14:52:53 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.08.23 15:06:58 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.08.23 15:40:56 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.07.19 03:58:42 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tzres.dll
[2013.01.13 21:24:30 | 000,221,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\UIAnimation.dll
[2013.03.12 20:16:54 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.08.10 07:22:05 | 001,365,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\urlmon.dll
[2012.11.22 07:44:23 | 000,800,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.03.12 20:16:54 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.07.26 04:36:08 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013.03.12 20:16:54 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\webcheck.dll
[2013.04.26 07:51:36 | 000,751,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.04.17 08:24:46 | 001,424,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.01.13 21:25:04 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecsExt.dll
[2013.08.10 07:22:18 | 002,241,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2013.08.02 04:14:57 | 000,215,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.07.09 07:52:52 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012.08.23 15:17:54 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.03.01 08:28:47 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wmi.dll
[2013.01.13 20:32:43 | 000,465,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMPhoto.dll
[2013.07.25 11:25:54 | 001,888,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.08.02 04:15:03 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.08.02 04:15:03 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.08.02 04:15:03 | 000,362,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2012.12.07 15:20:16 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2012.06.03 00:19:23 | 000,701,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.03 00:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuaueng.dll
[2012.06.03 00:15:31 | 002,622,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.07.26 05:08:14 | 000,045,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.07.26 05:08:14 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.07.26 05:08:14 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFSvc.dll
[2012.04.22 13:51:40 | 002,152,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFUpdate_01009.dll
[2012.07.26 05:08:14 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.06.03 00:15:08 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.03 00:19:46 | 000,038,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.03 00:19:42 | 000,044,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.02 15:19:42 | 000,186,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2013.03.19 07:53:58 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.03.19 07:53:58 | 000,230,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wwansvc.dll
[2013.01.13 20:09:52 | 000,522,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.01.13 19:05:09 | 001,682,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
< C:\Windows\SysWOW64\*.dll /600 >
[2012.08.23 13:15:57 | 000,269,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\aaclient.dll
[2012.07.04 22:30:30 | 013,008,896 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWOW64\amdocl.dll
[2012.04.06 03:06:04 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\amdpcom32.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
[2013.08.02 03:48:14 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
[2013.08.02 03:48:15 | 000,005,120 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.08.02 03:48:15 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
[2013.08.02 03:48:15 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.08.02 02:43:05 | 000,004,608 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.08.02 02:43:05 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
[2013.08.02 02:43:05 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.13 23:16:42 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013.01.13 23:12:46 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013.01.13 23:17:02 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013.01.13 23:11:08 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013.01.13 23:17:03 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013.01.13 23:11:07 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013.01.13 23:11:21 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013.01.13 23:11:07 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
[2013.08.02 02:43:05 | 000,006,144 | -H-- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
[2013.08.02 03:48:15 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\apisetschema.dll
[2012.04.06 04:14:20 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWOW64\ati2edxx.dll
[2012.04.06 03:11:20 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\atiadlxy.dll
[2012.04.06 03:30:06 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWOW64\aticalcl.dll
[2012.04.06 03:25:30 | 013,764,096 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWOW64\aticaldd.dll
[2012.04.06 03:30:14 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWOW64\aticalrt.dll
[2012.04.06 04:21:52 | 000,909,312 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\aticfx32.dll
[2012.04.06 04:13:42 | 006,800,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atidxx32.dll
[2012.04.06 03:10:52 | 000,033,280 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atigktxx.dll
[2012.04.06 03:11:04 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiglpxx.dll
[2012.04.06 03:06:04 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atimpc32.dll
[2012.04.06 03:50:56 | 019,753,984 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWOW64\atioglxx.dll
[2012.04.06 03:09:34 | 000,032,256 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiu9pag.dll
[2012.04.06 03:34:04 | 006,203,392 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdag.dll
[2012.04.06 03:34:50 | 001,831,424 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdmv.dll
[2012.04.06 03:22:54 | 004,795,904 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiumdva.dll
[2012.04.06 03:09:48 | 000,041,984 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWOW64\atiuxpag.dll
[2012.12.16 16:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\atmfd.dll
[2012.12.16 16:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\SysWOW64\atmlib.dll
[2013.02.27 06:49:24 | 001,796,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\authui.dll
[2012.07.04 23:14:34 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\browcli.dll
[2012.12.05 08:14:00 | 000,139,264 | ---- | M] (Bullzip) -- C:\Windows\SysWOW64\bzpdfc.dll
[2012.06.06 07:03:06 | 000,805,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cdosys.dll
[2013.05.13 05:08:06 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\certenc.dll
[2013.07.09 06:46:31 | 001,166,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\crypt32.dll
[2013.05.10 05:20:54 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptdlg.dll
[2013.07.09 06:46:31 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptnet.dll
[2013.07.09 06:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\cryptsvc.dll
[2013.01.13 21:37:57 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d2d1.dll
[2013.01.13 21:46:25 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10.dll
[2013.01.13 22:08:43 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10core.dll
[2013.01.13 21:54:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10level9.dll
[2013.01.13 22:22:22 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10warp.dll
[2013.01.13 21:48:47 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1.dll
[2013.01.13 22:09:00 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d10_1core.dll
[2013.04.26 01:30:32 | 001,505,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\d3d11.dll
[2013.06.24 16:22:16 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\deployJava1.dll
[2012.10.09 19:40:31 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcore6.dll
[2012.10.09 19:40:31 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dhcpcsvc6.dll
[2012.07.10 11:43:08 | 000,759,176 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLAV32.dll
[2012.07.10 11:43:08 | 000,157,064 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLCPY32.dll
[2012.07.10 11:43:08 | 000,226,696 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLDEV32.dll
[2012.11.27 21:58:25 | 000,120,200 | ---- | M] () -- C:\Windows\SysWOW64\DLLDEV32i.dll
[2012.07.10 11:43:06 | 000,218,504 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLDRV32.dll
[2012.07.10 11:43:06 | 000,099,720 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLIO32.dll
[2012.07.10 11:43:06 | 000,083,336 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLPNT32.dll
[2012.07.10 11:43:06 | 000,095,624 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLPRF32.dll
[2012.07.10 11:43:04 | 000,304,520 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\DLLRES32.dll
[2012.11.02 07:11:31 | 000,376,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dpnet.dll
[2013.04.10 01:34:01 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\DWrite.dll
[2013.01.13 22:20:31 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxgi.dll
[2013.03.12 20:16:54 | 000,357,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtmsft.dll
[2013.03.12 20:16:54 | 000,226,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\dxtrans.dll
[2013.03.12 20:16:54 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\elshyph.dll
[2012.12.07 14:20:43 | 002,576,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\gameux.dll
[2013.03.12 20:16:54 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\icardie.dll
[2013.03.12 20:16:54 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\IEAdvpack.dll
[2013.03.12 20:16:54 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieapfltr.dll
[2013.03.12 20:16:54 | 000,242,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iedkcs32.dll
[2013.08.10 05:58:05 | 013,761,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieframe.dll
[2013.03.12 20:16:54 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iepeers.dll
[2013.08.10 05:58:05 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iernonce.dll
[2013.08.10 05:58:06 | 002,048,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iertutil.dll
[2013.08.10 05:58:06 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesetup.dll
[2013.08.10 05:58:06 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\iesysprep.dll
[2013.08.10 05:58:06 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ieui.dll
[2012.03.01 07:33:23 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imagehlp.dll
[2013.03.12 20:16:54 | 000,038,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\imgutil.dll
[2013.03.12 20:16:54 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\inseng.dll
[2013.08.10 05:58:09 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript.dll
[2013.08.10 05:58:09 | 002,876,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jscript9.dll
[2013.08.10 05:58:09 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\jsproxy.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | M] () -- C:\Windows\SysWOW64\kdbsdk32.dll
[2012.08.11 01:56:14 | 000,542,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kerberos.dll
[2013.08.02 03:50:41 | 001,114,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\kernel32.dll
[2013.08.02 03:50:42 | 000,274,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\KernelBase.dll
[2013.03.12 20:16:54 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\licmgr10.dll
[2013.08.10 05:58:21 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeeds.dll
[2013.03.12 20:16:54 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msfeedsbs.dll
[2013.08.10 05:58:23 | 014,332,928 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtml.dll
[2013.03.12 20:16:54 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmled.dll
[2013.03.12 20:16:54 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmler.dll
[2013.03.12 20:16:54 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mshtmlmedia.dll
[2012.04.07 13:26:29 | 002,342,400 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
[2013.03.12 20:16:54 | 000,158,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msls31.dll
[2013.01.04 08:11:21 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msmpeg2vdec.dll
[2013.03.12 20:16:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msrating.dll
[2012.08.23 15:47:20 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\MsRdpWebAccess.dll
[2012.08.23 10:19:01 | 004,916,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mstscax.dll
[2012.11.01 06:47:54 | 001,236,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml3.dll
[2012.11.08 12:29:12 | 001,402,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml4.dll
[2012.11.01 06:47:54 | 001,389,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msxml6.dll
[2012.11.20 06:51:09 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncrypt.dll
[2012.10.03 18:42:23 | 000,156,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ncsi.dll
[2012.07.04 23:16:56 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netapi32.dll
[2012.10.03 18:42:24 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netcorehc.dll
[2012.10.03 18:42:24 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\netevent.dll
[2013.06.24 16:22:16 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\npDeployJava1.dll
[2013.08.02 03:51:23 | 001,292,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntdll.dll
[2013.08.02 02:45:36 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\ntvdm64.dll
[2013.03.12 20:16:54 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\occache.dll
[2012.03.09 01:24:14 | 000,048,128 | ---- | M] (Khronos Group) -- C:\Windows\SysWOW64\OpenCL.dll
[2012.07.04 22:31:32 | 000,065,024 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWOW64\OpenVideo.dll
[2012.07.04 22:31:22 | 000,056,320 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWOW64\OVDecode.dll
[2013.03.12 20:16:54 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\pngfilt.dll
[2012.05.04 11:59:54 | 000,514,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qdvd.dll
[2013.06.04 06:53:07 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\qedit.dll
[2012.02.17 07:34:22 | 000,826,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpcore.dll
[2012.08.23 13:12:17 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rdpendp_winip.dll
[2013.07.09 06:52:33 | 000,663,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\rpcrt4.dll
[2012.08.24 18:57:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schannel.dll
[2012.08.24 18:57:40 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\secur32.dll
[2013.07.26 03:55:59 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shdocvw.dll
[2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\shell32.dll
[2012.05.05 09:46:52 | 000,043,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\srclient.dll
[2012.08.24 18:53:35 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\sspicli.dll
[2012.07.10 11:43:04 | 000,071,048 | ---- | M] (PoINT Software & Systems GmbH) -- C:\Windows\SysWOW64\STRING32.dll
[2012.09.26 00:47:43 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\synceng.dll
[2012.08.23 15:18:14 | 000,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tsgqec.dll
[2013.07.19 03:41:01 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\tzres.dll
[2013.01.13 21:53:14 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\UIAnimation.dll
[2013.03.12 20:16:54 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\url.dll
[2013.08.10 05:59:01 | 001,141,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\urlmon.dll
[2012.11.22 06:45:03 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\usp10.dll
[2013.03.12 20:16:54 | 000,523,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\vbscript.dll
[2013.03.12 20:16:54 | 000,204,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\webcheck.dll
[2013.04.26 06:55:21 | 000,492,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\win32spl.dll
[2013.06.24 16:22:16 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
[2013.04.17 09:02:06 | 001,230,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
[2013.01.13 21:53:58 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecsExt.dll
[2013.08.10 05:59:10 | 001,767,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wininet.dll
[2013.07.09 06:52:10 | 000,175,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wintrust.dll
[2012.08.23 15:46:20 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wksprtPS.dll
[2012.03.01 07:29:16 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wmi.dll
[2013.01.13 21:02:06 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMPhoto.dll
[2013.07.25 10:57:27 | 001,620,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WMVDECOD.DLL
[2013.08.02 03:50:42 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wow32.dll
[2012.12.07 14:26:17 | 000,308,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\Wpc.dll
[2013.01.13 20:34:58 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XpsGdiConverter.dll
[2013.01.13 19:26:42 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\XpsPrint.dll
[8 C:\Windows\SysWOW64\*.tmp files -> C:\Windows\SysWOW64\*.tmp -> ]
 
========== Files - Unicode (All) ==========
[2013.09.18 14:52:12 | 098,132,872 | ---- | M] ()(C:\Windows\SysWow64\???=) -- C:\Windows\SysWow64\뼟뻼=
[2013.09.18 14:52:12 | 098,132,872 | ---- | C] ()(C:\Windows\SysWow64\???=) -- C:\Windows\SysWow64\뼟뻼=
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1213 bytes -> C:\ProgramData\Microsoft:V6rvehwmRjYqRAkFBpLsBNz
@Alternate Data Stream - 1190 bytes -> C:\ProgramData\Microsoft:cJP8NoA3alrUCM20

< End of report >
         


Alt 18.09.2013, 20:09   #21
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Fixen mit OTL

  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
SRV - [2011.12.05 22:16:03 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service)
:files
C:\Windows\SysWOW64\UpdSvc.dll
:reg
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
"Update-Service-Installer-Service"=-
"Update-Service"=-
:commands
[reboot]
         
  • Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
  • Schließe bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
    ( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
    Kopiere nun den Inhalt hier in Deinen Thread
__________________
--> Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst

Alt 18.09.2013, 20:54   #22
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



So hier ist das gewünschte:

Code:
ATTFilter
========== OTL ==========
Service Update-Service stopped successfully!
Service Update-Service deleted successfully!
C:\Windows\SysWOW64\UpdSvc.dll moved successfully.
========== FILES ==========
File\Folder C:\Windows\SysWOW64\UpdSvc.dll not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost\\Update-Service deleted successfully.
Registry value HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\\Update-Service-Installer-Service not found.
Registry value HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost\\Update-Service not found.
========== COMMANDS ==========
 
OTL by OldTimer - Version 3.2.69.0 log created on 09182013_214358
         
Wenn wir irgendwann mal alles durchhaben und mein Kaspersky wieder funktionieren sollte, würde ich dich bitten, mir eine kleine Beschreibung zu geben woran es lag.

Alt 19.09.2013, 09:47   #23
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Das hier war ne Mischung aus Trojaner und Mediyes.

Bitte ein frisches FRST log und ein frisches OTL Log mit dem gleichen Custom Scan wie oben.

Ebenso das hier:

Downloade dir bitte Windows Repair (All In One) von hier.
  • Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
  • Klicke auf Step 2 und drücke unter Check Disk auf Do It.

  • Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

  • Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

  • Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
  • Hake Restart System when Finished an.
  • Drücke Start.




Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.09.2013, 17:10   #24
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



So hier erst einmal der FST-Scan

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-09-2013 01
Ran by Marko at 2013-09-20 15:29:01
Running from C:\Users\Marko\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

64 Bit HP CIO Components Installer (Version: 8.2.2)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AC3Filter 2.5b (x32 Version: 2.5b)
Adobe AIR (x32 Version: 3.7.0.1860)
Adobe Bridge 1.0 (x32 Version: 001.000.001)
Adobe Common File Installer (x32 Version: 1.00.001)
Adobe Community Help (x32 Version: 3.5.23)
Adobe Download Assistant (x32 Version: 1.2.3)
Adobe Flash Player 11 ActiveX 64-bit (Version: 11.2.202.235)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Help Center 1.0 (x32 Version: 1.0.1)
Adobe Photoshop CS2 (x32 Version: 9.0)
Adobe Photoshop Elements 11 (x32 Version: 11.0)
Adobe Photoshop Lightroom 5 64-bit (Version: 5.0.1)
Adobe Premiere Elements 11 (Version: 11.0)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
AMD Accelerated Video Transcoding (Version: 2.00.0002)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.0806.1213.19931)
AMD Media Foundation Decoders (Version: 1.0.70405.2224)
AMD System Monitor (x32 Version: 1.0.8)
AMD USB Filter Driver (x32 Version: 1.0.15.94)
AMD VISION Engine Control Center (x32 Version: 2012.0806.1213.19931)
AntiBrowserSpy (x32 Version: 3.6.106)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
Application Profiles (x32 Version: 2.0.4337.36028)
Application Profiles (x32 Version: 2.0.4365.36132)
Ashampoo Burning Studio 12 v.12.0.5 (x32 Version: 12.0.5)
Ashampoo Home Designer Pro v.1.0.1 (x32 Version: 1.0.1)
Ashampoo Internet Accelerator 3 v.3.20 (x32 Version: 3.1.1)
Ashampoo Music Studio 4 v.4.0.5 (x32 Version: 4.0.5)
Ashampoo Music Studio 4 v.4.1.0 (x32 Version: 4.1.0)
Ashampoo Photo Commander 10 v.10.1.1 (x32 Version: 10.1.1)
Ashampoo Snap 5 v.5.1.5 (x32 Version: 5.1.5)
Ashampoo Video Styler 2013 v.1.0.1 (x32 Version: 1.0.1)
Ashampoo WinOptimizer 10 v.10.2.5 (x32 Version: 10.02.05)
Audio 180% (x32 Version: Audio 180%)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Bewerbungsfoto-/Passbild-Generator v3.5b (x32)
BEWERBUNGSMASTER (e:\Programme\BEWERBUNGSMASTER\) (x32)
BEWERBUNGSMASTER (x32)
BufferChm (x32 Version: 130.0.331.000)
Bullzip PDF Printer 9.3.0.1516 (Version: 9.3.0.1516)
C4400 (x32 Version: 130.0.365.000)
C4500 (x32 Version: 130.0.365.000)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.7.2.11)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.3.9)
Canon MOV Decoder (x32 Version: 1.5.0.7)
Canon MOV Encoder (x32 Version: 1.3.1.3)
Canon MovieEdit Task for ZoomBrowser EX (x32 Version: 3.4.1.9)
Canon Utilities Digital Photo Professional 3.8 (x32 Version: 3.8.0.0)
Canon Utilities EOS Utility (x32 Version: 2.8.1.0)
Canon Utilities PhotoStitch (x32 Version: 3.1.22.46)
Canon Utilities Picture Style Editor (x32 Version: 1.7.0.0)
Canon Utilities WFT Utility (x32 Version: 3.5.1.1)
Canon Utilities ZoomBrowser EX (x32 Version: 6.5.1.15)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.3.0.4)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1213.19931)
Catalyst Control Center Localization All (x32 Version: 2012.0806.1213.19931)
CCC Help Chinese Standard (x32 Version: 2012.0806.1212.19931)
CCC Help Chinese Traditional (x32 Version: 2012.0806.1212.19931)
CCC Help Czech (x32 Version: 2012.0806.1212.19931)
CCC Help Danish (x32 Version: 2012.0806.1212.19931)
CCC Help Dutch (x32 Version: 2012.0806.1212.19931)
CCC Help English (x32 Version: 2012.0806.1212.19931)
CCC Help Finnish (x32 Version: 2012.0806.1212.19931)
CCC Help French (x32 Version: 2012.0806.1212.19931)
CCC Help German (x32 Version: 2012.0806.1212.19931)
CCC Help Greek (x32 Version: 2012.0806.1212.19931)
CCC Help Hungarian (x32 Version: 2012.0806.1212.19931)
CCC Help Italian (x32 Version: 2012.0806.1212.19931)
CCC Help Japanese (x32 Version: 2012.0806.1212.19931)
CCC Help Korean (x32 Version: 2012.0806.1212.19931)
CCC Help Norwegian (x32 Version: 2012.0806.1212.19931)
CCC Help Polish (x32 Version: 2012.0806.1212.19931)
CCC Help Portuguese (x32 Version: 2012.0806.1212.19931)
CCC Help Russian (x32 Version: 2012.0806.1212.19931)
CCC Help Spanish (x32 Version: 2012.0806.1212.19931)
CCC Help Swedish (x32 Version: 2012.0806.1212.19931)
CCC Help Thai (x32 Version: 2012.0806.1212.19931)
CCC Help Turkish (x32 Version: 2012.0806.1212.19931)
ccc-utility64 (Version: 2012.0806.1213.19931)
Classic Shell (Version: 3.6.8)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
COMPUTERBILD-Abzockschutz (x32 Version: 1.0.40)
Content Manager 2 (x32 Version: 3.10.0.52790)
Copy (x32 Version: 130.0.428.000)
CPUID CPU-Z 1.59
CyberGhost VPN
DAEMON Tools Lite (x32 Version: 4.46.1.0327)
Data Lifeguard Diagnostic for Windows 1.24 (x32)
DateiCommander13 Basic (x32)
Desk Drive (x32 Version: 1.8.2)
DeskDrive Version 1.8.5 (x32 Version: 1.8.5)
Destinations (x32 Version: 130.0.0.0)
DeviceDiscovery (x32 Version: 130.0.465.000)
Diagnostic Utility (x32 Version: 1.00.0000)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)
DivX-Setup (x32 Version: 2.6.1.44)
DocProc (x32 Version: 13.0.0.0)
DxO FilmPack 2.0 (x32 Version: 2.0.0)
DxO Optics Pro 5.3.5 (x32 Version: 5.3.5)
DxO Optics Pro 6 (x32 Version: 6.6.0)
Elements 11 Organizer (x32 Version: 11.0)
eReg (x32 Version: 1.20.138.34)
erLT (x32 Version: 1.20.0137)
Fahrtenbuch professionell (x32)
FileBox eXtender (x32)
FileZilla Client 3.5.3 (x32 Version: 3.5.3)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.31.0)
FolderVisualizer (x32 Version: 2012)
GeoSetter 3.4.16 (x32)
Gigaset QuickSync (Version: 7.2.0844.6)
Google Earth Plug-in (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 130.0.371.000)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photo Creations (x32 Version: 1.0.0.9452)
HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3 (Version: 13.0)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (Version: 13.0)
HP Smart Web Printing 4.51 (Version: 4.51)
HP Solution Center 13.0 (Version: 13.0)
HP Update (x32 Version: 5.003.001.001)
HPDiagnosticAlert (x32 Version: 1.00.0000)
HPPhotoGadget (x32 Version: 130.0.282.000)
HPProductAssistant (x32 Version: 130.0.371.000)
Inpaint 3 Installation & Registrierung (x32)
Inpaint 3.0 (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JavaFX 2.1.1 (x32 Version: 2.1.1)
KeePass Password Safe 2.21 (x32)
Logitech Flow Scroll 4.0 (Version: 4.00.33)
Logitech SetPoint 6.32 (Version: 6.32.20)
Logitech Unifying-Software 2.10 (Version: 2.10.37)
MadAppLauncher version 1.10.0.0 (x32 Version: 1.10.0.0)
MAGIX Foto Designer 7 (x32 Version: 7.0.1.1)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 130.0.374.000)
MediaCoder x64 0.8.25.5553 (Version: 0.8.25.5553)
Mediencenter 3.8.1.2208 (HKCU Version: 3.8.1.2208)
Mediencenter Assistent (Version: 2.7.0.1451)
MEDION NAS TOOL (x32)
Memeo Instant Backup (x32 Version: 4.60.0.7939)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Office Professional 2013 - de-de (Version: 15.0.4535.1004)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SkyDrive (HKCU Version: 16.4.6013.0910)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
Miso 1.0 (x32 Version: 1.0)
Mozilla Firefox 18.0.1 (x86 de) (x32 Version: 18.0.1)
Mozilla Firefox 23.0.1 (x86 de) (HKCU Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 18.0.1)
Mp3tag v2.57 (x32 Version: v2.57)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Naviextras Toolbox Prerequesities (x32 Version: 1.0.0)
Nero 8 (x32 Version: 8.3.312)
neroxml (x32 Version: 1.0.0)
Network64 (Version: 130.0.572.000)
Nokia Connectivity Cable Driver (x32 Version: 7.1.172.0)
Nokia Suite (x32 Version: 3.8.30.0)
NTRIP (x32)
O&O DriveLED Professional (Version: 4.2.157)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Ocster Backup Pro (Version: 8.08)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4535.1004)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4535.1004)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4535.1004)
ON_OFF Charge B11.1102.1 (x32 Version: 1.00.0001)
Paragon Festplatten Manager™ 2011 Kompakt 2nd Edition (x32 Version: 90.00.0003)
PC Connectivity Solution (x32 Version: 12.0.109.0)
PDF Experte 8 Ultimate (x32 Version: 8.0.0140.0)
Perfect Effects 4.0.4 (x32 Version: 4.0.4)
PL-2303 USB-to-Serial (x32 Version: 1.7.0)
PRE11 STI 64Installer (x32 Version: 11.0)
PS_AIO_03_C4400_Software_Min (x32 Version: 130.0.365.000)
PS_AIO_04_C4500_Software_Min (x32 Version: 130.0.365.000)
PSE11 STI Installer (x32 Version: 11.0)
Q-Dir (x32)
QuickTime (x32 Version: 7.74.80.86)
Rainmeter (x32 Version: 2.4 r1678)
Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6650)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30126)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0)
Scan (x32 Version: 13.0.0.0)
SeaTools for Windows (x32 Version: 1.2.0.7)
Send To Toys v2.61
SiSoftware Sandra Lite 2012.SP5c (Version: 18.74.2012.10)
SmartTools Publishing • Excel AutoBackup (x32 Version: v2.50)
SmartTools Publishing • Outlook Adress-Assistent (x32 Version: v3.50)
SmartTools Publishing • Word Adressfenster-Assistent (x32 Version: v2.50)
SmartWebPrinting (x32 Version: 130.0.457.000)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.469.000)
swMSM (x32 Version: 12.0.0.1)
TomTom HOME (x32 Version: 2.9.2)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
Toolbox (x32 Version: 130.0.648.000)
TrayApp (x32 Version: 130.0.422.000)
Treiber-Studio 2013 (Version: 8.0.519)
Treiber-Studio 2013 (Version: 8.1.428)
Unknown Device Identifier 8.00
UnloadSupport (x32 Version: 11.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VCRedistSetup (x32 Version: 1.0.0)
WebReg (x32 Version: 130.0.132.017)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
XnView Shell Extension 3.2.0 (64bits) (x32 Version: 3.2.0)

==================== Restore Points  =========================

18-09-2013 13:06:19 Windows Update
20-09-2013 10:00:29 Windows-Sicherung

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-09-05 15:38 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {07FD82E2-B526-4FC7-8798-FCA387122C0B} - System32\Tasks\One-Click Optimizer => E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-05-15] (Ashampoo Development GmbH & Co. KG)
Task: {18E87A3D-D345-46C8-83A0-765A4D34BF98} - System32\Tasks\{0DC1FC84-5EDB-4337-ABC3-B6DDCF71C3C2} => Firefox.exe 
Task: {479C03B9-CEC4-41F3-A69F-F81E31FC295D} - System32\Tasks\{485AAEC7-0CDC-4324-B369-6564E05046FA} => Firefox.exe 
Task: {55D08572-AF0D-4D79-B374-B2288E853937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-21] (Google Inc.)
Task: {6F20F847-5ACE-4021-A98C-D2F23D8CFB92} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-07-22] (Microsoft Corporation)
Task: {94E7BDC3-C5CF-4EFB-A69A-8C6218A52551} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9E55C402-A616-4ED1-B9A3-DDE6CCFFCF6A} - System32\Tasks\Microsoft\Windows\MemDiag => C:\Windows\system32\mdres.exe [2009-07-14] (Microsoft Corporation)
Task: {A00464E8-6BBC-4CE0-B494-EA214C5F7098} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {B5FF5D24-9746-49F5-9A08-EE16078E7451} - System32\Tasks\{68FCBDDC-F452-4549-97AD-356CC5E03486} => E:\Programme\Nero\Nero\Nero8\Nero Burning Rom\nero.exe [2008-06-24] (Nero AG)
Task: {BE32AC8B-F571-4959-965A-8CCC10A0E121} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-03-21] (Google Inc.)
Task: {C820FD4E-DC50-452F-A5E7-1350854F076E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\System32\sdengin2.dll [2010-11-20] (Microsoft Corporation)
Task: {DCBCD7DD-7C16-4FFC-B939-EF6759C24FF4} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {E47767F2-BC3A-463D-8CBD-A409DEA7DCA3} - System32\Tasks\AdobeAAMUpdater-1.0-Kobolt-Marko => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {F07079E8-DB7A-4819-8454-71FE70E5A687} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-08-23] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe

==================== Loaded Modules (whitelisted) =============

2013-02-03 17:06 - 2013-02-03 17:06 - 00244696 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00661448 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCP110.dll
2013-02-03 17:06 - 2013-02-03 17:06 - 00828872 _____ (Microsoft Corporation) C:\Users\Marko\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\MSVCR110.dll
2013-04-04 10:22 - 2013-04-04 10:22 - 00558592 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.IconOverlayHandler.dll
2013-06-29 10:50 - 2013-06-29 10:50 - 00724992 _____ (IvoSoft) E:\Programme\Classic Shell\ClassicExplorer64.dll
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2013-06-29 10:50 - 2013-06-29 10:50 - 01750528 _____ (IvoSoft) E:\Programme\Classic Shell\ClassicStartMenuDLL.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () e:\Programme\FileZilla FTP Client\fzshellext_64.dll
2012-08-06 13:01 - 2012-08-06 13:01 - 00004608 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\atiamdeu.dll
2013-07-29 14:57 - 2013-05-15 15:22 - 00117096 _____ (TODO: <Company name>) E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\WinOptimizerContextHandler64.dll
2013-04-24 15:25 - 2013-04-24 15:25 - 00402432 _____ (Florian Heidenreich) E:\Programme\MP3-Tag\Mp3tag\Mp3tagShell64.dll
2013-04-04 10:22 - 2013-04-04 10:22 - 00152064 _____ (Deutsche Telekom AG) C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\DTAG.Mediencenter.ContextMenuHandler.dll
2012-08-15 11:55 - 2012-08-13 17:25 - 00149504 _____ (Deutsche Telekom AG) C:\Windows\system32\DTAG.Mediencenter.ShellExtension.dll
2012-05-22 11:01 - 2012-02-23 21:44 - 02409472 _____ () e:\Programme\XnView\ShellEx\XnViewShellExt64.dll
2013-07-10 13:15 - 2011-02-01 20:09 - 00593788 _____ (Friedemann Schmidt) e:\Programme\GeoSetter\GeoSetterShellExt64.dll
2012-05-22 11:07 - 2011-05-18 17:47 - 00137216 _____ (Gabriele Ponti) e:\Programme\Send To Toys\SendToFolderShellExt.dll
2012-05-22 11:07 - 2011-05-18 17:47 - 00140800 _____ (Gabriele Ponti) e:\Programme\Send To Toys\SendToClipboardShellExt.dll
2012-08-06 13:01 - 2012-08-06 13:01 - 00837632 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\atiacm64.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () E:\Programme\Logitech\SetPointP\Macros\MacroCore.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00035744 _____ (unknown) E:\Programme\AntiBrowserSpy\AbFlexTrans.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00037792 _____ () E:\Programme\AntiBrowserSpy\AbCommons.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 06362528 _____ () E:\Programme\AntiBrowserSpy\Commons.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 02648480 _____ (Developer Express Inc.) E:\Programme\AntiBrowserSpy\DevExpress.Data.v10.2.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00173984 _____ () E:\Programme\AntiBrowserSpy\AbBrowserLibs.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 03414944 _____ (Developer Express Inc.) E:\Programme\AntiBrowserSpy\DevExpress.Utils.v10.2.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00018336 _____ () E:\Programme\AntiBrowserSpy\VersionInfo.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00018848 _____ () E:\Programme\AntiBrowserSpy\AbSettingsKeeper.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 01750432 _____ (Developer Express Inc.) E:\Programme\AntiBrowserSpy\DevExpress.XtraEditors.v10.2.dll
2012-05-22 09:40 - 2011-06-21 12:07 - 00012704 _____ () E:\Programme\AntiBrowserSpy\AbProcessManager.dll
2013-06-07 09:59 - 2013-06-07 09:59 - 00012520 _____ () C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\CoreTempReader.dll
2013-06-07 09:59 - 2013-06-07 09:59 - 00015080 _____ () C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\GetCoreTempInfoNET.dll
2013-06-07 09:59 - 2013-06-07 09:59 - 00014056 _____ () C:\Users\Marko\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.gadget\SystemInfo.dll
2012-11-04 16:25 - 2012-11-04 16:25 - 00736968 _____ () E:\Programme\Rainmeter\Rainmeter.dll
2012-11-04 16:23 - 2012-11-04 16:23 - 00056832 _____ () E:\Programme\Rainmeter\Plugins\WebParser.dll
2013-07-02 17:21 - 2013-07-02 17:21 - 04712104 _____ () e:\Programme\Ocster Backup\bin\ox.dll
2013-04-12 10:45 - 2013-04-12 10:45 - 00641024 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_xrc_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00622592 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_html_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 03663872 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_core_vc_ox.dll
2013-04-12 10:42 - 2013-04-12 10:42 - 01488384 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxbase28u_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00875520 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxmsw28u_adv_vc_ox.dll
2013-04-12 10:44 - 2013-04-12 10:44 - 00157696 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxbase28u_xml_vc_ox.dll
2013-04-12 10:42 - 2013-04-12 10:42 - 00152576 _____ (wxWidgets development team) e:\Programme\Ocster Backup\bin\wxbase28u_net_vc_ox.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00097280 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-08-06 13:03 - 2012-08-06 13:03 - 00031232 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00025088 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00048128 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00022016 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00015360 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00061440 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00018432 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00061440 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00038400 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00029184 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\ATICCCom.dll
2012-07-17 09:58 - 2012-07-17 09:58 - 00175104 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\ADL.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00034816 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Server.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00006144 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00047616 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00006656 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00007168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00006144 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 00045056 _____ (ATI Technologies Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2010-03-04 02:27 - 2010-03-04 02:27 - 00016384 _____ (ATI Technologies Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00006656 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.dll
2010-10-07 14:07 - 2010-10-07 14:07 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00311296 _____ (Advanced Mirco Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00196608 _____ (Advanced Mirco Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2009-06-17 06:27 - 2009-06-17 06:27 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005120 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.Audio.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00008704 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2008-04-03 17:29 - 2008-04-03 17:29 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00025600 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00028672 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00045056 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00053248 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2009-12-08 08:49 - 2009-12-08 08:49 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2007-08-09 17:58 - 2007-08-09 17:58 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00144384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00065536 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00053248 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00028672 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2008-12-30 13:04 - 2008-12-30 13:04 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00050688 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.shared.dll
2007-05-02 18:44 - 2007-05-02 18:44 - 00020480 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0703.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00110592 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00081920 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2010-11-05 15:18 - 2010-11-05 15:18 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00110592 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00081920 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00013824 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00045056 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2009-01-20 15:51 - 2009-01-20 15:51 - 00007168 _____ ( ) C:\ATI\ATI.ACE\Core-Static\atixclib.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00013824 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00008192 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00015872 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00012288 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00019968 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00010752 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00013312 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\Fuel.Foundation.dll
2012-08-06 13:24 - 2012-08-06 13:24 - 00037376 _____ (AMD) C:\ATI\ATI.ACE\Fuel\FUEL.Implementation.dll
2012-08-06 13:24 - 2012-08-06 13:24 - 00103424 _____ () C:\ATI\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-08-06 13:03 - 2012-08-06 13:03 - 00479232 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00352256 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\Localization.Foundation.Implementation.de_Localization.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00071168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00012800 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00011264 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00007168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00013824 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00018944 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00018944 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00011264 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00015360 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00012800 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00011776 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00066048 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\APM.Server.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00024576 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\APM.Foundation.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00007168 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00005632 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00380928 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00036352 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00007680 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 01395200 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00413696 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00175104 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00172032 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 01007616 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00028160 _____ (Advanced Mirco Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00057344 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 01406464 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00441344 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00369152 _____ () C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00032768 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00393216 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 02400256 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00024576 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MultiVPU2.Graphics.Shared.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00237568 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00159744 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00100864 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00021504 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00044544 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Audio.Graphics.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00008704 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 01260032 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00026112 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00021504 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00048128 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2012-08-06 13:07 - 2012-08-06 13:07 - 00029696 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00037376 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00007680 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2012-08-06 13:08 - 2012-08-06 13:08 - 00039936 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00008192 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2012-08-06 13:04 - 2012-08-06 13:04 - 00307200 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00060928 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2012-08-06 13:06 - 2012-08-06 13:06 - 00528384 _____ (Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2012-08-06 13:05 - 2012-08-06 13:05 - 00020480 _____ (Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2013-01-15 19:16 - 2012-04-11 20:06 - 01186816 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\TMSlite160.bpl
2013-01-15 19:16 - 2012-03-13 14:50 - 03660800 _____ (Project JEDI) E:\Programme\Avanquest\PDF Experte 8 Ultimate\Jcl160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00087552 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspropsaver160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 02478080 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsvector160.bpl
2013-01-15 19:16 - 2012-03-29 18:00 - 04119552 _____ (visagesoft) E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsgdi.dll
2013-01-15 19:16 - 2012-04-11 20:06 - 04680704 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfcore160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 02693120 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\BBlite160.bpl
2013-01-15 19:16 - 2012-02-23 16:11 - 00025088 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vstrees160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00064512 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsprinters160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00064512 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprinter160.bpl
2013-01-15 19:16 - 2011-09-30 19:10 - 00684032 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\js32.dll
2013-01-15 19:16 - 2012-04-11 20:06 - 00097280 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\expertpdfcore160.bpl
2013-01-15 19:16 - 2012-02-24 02:55 - 00253952 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) E:\Programme\Avanquest\PDF Experte 8 Ultimate\IndySystem160.bpl
2013-01-15 19:16 - 2012-02-24 02:55 - 02506752 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) E:\Programme\Avanquest\PDF Experte 8 Ultimate\IndyProtocols160.bpl
2013-01-15 19:16 - 2012-02-24 02:55 - 00387584 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) E:\Programme\Avanquest\PDF Experte 8 Ultimate\IndyCore160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 02253824 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\PKIECtrl160.bpl
2013-01-15 19:16 - 2012-04-11 20:06 - 00517120 _____ () E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfeditor160.bpl
2013-01-15 19:16 - 2011-01-19 17:49 - 00156160 _____ (Avanquest Software) E:\Programme\Avanquest\PDF Experte 8 Ultimate\Snapu.dll
2013-01-15 19:16 - 2010-04-06 15:41 - 00316416 _____ (Avanquest Software) E:\Programme\Avanquest\PDF Experte 8 Ultimate\OLRegist.dll
2013-01-15 19:16 - 2010-08-05 10:57 - 00599296 _____ (Avanquest Software) E:\Programme\Avanquest\PDF Experte 8 Ultimate\bvrpctln.dll
2011-09-16 15:39 - 2011-09-16 15:39 - 00098664 _____ (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.dll
2013-02-13 04:38 - 2013-02-13 04:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

==================== Alternate Data Streams (whitelisted) ==========

AlternateDataStreams: C:\ProgramData\Microsoft:cJP8NoA3alrUCM20
AlternateDataStreams: C:\ProgramData\Microsoft:V6rvehwmRjYqRAkFBpLsBNz
AlternateDataStreams: C:\Users\Marko\Cookies:xfyRDFyvnvb5tEWMQke9kc
AlternateDataStreams: C:\Users\Marko\Lokale Einstellungen:ESx4L4fSedPdx1ERV9rqEL
AlternateDataStreams: C:\Users\Marko\AppData\Local:ESx4L4fSedPdx1ERV9rqEL
AlternateDataStreams: C:\Users\Marko\AppData\Local\Anwendungsdaten:ESx4L4fSedPdx1ERV9rqEL


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/20/2013 08:26:02 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/19/2013 04:10:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/19/2013 04:10:55 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/19/2013 04:10:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/19/2013 02:09:23 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/18/2013 09:45:45 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/18/2013 07:35:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 15.0.4535.1000, Zeitstempel: 0x51de6fa2
Name des fehlerhaften Moduls: oart.dll, Version: 15.0.4535.1000, Zeitstempel: 0x51de6f17
Ausnahmecode: 0xc00002b4
Fehleroffset: 0x0026fc12
ID des fehlerhaften Prozesses: 0x674
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (09/18/2013 07:15:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 15.0.4535.1000, Zeitstempel: 0x51de6fa2
Name des fehlerhaften Moduls: oart.dll, Version: 15.0.4535.1000, Zeitstempel: 0x51de6f17
Ausnahmecode: 0xc00002b4
Fehleroffset: 0x0026fc12
ID des fehlerhaften Prozesses: 0x131c
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (09/18/2013 04:03:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (09/18/2013 04:03:56 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (09/20/2013 08:28:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/20/2013 08:28:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/20/2013 08:28:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/20/2013 08:28:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/20/2013 08:28:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/20/2013 08:28:25 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/20/2013 08:26:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/20/2013 08:26:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2

Error: (09/20/2013 08:26:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%2

Error: (09/20/2013 08:26:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet: 
%%2


Microsoft Office Sessions:
=========================
Error: (09/20/2013 08:26:02 AM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/19/2013 04:10:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestE:\Programme\Nero\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (09/19/2013 04:10:55 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestE:\Programme\Nero\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe

Error: (09/19/2013 04:10:53 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestE:\Programme\Nero\Nero\Nero8\Nero Toolkit\DiscSpeed.exe

Error: (09/19/2013 02:09:23 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/18/2013 09:45:45 PM) (Source: MemeoBackgroundService)(User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
   bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
   --- Ende der internen Ausnahmestapelüberwachung ---
   bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
   bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
   bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
   bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
   bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (09/18/2013 07:35:11 PM) (Source: Application Error)(User: )
Description: WINWORD.EXE15.0.4535.100051de6fa2oart.dll15.0.4535.100051de6f17c00002b40026fc1267401ceb4956b91adb4C:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEC:\Program Files\Microsoft Office 15\Root\Office15\oart.dllaaf8a8e7-2088-11e3-a1f4-1c6f6581d4c8

Error: (09/18/2013 07:15:06 PM) (Source: Application Error)(User: )
Description: WINWORD.EXE15.0.4535.100051de6fa2oart.dll15.0.4535.100051de6f17c00002b40026fc12131c01ceb4929cfacadcC:\Program Files\Microsoft Office 15\Root\Office15\WINWORD.EXEC:\Program Files\Microsoft Office 15\Root\Office15\oart.dlldc807212-2085-11e3-a1f4-1c6f6581d4c8

Error: (09/18/2013 04:03:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestE:\Programme\Nero\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe

Error: (09/18/2013 04:03:56 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestE:\Programme\Nero\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe


CodeIntegrity Errors:
===================================
  Date: 2013-09-05 15:33:31.315
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-05 15:33:31.185
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-06-28 13:37:59.118
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.117
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.114
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.100
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.099
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-06-28 13:37:59.096
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-08 11:24:41.256
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-08 11:24:41.254
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8188.54 MB
Available physical RAM: 6159.38 MB
Total Pagefile: 16375.25 MB
Available Pagefile: 13859.04 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:104.75 GB) (Free:24.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FreeAgent GoFlex Drive) (Fixed) (Total:465.76 GB) (Free:401.88 GB) NTFS
Drive e: (Programme) (Fixed) (Total:41.22 GB) (Free:12.24 GB) NTFS
Drive f: (Daten) (Fixed) (Total:180.27 GB) (Free:43.81 GB) NTFS
Drive g: (Backup) (Fixed) (Total:89.52 GB) (Free:16.88 GB) NTFS
Drive h: (Laufwerk) (Fixed) (Total:50 GB) (Free:27.1 GB) NTFS
Drive k: (Sicherung) (Fixed) (Total:931.51 GB) (Free:23.09 GB) NTFS
Drive p: (SEAGATE_EXP) (Fixed) (Total:1907.32 GB) (Free:1885.23 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: C4086204)
Partition 1: (Active) - (Size=105 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=361 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 56A6B2F7)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 76942D58)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== End Of Log ============================
         
__________________
= = = = = = = = = = = = = = = = = =

MfG

mk72

Alt 20.09.2013, 17:11   #25
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-09-2013 01
Ran by Marko (administrator) on KOBOLT on 20-09-2013 15:27:53
Running from C:\Users\Marko\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\ATI\ATI.ACE\Fuel\Fuel.Service.exe
(mst software GmbH, Germany) E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Deutsche Telekom AG) E:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(StarWind Software) e:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech, Inc.) E:\Programme\Logitech\SetPointP\SetPoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(IvoSoft) E:\Programme\Classic Shell\ClassicStartMenu.exe
(Blue Onion Software) E:\Programme\Blue Onion Software\Desk Drive\DeskDrive.exe
(Microsoft) E:\Programme\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Visagesoft) E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
() E:\Programme\Rainmeter\Rainmeter.exe
(Adobe Systems Incorporated) E:\Programme\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
() e:\Programme\Ocster Backup\bin\backupService-ox.exe
() e:\Programme\Ocster Backup\bin\oxHelper.exe
(TomTom) E:\Programme\TomTom\TomTom HOME 2\TomTomHOMEService.exe
(Advanced Micro Devices Inc.) C:\ATI\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\ATI\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LogiScrollApp] - C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] - E:\Programme\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2000-01-01] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [Ocster Backup] - E:\Programme\Ocster Backup\bin\backupClient-ox.exe [312488 2013-07-02] ()
HKLM\...\Run: [Classic Start Menu] - E:\Programme\Classic Shell\ClassicStartMenu.exe [151552 2013-06-29] (IvoSoft)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [DeskDriveStartup] - E:\Programme\Blue Onion Software\Desk Drive\DeskDrive.exe [66048 2009-12-06] (Blue Onion Software)
HKCU\...\Run: [BrowserMask] - E:\Programme\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe [101280 2011-06-21] (Microsoft)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKLM-x32\...\Run: [] -  [x]
HKLM-x32\...\Run: [AMD AVT] - C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [DivXMediaServer] - e:\Programme\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC)
HKLM-x32\...\Run: [vspdfprsrv.exe] - e:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe [6082560 2012-04-23] (Visagesoft)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\ATI\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Memeo Instant Backup] - C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-09-16] (Memeo Inc.)
HKLM-x32\...\Run: [avgnt] - E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-04] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
ShortcutTarget: Mediencenter.lnk -> C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> E:\Programme\Rainmeter\Rainmeter.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.jan-records.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x10F897CE9304CA01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {B8043587-EBE9-4754-9E02-4BD5899FE7BA} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=971163&p={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: CBAbzockschutz.InitToolbarBHO - {2e250b90-0e7a-42a3-9d65-e39f9f227fa4} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - e:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
BHO-x32: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz - {353e2a48-6254-4bd3-88f4-3b51a0ca7870} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Winsock: Catalog9 01 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll [258104] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 01 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 02 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 03 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 04 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 05 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 06 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 07 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 08 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9-x64 20 E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll [231480] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Marko\AppData\Roaming\Mozilla\Firefox\C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-812850846-3816870413-364722810-1001\FireFox
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - E:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - e:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - e:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - E:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - e:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - e:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF StartMenuInternet: FIREFOX.EXE - e:\Programme\Mozilla Firefox\firefox.exe

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-07-17] (Adobe Systems)
R2 AdobeActiveFileMonitor11.0; E:\Programme\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\ATI\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe [84024 2013-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-04] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; E:\Programme\Antivir\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-04] (Avira Operations GmbH & Co. KG)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 DfSdkS; E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
S2 LanmanWorkstation; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 LPDSVC; C:\Windows\system32\lpdsvc.dll [45568 2009-07-14] (Microsoft Corporation)
R2 MCSWASVR; E:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [12800 2011-11-23] (Deutsche Telekom AG)
S4 Nero BackItUp Scheduler 3; E:\Programme\Nero\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG)
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG)
R2 ocster_backup; e:\Programme\Ocster Backup\bin\backupService-ox.exe [23720 2013-07-02] ()
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1901752 2013-07-22] (Microsoft Corporation)
S3 SandraAgentSrv; E:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe [68760 2008-09-05] (SiSoftware)
R2 StarWindServiceAE; e:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 TomTomHOMEService; E:\Programme\TomTom\TomTom HOME 2\TomTomHOMEService.exe [92632 2012-08-28] (TomTom)
S4 McComponentHostService; "C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe" [x]
S4 vToolbarUpdater15.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; C:\ATI\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-29] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R2 cpuz135; C:\Windows\system32\drivers\cpuz135_x64.sys [21992 2011-09-21] (CPUID)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-02-01] (Windows (R) Server 2003 DDK provider)
S3 etdrv; C:\Windows\etdrv.sys [25640 2012-02-01] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-10-09] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2012-10-09] (Windows (R) Server 2003 DDK provider)
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-01] ()
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [39728 2011-11-04] (Paragon Software Group)
R0 oodrvled; C:\Windows\System32\DRIVERS\oodrvled.sys [30800 2011-03-02] (O&O Software GmbH)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S3 SANDRA; E:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-07] (Duplex Secure Ltd.)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-04] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-04] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-04] (Paragon)
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S0 TPkd; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-20 15:27 - 2013-09-20 15:27 - 00000940 _____ C:\Users\Marko\Desktop\Neues Textdokument.txt
2013-09-20 15:26 - 2013-09-20 15:26 - 01950622 _____ (Farbar) C:\Users\Marko\Desktop\FRST64.exe
2013-09-20 15:25 - 2013-09-20 15:26 - 01950622 _____ (Farbar) C:\Users\Marko\Downloads\FRST64.exe
2013-09-20 15:23 - 2013-09-20 15:23 - 05369204 _____ C:\Users\Marko\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-09-20 08:26 - 2013-09-20 14:26 - 98474815 _____ C:\Windows\SysWOW64\ទ㤃뻼¡
2013-09-19 23:15 - 2013-09-19 23:16 - 64196136 _____ (Avanquest software) C:\Users\Marko\Downloads\PDF_Experte_V9_Ultimate_DEU_TRIAL.exe
2013-09-18 21:43 - 2013-09-18 21:43 - 00000000 ____D C:\_OTL
2013-09-18 15:04 - 2013-09-18 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\Marko\Downloads\OTL.exe
2013-09-18 15:04 - 2013-09-18 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\Marko\Desktop\OTL.exe
2013-09-11 10:01 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 10:01 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 10:01 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 10:01 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 10:01 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 10:01 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 10:01 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 10:01 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 10:01 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 10:01 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 10:01 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 10:01 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 10:01 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-11 10:01 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 09:41 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 09:41 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-11 09:41 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-11 09:41 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-11 09:41 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-11 09:41 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-11 09:41 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-11 09:41 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-11 09:41 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-11 09:41 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-11 09:41 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 09:41 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 09:41 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 09:41 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 09:41 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 09:41 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-11 09:41 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-11 09:41 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 09:41 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 09:41 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 09:41 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 09:41 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 09:41 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 09:41 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-11 09:41 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-11 09:41 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 09:41 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-09 15:22 - 2013-09-09 15:22 - 02347384 _____ (ESET) C:\Users\Marko\Downloads\esetsmartinstaller_enu.exe
2013-09-09 15:00 - 2013-09-09 15:00 - 00000000 ____D C:\Users\Marko\Desktop\Polli
2013-09-06 15:13 - 2013-09-06 15:13 - 09999832 _____ C:\Users\Marko\Downloads\FreeFileSync_5.21_Windows_Setup.exe
2013-09-06 15:05 - 2013-09-06 15:05 - 04410648 _____ C:\Users\Marko\Downloads\CloudConnectforOffice1.1.0.exe
2013-09-06 15:05 - 2013-09-06 15:05 - 04138776 _____ C:\Users\Marko\Downloads\CloudConnectforOutlook1.0.0.exe
2013-09-06 15:04 - 2013-09-06 15:04 - 00836632 _____ C:\Users\Marko\Downloads\ASUSWebStorageRemoteDrive1.0.0.171.exe
2013-09-06 12:18 - 2013-09-06 12:18 - 00000000 ____D C:\Windows\ERUNT
2013-09-06 11:32 - 2013-09-06 11:44 - 00000000 ____D C:\AdwCleaner
2013-09-06 11:00 - 2013-09-06 11:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 11:00 - 2013-09-06 11:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 11:00 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-06 10:59 - 2013-09-06 10:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marko\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-05 15:26 - 2013-09-05 15:52 - 00000000 ____D C:\Qoobox
2013-09-05 15:26 - 2013-09-05 15:48 - 00000000 ____D C:\Windows\erdnt
2013-09-05 15:26 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-09-05 15:26 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-09-05 15:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-09-05 15:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-09-05 15:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-09-05 15:26 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-09-05 15:26 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-09-05 15:26 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-09-05 15:22 - 2013-09-20 15:25 - 00000000 ____D C:\Users\Marko\Desktop\Trojaner-Board
2013-09-04 14:43 - 2013-09-04 14:43 - 00276496 _____ C:\Windows\Minidump\090413-21590-01.dmp
2013-09-04 14:22 - 2013-09-04 14:22 - 00000000 ____D C:\FRST
2013-09-04 14:08 - 2013-09-04 14:08 - 00000344 _____ C:\Users\Marko\defogger_reenable
2013-09-04 13:52 - 2013-09-04 13:52 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck(3).exe
2013-09-04 13:52 - 2013-09-04 13:52 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck(2).exe
2013-09-04 13:51 - 2013-09-04 13:51 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck(1).exe
2013-09-02 17:15 - 2013-09-02 17:15 - 00000787 _____ C:\Users\Marko\Desktop\DivX Movies.lnk
2013-09-02 17:15 - 2013-09-02 17:15 - 00000754 _____ C:\Users\Public\Desktop\DivX Plus Player.lnk
2013-08-29 08:59 - 2013-08-29 08:59 - 05192704 _____ (Geza Kovacs) C:\Users\Marko\Downloads\unetbootin-windows-585.exe
2013-08-29 08:53 - 2013-08-29 08:53 - 00000000 ____D C:\Users\Marko\Desktop\Hausbau
2013-08-28 19:23 - 2013-08-28 19:23 - 616382464 _____ C:\Users\Marko\Downloads\rescue-system.iso
2013-08-28 16:21 - 2013-08-28 16:21 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Avira
2013-08-28 16:18 - 2013-09-04 11:36 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-08-28 16:17 - 2013-09-04 11:36 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-08-28 16:17 - 2013-09-04 11:36 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-08-28 16:17 - 2013-08-28 16:17 - 00000000 ____D C:\ProgramData\Avira
2013-08-28 16:17 - 2013-03-06 16:13 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-08-28 15:58 - 2013-08-28 15:59 - 110344048 _____ C:\Users\Marko\Downloads\avira_free4045_antivirus_de.exe
2013-08-28 15:46 - 2013-08-28 15:46 - 02733958 _____ C:\Users\Marko\Downloads\tdsskiller.zip
2013-08-28 15:40 - 2013-08-28 15:40 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck.exe
2013-08-27 13:39 - 2013-09-18 21:45 - 00103784 _____ C:\Windows\PFRO.log
2013-08-26 14:38 - 2013-08-26 15:04 - 00000000 ____D C:\Users\Marko\Desktop\Kaspersky
2013-08-25 18:15 - 2013-08-27 22:03 - 00000000 ____D C:\Users\Marko\AppData\Local\BewerbungsMaster
2013-08-25 18:14 - 2013-08-27 23:00 - 00000000 ____D C:\Users\Marko\Documents\BewerbungsMaster
2013-08-25 18:13 - 2013-08-25 18:13 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2013-08-25 18:07 - 2013-08-25 18:14 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-08-25 18:07 - 2013-08-25 18:14 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-08-25 18:06 - 2013-08-25 18:06 - 11616256 _____ C:\Users\Marko\Downloads\master71.exe
2013-08-25 17:23 - 2013-09-19 14:35 - 00000000 ____D C:\Users\Marko\Desktop\Nick_Ausbildung
2013-08-24 11:32 - 2013-09-20 08:25 - 00002621 _____ C:\Windows\setupact.log
2013-08-24 11:32 - 2013-08-24 11:32 - 00000000 _____ C:\Windows\setuperr.log
2013-08-22 15:01 - 2013-08-22 15:01 - 00000000 ____D C:\Users\Marko\AppData\Roaming\dvdcss
2013-08-22 14:58 - 2013-08-22 14:58 - 00000687 _____ C:\Users\Marko\Desktop\MediaCoder x64.lnk
2013-08-22 14:58 - 2013-08-22 14:58 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
2013-08-22 14:58 - 2013-08-22 14:58 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Broad Intelligence
2013-08-22 14:55 - 2013-08-22 14:57 - 68913986 _____ C:\Users\Marko\Downloads\MediaCoder-x64-0.8.25.5553.exe

==================== One Month Modified Files and Folders =======

2013-09-20 15:27 - 2013-09-20 15:27 - 00000940 _____ C:\Users\Marko\Desktop\Neues Textdokument.txt
2013-09-20 15:26 - 2013-09-20 15:26 - 01950622 _____ (Farbar) C:\Users\Marko\Desktop\FRST64.exe
2013-09-20 15:26 - 2013-09-20 15:25 - 01950622 _____ (Farbar) C:\Users\Marko\Downloads\FRST64.exe
2013-09-20 15:25 - 2013-09-05 15:22 - 00000000 ____D C:\Users\Marko\Desktop\Trojaner-Board
2013-09-20 15:23 - 2013-09-20 15:23 - 05369204 _____ C:\Users\Marko\Downloads\tweaking.com_windows_repair_aio_setup.exe
2013-09-20 15:17 - 2012-09-14 10:49 - 00000338 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2013-09-20 15:15 - 2012-03-21 16:30 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-20 14:57 - 2012-01-16 23:34 - 01675803 _____ C:\Windows\WindowsUpdate.log
2013-09-20 14:26 - 2013-09-20 08:26 - 98474815 _____ C:\Windows\SysWOW64\ទ㤃뻼¡
2013-09-20 11:15 - 2012-03-21 16:30 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-20 08:36 - 2012-08-03 17:25 - 00000000 ____D C:\Users\Marko\AppData\Local\Adobe
2013-09-20 08:35 - 2009-07-14 06:45 - 00015856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-20 08:35 - 2009-07-14 06:45 - 00015856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-20 08:25 - 2013-08-24 11:32 - 00002621 _____ C:\Windows\setupact.log
2013-09-20 08:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-20 00:15 - 2012-03-29 22:15 - 00078423 _____ C:\Windows\system32\log.xml
2013-09-20 00:15 - 2012-03-29 22:15 - 00000008 _____ C:\Windows\system32\log-suffix.xml
2013-09-19 23:16 - 2013-09-19 23:15 - 64196136 _____ (Avanquest software) C:\Users\Marko\Downloads\PDF_Experte_V9_Ultimate_DEU_TRIAL.exe
2013-09-19 22:41 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2013-09-19 14:35 - 2013-08-25 17:23 - 00000000 ____D C:\Users\Marko\Desktop\Nick_Ausbildung
2013-09-18 21:45 - 2013-08-27 13:39 - 00103784 _____ C:\Windows\PFRO.log
2013-09-18 21:43 - 2013-09-18 21:43 - 00000000 ____D C:\_OTL
2013-09-18 15:07 - 2013-03-01 12:06 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-09-18 15:04 - 2013-09-18 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\Marko\Downloads\OTL.exe
2013-09-18 15:04 - 2013-09-18 15:04 - 00602112 _____ (OldTimer Tools) C:\Users\Marko\Desktop\OTL.exe
2013-09-18 14:51 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-16 14:13 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-16 13:48 - 2012-04-02 11:46 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-16 13:48 - 2011-12-05 22:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-15 11:27 - 2011-12-05 17:51 - 00000000 ___RD C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-15 11:27 - 2011-12-05 17:51 - 00000000 ___RD C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-11 10:37 - 2011-12-05 17:31 - 00000000 ____D C:\Windows\Panther
2013-09-11 10:37 - 2009-07-14 06:45 - 03584480 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 10:01 - 2013-07-11 11:28 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 09:48 - 2011-12-06 14:35 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-09 15:25 - 2009-07-14 19:58 - 00700370 _____ C:\Windows\system32\perfh007.dat
2013-09-09 15:25 - 2009-07-14 19:58 - 00149184 _____ C:\Windows\system32\perfc007.dat
2013-09-09 15:25 - 2009-07-14 07:13 - 01622098 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-09 15:22 - 2013-09-09 15:22 - 02347384 _____ (ESET) C:\Users\Marko\Downloads\esetsmartinstaller_enu.exe
2013-09-09 15:00 - 2013-09-09 15:00 - 00000000 ____D C:\Users\Marko\Desktop\Polli
2013-09-06 15:13 - 2013-09-06 15:13 - 09999832 _____ C:\Users\Marko\Downloads\FreeFileSync_5.21_Windows_Setup.exe
2013-09-06 15:05 - 2013-09-06 15:05 - 04410648 _____ C:\Users\Marko\Downloads\CloudConnectforOffice1.1.0.exe
2013-09-06 15:05 - 2013-09-06 15:05 - 04138776 _____ C:\Users\Marko\Downloads\CloudConnectforOutlook1.0.0.exe
2013-09-06 15:04 - 2013-09-06 15:04 - 00836632 _____ C:\Users\Marko\Downloads\ASUSWebStorageRemoteDrive1.0.0.171.exe
2013-09-06 12:18 - 2013-09-06 12:18 - 00000000 ____D C:\Windows\ERUNT
2013-09-06 11:44 - 2013-09-06 11:32 - 00000000 ____D C:\AdwCleaner
2013-09-06 11:44 - 2011-12-05 17:51 - 00000000 ____D C:\Users\Marko
2013-09-06 11:00 - 2013-09-06 11:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-06 11:00 - 2013-09-06 11:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-06 10:59 - 2013-09-06 10:59 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Marko\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-05 16:46 - 2012-04-26 22:27 - 00003234 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-09-05 15:52 - 2013-09-05 15:26 - 00000000 ____D C:\Qoobox
2013-09-05 15:52 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-09-05 15:48 - 2013-09-05 15:26 - 00000000 ____D C:\Windows\erdnt
2013-09-05 15:40 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-09-04 14:43 - 2013-09-04 14:43 - 00276496 _____ C:\Windows\Minidump\090413-21590-01.dmp
2013-09-04 14:43 - 2012-04-19 20:27 - 00000000 ____D C:\Windows\Minidump
2013-09-04 14:22 - 2013-09-04 14:22 - 00000000 ____D C:\FRST
2013-09-04 14:08 - 2013-09-04 14:08 - 00000344 _____ C:\Users\Marko\defogger_reenable
2013-09-04 13:52 - 2013-09-04 13:52 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck(3).exe
2013-09-04 13:52 - 2013-09-04 13:52 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck(2).exe
2013-09-04 13:51 - 2013-09-04 13:51 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck(1).exe
2013-09-04 11:36 - 2013-08-28 16:18 - 00081112 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-04 11:36 - 2013-08-28 16:17 - 00132088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-04 11:36 - 2013-08-28 16:17 - 00105344 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-02 17:43 - 2012-04-04 12:07 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Mp3tag
2013-09-02 17:16 - 2012-03-19 17:27 - 00000000 ____D C:\Users\Marko\Desktop\Auto
2013-09-02 17:15 - 2013-09-02 17:15 - 00000787 _____ C:\Users\Marko\Desktop\DivX Movies.lnk
2013-09-02 17:15 - 2013-09-02 17:15 - 00000754 _____ C:\Users\Public\Desktop\DivX Plus Player.lnk
2013-09-02 17:15 - 2012-08-21 13:36 - 00000000 ____D C:\ProgramData\DivX
2013-08-29 17:02 - 2013-02-03 18:03 - 00000000 ____D C:\Users\Marko\AppData\Local\Microsoft Help
2013-08-29 16:39 - 2013-07-19 13:45 - 00000000 ____D C:\Users\Marko\AppData\Roaming\onOne Software
2013-08-29 08:59 - 2013-08-29 08:59 - 05192704 _____ (Geza Kovacs) C:\Users\Marko\Downloads\unetbootin-windows-585.exe
2013-08-29 08:53 - 2013-08-29 08:53 - 00000000 ____D C:\Users\Marko\Desktop\Hausbau
2013-08-28 19:23 - 2013-08-28 19:23 - 616382464 _____ C:\Users\Marko\Downloads\rescue-system.iso
2013-08-28 16:21 - 2013-08-28 16:21 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Avira
2013-08-28 16:17 - 2013-08-28 16:17 - 00000000 ____D C:\ProgramData\Avira
2013-08-28 15:59 - 2013-08-28 15:58 - 110344048 _____ C:\Users\Marko\Downloads\avira_free4045_antivirus_de.exe
2013-08-28 15:47 - 2013-08-15 11:34 - 00000000 ____D C:\Users\Marko\Downloads\tdsskiller
2013-08-28 15:46 - 2013-08-28 15:46 - 02733958 _____ C:\Users\Marko\Downloads\tdsskiller.zip
2013-08-28 15:40 - 2013-08-28 15:40 - 00623003 _____ (No company) C:\Users\Marko\Downloads\LanmanCheck.exe
2013-08-27 23:00 - 2013-08-25 18:14 - 00000000 ____D C:\Users\Marko\Documents\BewerbungsMaster
2013-08-27 22:03 - 2013-08-25 18:15 - 00000000 ____D C:\Users\Marko\AppData\Local\BewerbungsMaster
2013-08-26 16:55 - 2012-03-23 11:34 - 00000000 ____D C:\ProgramData\firebird
2013-08-26 15:04 - 2013-08-26 14:38 - 00000000 ____D C:\Users\Marko\Desktop\Kaspersky
2013-08-26 14:53 - 2013-05-24 12:28 - 00002453 _____ C:\Users\Public\Desktop\SeaTools for Windows.lnk
2013-08-25 21:41 - 2013-08-19 14:10 - 00000000 ____D C:\Users\Marko\MEDION NAS TOOL
2013-08-25 18:14 - 2013-08-25 18:07 - 00335872 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2013-08-25 18:14 - 2013-08-25 18:07 - 00074752 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2013-08-25 18:13 - 2013-08-25 18:13 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
2013-08-25 18:06 - 2013-08-25 18:06 - 11616256 _____ C:\Users\Marko\Downloads\master71.exe
2013-08-24 11:32 - 2013-08-24 11:32 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 20:20 - 2013-07-29 14:57 - 00000370 _____ C:\Windows\Tasks\One-Click Optimizer.job
2013-08-23 13:05 - 2013-04-21 20:07 - 00001147 _____ C:\Users\Marko\Desktop\Mediencenter.lnk
2013-08-23 13:05 - 2013-04-21 20:07 - 00001133 _____ C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk
2013-08-22 15:01 - 2013-08-22 15:01 - 00000000 ____D C:\Users\Marko\AppData\Roaming\dvdcss
2013-08-22 14:58 - 2013-08-22 14:58 - 00000687 _____ C:\Users\Marko\Desktop\MediaCoder x64.lnk
2013-08-22 14:58 - 2013-08-22 14:58 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
2013-08-22 14:58 - 2013-08-22 14:58 - 00000000 ____D C:\Users\Marko\AppData\Roaming\Broad Intelligence
2013-08-22 14:57 - 2013-08-22 14:55 - 68913986 _____ C:\Users\Marko\Downloads\MediaCoder-x64-0.8.25.5553.exe
2013-08-22 14:33 - 2012-01-03 18:30 - 00018944 _____ C:\Users\Marko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-22 14:31 - 2012-08-21 13:39 - 00000000 ____D C:\Users\Marko\AppData\Roaming\DivX
2013-08-22 14:30 - 2012-02-28 17:45 - 00000124 _____ C:\Users\Marko\Documents\ax_files.xml
2013-08-21 12:09 - 2011-12-06 19:45 - 00000000 ____D C:\ProgramData\ashampoo

Some content of TEMP:
====================
C:\Users\Marko\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-16 14:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Die anderen Tools lasse ich jetzt durchlaufen.
__________________
= = = = = = = = = = = = = = = = = =

MfG

mk72

Alt 20.09.2013, 20:19   #26
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Hier das OTL-log

Code:
ATTFilter
OTL logfile created on: 20.09.2013 18:15:50 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marko\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,02 Gb Available Physical Memory | 75,26% Memory free
15,99 Gb Paging File | 13,52 Gb Available in Paging File | 84,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 104,75 Gb Total Space | 24,84 Gb Free Space | 23,71% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 401,88 Gb Free Space | 86,28% Space Free | Partition Type: NTFS
Drive E: | 41,22 Gb Total Space | 12,24 Gb Free Space | 29,70% Space Free | Partition Type: NTFS
Drive F: | 180,27 Gb Total Space | 43,81 Gb Free Space | 24,30% Space Free | Partition Type: NTFS
Drive G: | 89,52 Gb Total Space | 16,88 Gb Free Space | 18,86% Space Free | Partition Type: NTFS
Drive H: | 50,00 Gb Total Space | 27,10 Gb Free Space | 54,20% Space Free | Partition Type: NTFS
Drive K: | 931,51 Gb Total Space | 23,09 Gb Free Space | 2,48% Space Free | Partition Type: NTFS
Drive P: | 1907,32 Gb Total Space | 1885,23 Gb Free Space | 98,84% Space Free | Partition Type: FAT32
 
Computer Name: KOBOLT | User Name: Marko | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.09.18 15:04:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
PRC - [2013.09.04 11:36:37 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe
PRC - [2013.09.04 11:36:27 | 000,347,192 | ---- | M] (Avira Operations GmbH & Co. KG) -- E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.09.04 11:36:27 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.05.22 20:50:40 | 000,400,704 | ---- | M] () -- C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
PRC - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- E:\Programme\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012.08.28 08:41:08 | 000,092,632 | ---- | M] (TomTom) -- E:\Programme\TomTom\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.04.23 15:42:36 | 006,082,560 | ---- | M] (Visagesoft) -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe
PRC - [2011.09.16 15:39:24 | 000,115,048 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- e:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.05.22 20:50:40 | 000,400,704 | ---- | M] () -- C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MOD - [2013.02.13 04:38:06 | 000,100,688 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2013.02.13 04:37:16 | 001,263,952 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
MOD - [2012.04.11 20:06:12 | 000,517,120 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfeditor160.bpl
MOD - [2012.04.11 20:06:12 | 000,097,280 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\expertpdfcore160.bpl
MOD - [2012.04.11 20:06:10 | 004,680,704 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfcore160.bpl
MOD - [2012.04.11 20:06:08 | 002,478,080 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsvector160.bpl
MOD - [2012.04.11 20:06:08 | 000,064,512 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vsprinters160.bpl
MOD - [2012.04.11 20:06:08 | 000,064,512 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprinter160.bpl
MOD - [2012.04.11 20:06:06 | 000,087,552 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vspropsaver160.bpl
MOD - [2012.04.11 20:06:04 | 002,693,120 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\bblite160.bpl
MOD - [2012.04.11 20:06:04 | 002,253,824 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\PKIECtrl160.bpl
MOD - [2012.04.11 20:06:02 | 001,186,816 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\TMSlite160.bpl
MOD - [2012.02.23 16:11:28 | 000,025,088 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\vstrees160.bpl
MOD - [2011.09.30 19:10:22 | 000,684,032 | ---- | M] () -- E:\Programme\Avanquest\PDF Experte 8 Ultimate\js32.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.07.22 00:25:30 | 001,901,752 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe -- (OfficeSvc)
SRV:64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012.04.26 11:14:06 | 002,438,696 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV:64bit: - [2012.04.06 04:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2010.04.06 17:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV:64bit: - [2009.07.14 03:41:19 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lpdsvc.dll -- (LPDSVC)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\svchost.exe -- (LanmanWorkstation)
SRV - [2013.09.04 11:36:37 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- E:\Programme\Antivir\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.09.04 11:36:29 | 000,815,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- E:\Programme\Antivir\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.09.04 11:36:27 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- E:\Programme\Antivir\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.07.02 17:21:20 | 000,023,720 | ---- | M] () [Auto | Running] -- e:\Programme\Ocster Backup\bin\backupService-ox.exe -- (ocster_backup)
SRV - [2013.04.18 11:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2013.01.16 22:09:27 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- E:\Programme\Adobe\Photoshop Elements 11\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.08.28 08:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- E:\Programme\TomTom\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.08.06 13:24:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\ATI\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2011.11.23 14:02:07 | 000,012,800 | ---- | M] (Deutsche Telekom AG) [Auto | Running] -- E:\Programme\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe -- (MCSWASVR)
SRV - [2011.09.16 01:16:48 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- e:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.09.20 11:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.08.24 22:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [Auto | Running] -- E:\Programme\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe -- (DfSdkS)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.05 02:09:02 | 000,068,760 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- E:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2007.05.31 17:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 17:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)
DRV:64bit: - [2013.09.04 11:36:39 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.09.04 11:36:39 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.07.29 14:31:56 | 000,045,856 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013.03.06 16:13:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.22 07:32:08 | 000,160,256 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ser2pl64.sys -- (Ser2pl)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2013.01.23 10:31:52 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2013.01.23 10:31:52 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2013.01.23 10:31:52 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.10.17 14:53:46 | 000,026,112 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.08.27 20:39:20 | 000,226,696 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2012.08.27 20:39:16 | 000,107,912 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.06.05 14:45:16 | 000,237,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2012.04.12 01:30:00 | 000,708,200 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012.04.06 07:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 03:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.30 16:49:08 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 20:29:42 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011.11.04 16:13:22 | 000,059,184 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011.11.04 16:13:20 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011.11.04 16:13:20 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011.11.04 16:13:18 | 000,039,728 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2011.11.02 11:48:26 | 000,021,616 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)
DRV:64bit: - [2011.09.21 11:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:64bit: - [2011.09.02 08:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.03.02 17:48:56 | 000,030,800 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\OODrvled.sys -- (oodrvled)
DRV:64bit: - [2010.11.20 06:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 03:43:58 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.29 17:11:42 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.21 17:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (TEAM)
DRV:64bit: - [2009.12.21 17:39:40 | 000,051,712 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtTeam60.sys -- (RTTEAMPT)
DRV:64bit: - [2009.10.07 12:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.07 12:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.20 04:27:34 | 000,027,136 | ---- | M] (Realtek                                            ) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\RtNdPt60.sys -- (RtNdPt60)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.04 18:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie)
DRV:64bit: - [2009.02.20 18:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)
DRV:64bit: - [2007.12.03 04:20:54 | 000,024,064 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtVlan60.sys -- (RTVLANPT)
DRV:64bit: - [2000.01.01 02:00:00 | 000,096,896 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2000.01.01 02:00:00 | 000,082,560 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2000.01.01 02:00:00 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV - [2012.10.09 16:22:55 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.03.05 17:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\ATI\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.02.01 13:47:46 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)
DRV - [2012.02.01 13:43:38 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2010.06.14 10:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- E:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP5c\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006.10.05 17:07:28 | 000,072,608 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysWow64\drivers\TPkd.sys -- (TPkd)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.jan-records.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 10 F8 97 CE 93 04 CA 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKCU\..\SearchScopes\{B8043587-EBE9-4754-9E02-4BD5899FE7BA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=971163&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box;192.168.178.1
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: DeviceDetection%40logitech.com:1.24.0.9
FF - prefs.js..extensions.enabledAddons: maps%40ovi.com:5.9.2.0
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: %7B5D3F3872-91E9-4d59-AD9F-AA174A3145DD%7D:4.00.33
FF - prefs.js..extensions.enabledAddons: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:3.9
FF - prefs.js..extensions.enabledAddons: fb_add_on%40avm.de:1.7.0
FF - prefs.js..extensions.enabledAddons: %7Bd49175b3-3fd8-43b8-b28e-da5d47f3c398%7D:1.0.51
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.182
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130917
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: E:\Programme\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Plus Web Player Plug-In,version=1.0.0: e:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: e:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: E:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}: C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2012.04.19 15:08:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.09.14 09:48:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: e:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013.09.02 17:15:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: e:\Programme\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: e:\Programme\Mozilla Firefox\plugins [2013.08.18 14:19:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.09.14 09:48:59 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: E:\Programme\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: E:\Programme\Mozilla Firefox\plugins [2013.08.18 14:19:58 | 000,000,000 | ---D | M]
 
[2012.08.03 13:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions
[2012.08.03 13:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.09.18 18:57:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions
[2013.09.18 18:57:59 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.08.28 13:20:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.04.19 14:55:30 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\DeviceDetection@logitech.com
[2013.04.16 21:36:24 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\fb_add_on@avm.de
[2012.05.25 16:40:50 | 000,000,000 | ---D | M] (Nokia Maps 3D browser plugin) -- C:\Users\Marko\AppData\Roaming\mozilla\Firefox\Profiles\s0d1rked.default\extensions\maps@ovi.com
[2013.08.21 16:06:56 | 000,346,097 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\langpack-de@firefox.mozilla.org.xpi
[2013.08.25 17:31:49 | 000,149,240 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.02.12 15:27:59 | 000,328,332 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
[2013.08.15 12:00:58 | 000,395,932 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi
[2011.12.05 22:33:54 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2012.03.05 16:40:50 | 000,000,003 | ---- | M] () (No name found) -- C:\Users\Marko\AppData\Roaming\mozilla\firefox\profiles\s0d1rked.default\extensions\maps@ovi.com\plugins\package.XPI
[2012.04.19 15:08:03 | 000,000,000 | ---D | M] (Logitech Flow Scroll) -- C:\PROGRAM FILES\LOGITECH\FLOWSCROLL\LOGISMOOTHFIREFOXEXT
[2013.09.02 17:15:46 | 000,000,000 | ---D | M] (No name found) -- E:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
 
O1 HOSTS File: ([2013.09.05 15:38:01 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\Programme\Classic Shell\ClassicIE9DLL_64.dll (IvoSoft)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - e:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - E:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Programme\Java\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Logitech Flow Scroll) - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll (Logitech, Inc.)
O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - E:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Programme\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Classic Start Menu] E:\Programme\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [EvtMgr6] E:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [LogiScrollApp] C:\Program Files\Logitech\FlowScroll\KhalScroll.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Ocster Backup] E:\Programme\Ocster Backup\bin\backupClient-ox.exe ()
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] E:\Programme\Antivir\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXMediaServer] e:\Programme\DivX\DivX Media Server\DivXMediaServer.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Memeo Instant Backup] C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe (Memeo Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\ATI\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vspdfprsrv.exe] e:\Programme\Avanquest\PDF Experte 8 Ultimate\vspdfprsrv.exe (Visagesoft)
O4 - HKCU..\Run: [AmazonMP3DownloaderHelper] C:\Users\Marko\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe ()
O4 - HKCU..\Run: [BrowserMask] E:\Programme\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4 - HKCU..\Run: [DeskDriveStartup] E:\Programme\Blue Onion Software\Desk Drive\DeskDrive.exe (Blue Onion Software)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk = C:\Users\Marko\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG)
O4 - Startup: C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = E:\Programme\Rainmeter\Rainmeter.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - E:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - E:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - E:\Programme\Antivir\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx (Dldrv2 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{439A6B06-4174-4A81-B708-0B408A600E04}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D357B98D-C73F-4A93-BF6C-65F5C3794884}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.09.20 15:26:40 | 001,950,622 | ---- | C] (Farbar) -- C:\Users\Marko\Desktop\FRST64.exe
[2013.09.18 21:43:58 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.09.18 15:04:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.09.09 15:00:48 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Polli
[2013.09.06 12:18:09 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.09.06 11:32:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.09.06 11:00:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.09.06 11:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.09.06 11:00:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.09.06 11:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.09.05 15:40:12 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013.09.05 15:26:22 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.09.05 15:26:22 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.09.05 15:26:22 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.09.05 15:26:17 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.09.05 15:26:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.09.05 15:22:02 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Trojaner-Board
[2013.09.04 14:22:03 | 000,000,000 | ---D | C] -- C:\FRST
[2013.08.29 08:53:12 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Hausbau
[2013.08.28 16:21:52 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Avira
[2013.08.28 16:18:51 | 000,081,112 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.08.28 16:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.08.28 16:17:09 | 000,132,088 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.08.28 16:17:09 | 000,105,344 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.08.28 16:17:09 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.08.28 16:17:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.08.26 14:38:50 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Kaspersky
[2013.08.25 18:15:23 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Local\BewerbungsMaster
[2013.08.25 18:14:01 | 000,000,000 | ---D | C] -- C:\Users\Marko\Documents\BewerbungsMaster
[2013.08.25 18:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
[2013.08.25 18:13:16 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BewerbungsMaster
[2013.08.25 17:23:38 | 000,000,000 | ---D | C] -- C:\Users\Marko\Desktop\Nick_Ausbildung
[2013.08.22 15:01:48 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\dvdcss
[2013.08.22 14:58:17 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder x64
[2013.08.22 14:58:05 | 000,000,000 | ---D | C] -- C:\Users\Marko\AppData\Roaming\Broad Intelligence
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.09.20 18:17:00 | 000,000,338 | ---- | M] () -- C:\Windows\tasks\HP Photo Creations Communicator.job
[2013.09.20 18:15:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.09.20 18:12:43 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\One-Click Optimizer.job
[2013.09.20 15:26:03 | 001,950,622 | ---- | M] (Farbar) -- C:\Users\Marko\Desktop\FRST64.exe
[2013.09.20 11:15:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.09.20 08:35:40 | 000,015,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.09.20 08:35:40 | 000,015,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.09.20 08:25:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.09.20 00:15:01 | 000,078,423 | ---- | M] () -- C:\Windows\SysNative\log.xml
[2013.09.20 00:15:01 | 000,000,008 | ---- | M] () -- C:\Windows\SysNative\log-suffix.xml
[2013.09.19 23:24:09 | 000,026,638 | ---- | M] () -- C:\Users\Marko\Desktop\Kaspersky-pure2-code.pdf
[2013.09.18 15:04:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marko\Desktop\OTL.exe
[2013.09.11 10:37:18 | 003,584,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.09.09 15:25:00 | 001,622,098 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.09.09 15:25:00 | 000,700,370 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.09.09 15:25:00 | 000,655,092 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.09.09 15:25:00 | 000,149,184 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.09.09 15:25:00 | 000,121,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.09.05 15:38:01 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.09.04 14:08:33 | 000,000,344 | ---- | M] () -- C:\Users\Marko\defogger_reenable
[2013.09.04 11:36:39 | 000,132,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.09.04 11:36:39 | 000,105,344 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.09.04 11:36:39 | 000,081,112 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.09.02 17:15:46 | 000,000,787 | ---- | M] () -- C:\Users\Marko\Desktop\DivX Movies.lnk
[2013.09.02 17:15:40 | 000,000,754 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.08.29 20:08:36 | 000,001,066 | ---- | M] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
[2013.08.26 14:53:05 | 000,002,453 | ---- | M] () -- C:\Users\Public\Desktop\SeaTools for Windows.lnk
[2013.08.23 13:05:58 | 000,001,147 | ---- | M] () -- C:\Users\Marko\Desktop\Mediencenter.lnk
[2013.08.23 13:05:58 | 000,001,139 | ---- | M] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk
[2013.08.22 14:58:17 | 000,000,687 | ---- | M] () -- C:\Users\Marko\Desktop\MediaCoder x64.lnk
[2013.08.22 14:33:38 | 000,018,944 | ---- | M] () -- C:\Users\Marko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.22 14:30:49 | 000,000,124 | ---- | M] () -- C:\Users\Marko\Documents\ax_files.xml
[8 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.09.05 15:26:22 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.09.05 15:26:22 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.09.05 15:26:22 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.09.05 15:26:22 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.09.05 15:26:22 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.09.04 14:08:33 | 000,000,344 | ---- | C] () -- C:\Users\Marko\defogger_reenable
[2013.09.02 17:15:46 | 000,000,787 | ---- | C] () -- C:\Users\Marko\Desktop\DivX Movies.lnk
[2013.09.02 17:15:40 | 000,000,754 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2013.08.29 20:08:36 | 000,001,066 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
[2013.08.22 14:58:17 | 000,000,687 | ---- | C] () -- C:\Users\Marko\Desktop\MediaCoder x64.lnk
[2013.06.24 16:22:35 | 000,000,132 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Adobe CS5-Voreinstellungen für BMP-Format
[2013.06.07 10:07:28 | 000,000,019 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Network Meter_Usage.ini
[2013.02.28 21:03:46 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll
[2012.11.01 19:48:10 | 011,624,448 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\Sandra.mdb
[2012.10.22 14:54:56 | 000,164,352 | ---- | C] () -- C:\Windows\SysWow64\UNRAR.DLL
[2012.10.22 14:54:56 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\UNACEV2.DLL
[2012.10.01 17:08:09 | 000,000,624 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\All CPU MeterV3_Settings.ini
[2012.09.14 11:41:21 | 000,019,159 | ---- | C] () -- C:\Windows\hpqins13.dat.temp
[2012.09.14 11:40:35 | 000,019,159 | ---- | C] () -- C:\Windows\hpqins13.dat
[2012.09.14 11:19:19 | 000,181,225 | ---- | C] () -- C:\Windows\hpoins29.dat.temp
[2012.09.14 11:19:19 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat.temp
[2012.09.14 10:01:52 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2012.09.14 09:46:47 | 000,221,040 | ---- | C] () -- C:\Windows\hpoins30.dat
[2012.09.14 09:46:47 | 000,000,587 | ---- | C] () -- C:\Windows\hpomdl30.dat
[2012.08.29 22:00:20 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2012.08.15 11:58:52 | 000,000,021 | ---- | C] () -- C:\Users\Marko\AppData\Local\mc.pixel.data
[2012.05.22 11:07:10 | 000,091,136 | ---- | C] () -- C:\Windows\SendToClip.exe
[2012.04.26 22:38:20 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.28 17:41:26 | 000,725,514 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\unins000.exe
[2012.02.28 17:41:26 | 000,559,104 | ---- | C] () -- C:\Windows\SysWow64\lame.exe
[2012.02.28 17:41:26 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.02.28 17:41:26 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2012.02.28 17:41:26 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2012.02.28 17:41:26 | 000,007,232 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\unins000.dat
[2012.02.01 13:17:14 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.03 18:30:21 | 000,018,944 | ---- | C] () -- C:\Users\Marko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.30 19:51:46 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2011.12.28 18:56:34 | 001,599,056 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.09 14:00:24 | 000,007,597 | ---- | C] () -- C:\Users\Marko\AppData\Local\Resmon.ResmonCfg
[2011.12.09 13:08:03 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2011.12.06 19:30:03 | 000,010,349 | ---- | C] () -- C:\Windows\Q-Dir.ini
[2011.12.06 16:22:02 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.05 21:44:45 | 000,000,412 | ---- | C] () -- C:\Users\Marko\AppData\Roaming\All CPU Meter_Settings.ini
[2011.12.05 21:03:06 | 000,180,939 | ---- | C] () -- C:\Windows\hpoins29.dat
[2011.12.05 21:03:06 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl29.dat
[2011.12.05 18:35:13 | 000,017,408 | ---- | C] () -- C:\Users\Marko\AppData\Local\WebpageIcons.db
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
[2011.06.27 13:53:01 | 000,002,855 | ---- | C] () -- C:\Users\Marko\log.xml
[2011.06.27 13:53:01 | 000,000,008 | ---- | C] () -- C:\Users\Marko\log-suffix.xml
[2008.12.27 20:33:10 | 000,001,024 | ---- | C] () -- C:\Users\Marko\.rnd
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 04:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 03:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.07.24 15:09:10 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Amazon
[2012.05.22 09:40:32 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\AntiBrowserSpy 2009
[2013.07.25 15:35:23 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Ashampoo
[2012.06.04 22:22:23 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\becker
[2013.08.22 14:58:05 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Broad Intelligence
[2012.02.01 10:36:17 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Canon
[2012.08.13 13:45:38 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.08.03 17:26:09 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.02.28 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\concept design
[2012.11.07 14:31:42 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\DAEMON Tools Lite
[2012.10.22 15:33:01 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Dateicommander
[2012.04.17 13:42:53 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\DxO Labs
[2012.04.17 13:43:05 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\DxO_Labs
[2013.03.20 14:14:11 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\EurekaLog
[2012.08.16 13:49:03 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\FileZilla
[2011.12.20 15:54:35 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Foxit Software
[2012.02.28 17:41:26 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Franzis
[2013.07.10 14:18:11 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\GeoSetter
[2012.05.22 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Hyperionics
[2012.09.13 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\IT-Service Christian Hau (www.a-bit-more.de)
[2012.09.13 22:13:10 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\IT-Service Christian Hau - www.a-bit-more.de
[2013.03.08 22:26:35 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\KeePass
[2012.01.03 21:55:41 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Leadertech
[2012.11.30 10:51:40 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\MAGIX
[2012.03.12 17:56:46 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\map&guide
[2013.08.19 14:00:16 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Memeo
[2013.09.02 17:43:47 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Mp3tag
[2013.01.25 15:12:58 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\NetSpeedMonitor
[2011.12.06 19:47:32 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Nitro PDF
[2012.12.11 18:26:56 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\No Company Name
[2012.07.24 12:02:42 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Nokia
[2012.07.24 12:01:51 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Nokia Suite
[2012.05.24 08:25:37 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\OfficeRecovery
[2012.05.24 08:25:37 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\OfficeRecovery.b3c38332
[2013.08.29 16:39:56 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\onOne Software
[2012.04.17 13:40:41 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PACE Anti-Piracy
[2012.09.17 17:47:05 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PC Suite
[2012.09.25 17:35:55 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PDAppFlex
[2013.03.18 22:57:12 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PDF Experte 8
[2013.01.14 16:07:53 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\PDF Writer
[2011.12.06 19:35:21 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Q-Dir
[2013.03.13 19:29:23 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Rainmeter
[2012.01.04 18:37:52 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Samsung
[2012.05.24 08:57:51 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\SmartTools
[2013.04.21 20:07:30 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Telekom
[2012.08.03 13:09:55 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\TomTom
[2012.09.14 10:49:44 | 000,000,000 | ---D | M] -- C:\Users\Marko\AppData\Roaming\Visan
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< :OTL >
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.21 16:30:26 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.03.21 16:30:27 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.14 10:49:17 | 000,000,338 | ---- | C] () -- C:\Windows\Tasks\HP Photo Creations Communicator.job
[2013.07.29 14:57:22 | 000,000,370 | ---- | C] () -- C:\Windows\Tasks\One-Click Optimizer.job
 
< SRV - [2011.12.05 22:16:03 | 000,114,000 | ---- | M] (Joosoft.com GmbH) [Auto | Running] -- C:\Windows\SysWOW64\UpdSvc.dll -- (Update-Service) >
 
< :files >
 
< C:\Windows\SysWOW64\UpdSvc.dll >
 
< :reg >
 
< [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] >
 
< "Update-Service-Installer-Service"=- >
 
< "Update-Service"=- >
 
< [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] >
 
< "Update-Service-Installer-Service"=- >
 
< "Update-Service"=- >
 
< :commands >
 
< [reboot] >
 
<           >
 
========== Files - Unicode (All) ==========
[2013.09.20 14:26:48 | 098,474,815 | ---- | M] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\ទ㤃뻼¡
[2013.09.20 08:26:54 | 098,474,815 | ---- | C] ()(C:\Windows\SysWow64\???¡) -- C:\Windows\SysWow64\ទ㤃뻼¡
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1213 bytes -> C:\ProgramData\Microsoft:V6rvehwmRjYqRAkFBpLsBNz
@Alternate Data Stream - 1190 bytes -> C:\ProgramData\Microsoft:cJP8NoA3alrUCM20

< End of report >
         
__________________
= = = = = = = = = = = = = = = = = =

MfG

mk72

Alt 20.09.2013, 22:33   #27
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Das Programm bietet in der jetzigen Version nicht die Möglichkeit einen Advanced Mode anzuklicken- soll ich so auf start gehen?

Siehe angehängte Grafik(ich weiß nicht, wie ich ein Bild im Text eingefügt bekomme, das Logo zum Bilder einfügen verlangt eine URL?)
__________________
= = = = = = = = = = = = = = = = = =

MfG

mk72

Alt 21.09.2013, 11:55   #28
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Ja einfach auf Start, dann die Kästchen anhaken
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.09.2013, 16:29   #29
mk72
 
Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



Code:
ATTFilter
Farbar Service Scanner Version: 13-09-2013
Ran by Marko (administrator) on 23-09-2013 at 17:27:55
Running from "C:\Users\Marko\Desktop"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
         
__________________
= = = = = = = = = = = = = = = = = =

MfG

mk72

Alt 23.09.2013, 18:12   #30
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Standard

Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst



much better

Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst
adware/yontoo.gen2, aktion, aktivierung, anhang, antivir, beschädigt, datei, deaktiviert, entfernt, free, kaspersky, kis, leute, liste, malware, namen, neuinstallation, nicht mehr, nichts, problem, programm, schutz, unerwünschtes programm, virus, win, zugriff




Ähnliche Themen: Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst


  1. WIN7 Nach automatischen Updates keine Anmeldung möglich
    Alles rund um Windows - 17.11.2015 (23)
  2. Nach Win7 Installation keine Updates mehr u. CPU Frequenz ständig über 100% Virus ?
    Log-Analyse und Auswertung - 11.11.2015 (44)
  3. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  4. Windows 8.1 macht nach Vierenbefall/Trojaner keine Updates mehr
    Log-Analyse und Auswertung - 06.08.2014 (11)
  5. Kaspersky kann nach Installation von Hotspot Shield keine Updates mehr downloaden!
    Plagegeister aller Art und deren Bekämpfung - 18.08.2013 (8)
  6. keine internetkonnektivität nach neuinstallation
    Netzwerk und Hardware - 01.10.2012 (14)
  7. Keine Treiber nach Neuinstallation von Win 7
    Alles rund um Windows - 18.07.2012 (8)
  8. Keine Verbindung zu iTunes, Avira Guard, Windows Updates nach Sirefef.CH-Bekämpfung
    Plagegeister aller Art und deren Bekämpfung - 09.01.2012 (9)
  9. Nach Entfernung SecurityShield keine Windows Firewall-Aktivierung mehr möglich
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (13)
  10. Keine Updates & einige Installationen mehr möglich - infiziert nach Malware
    Log-Analyse und Auswertung - 13.01.2011 (25)
  11. keine Virenscanner Updates mehr nach Entfernung von System Tool
    Log-Analyse und Auswertung - 30.12.2010 (1)
  12. Byavubohido rundll32.exe<-- internet abbruch, und keine updates mehr, fenster fehler
    Plagegeister aller Art und deren Bekämpfung - 13.10.2010 (53)
  13. Keine Windows Updates möglich: Fehler 0x80072EFD
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (1)
  14. Kann keine updates mehr machen mit kaspersky
    Log-Analyse und Auswertung - 03.02.2009 (18)
  15. keine Win2k Installation nach Fehler bei Linux
    Alles rund um Windows - 23.11.2008 (9)
  16. Keine .exe, Keine Updates, Keine https
    Log-Analyse und Auswertung - 09.09.2008 (16)
  17. Nach Neuinstallation ist keine Anmeldung mehr möglich
    Alles rund um Windows - 13.09.2006 (1)

Zum Thema Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst - Code: Alles auswählen Aufklappen ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-09-2013 01 Ran by Marko at 2013-09-16 17:41:40 Running from C:\Users\Marko\Desktop Boot Mode: Normal ========================================================== - Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst...
Archiv
Du betrachtest: Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.