| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.02.2014, 14:05
| #16 |
| /// the machine /// TB-Ausbilder    |  Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! poste mal bitte ein frisches FRST log, aber bitte nen Haken setzen bei Additional, poste beide logfiles.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.02.2014, 18:18
| #17 |
 | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hallo Schrauber
__________________hier die Log´s FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2014
Ran by Admin (administrator) on ADMIN-PC on 06-02-2014 18:11:56
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(GFI Software Ltd.) C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe
(GFI Software Ltd.) C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(AVM Berlin) C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
( ) C:\Windows\System32\lxducoms.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\ProgramData\TVersity\Media Server\MediaServer.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(VMLite, Inc.) C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
(Tablet Driver) C:\Windows\System32\drivers\WTSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonTaskbar.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Realtime Soft Ltd) C:\Program Files\UltraMon\UltraMonUiAcc.exe
(Realtime Soft Ltd) C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [Eraser] - C:\Program Files\Eraser\Eraser.exe [980920 2012-05-22] (The Eraser Project)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [SPIRunE] - Rundll32 SPIRunE.dll,RunDLLEntry
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [184320 2007-04-17] (Creative Technology Ltd)
HKLM-x32\...\Run: [WTClient] - C:\Windows\SysWOW64\WTClient.exe [32768 2009-08-19] (Tablet Driver)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [UnlockerAssistant] - C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-10] (RealNetworks, Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [AVMUSBFernanschluss] - C:\Users\Admin\AppData\Local\Apps\2.0\12HOTO9J.7NP\8LLHM2D0.AMZ\frit..tion_1acae14e4778b8d2_0002.0003_6dcb4a48ddb2ee39\AVMAutoStart.exe [139264 2014-01-30] (AVM Berlin)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [MtdAcqu] - C:\Program Files (x86)\Creative\MediaSource5\MtdAcqu.exe [278528 2006-03-08] (Creative Technology Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Run: [Spotify Web Helper] - C:\Users\Admin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576 2012-11-10] (Spotify Ltd)
HKU\S-1-5-21-2715126414-4153456669-2541334608-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
==================== Internet (Whitelisted) ====================
ProxyServer: 216.155.139.115:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD3DA056485D9CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKLM-x32 - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKCU - {90C03654-BF89-48C9-ABAB-3C6CFF9C7798} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE368
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: GetRight IE Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files (x86)\GetRight\xx2gr.dll (Headlight Software, Inc.)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Lexmark - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files (x86)\Lexmark Printable Web\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
Toolbar: HKCU - No Name - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPID.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Winsock: Catalog5 09 %ProgramFiles(x86)%\FRITZ!DSL\\sarah.dll File Not found ()
Winsock: Catalog5-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 01 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 02 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 09 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Winsock: Catalog9-x64 14 %ProgramFiles%\FRITZ!DSL\\sarah.dll [34104] (AVM Berlin)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\vx5a6cwc.Battlefield
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\de_DE@dicts.j3e.de [2011-03-18]
FF Extension: Integrated Gmail - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{28197867-b1ef-4140-8e3b-55c45b9c8460} [2011-03-18]
FF Extension: NoScript - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232} [2011-03-18]
FF Extension: DownloadHelper - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012-10-24]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\profiles\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2012-10-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-20]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-10]
FF HKCU\...\Firefox\Extensions: [{12805837-47e5-429f-8db4-77fa8c07a0e1}] - C:\Program Files (x86)\bLyrics\130.xpi
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR DefaultSearchProvider: Linkury Smartbar Search
CHR DefaultSearchURL: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\15.0.874.106\pdf.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\chvsharetvplg.dll No File
CHR Plugin: (vShare.tv plug-in) - C:\Program Files (x86)\Mozilla Firefox\plugins\npvsharetvplg.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files (x86)\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [okaclkhnjaebofijaabgiahinbajiekd] - C:\Program Files (x86)\bLyrics\130.crx [2012-11-29]
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-02] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [336248 2012-02-02] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143736 2011-10-31] (AVM Berlin)
R2 gfi_lanss9_attservice; C:\Program Files (x86)\GFI\LANguard 9\lnssatt.exe [329144 2010-11-13] (GFI Software Ltd.)
R2 GFI_ReportCenter35; C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfireporterservice.exe [111912 2009-06-16] (GFI Software Ltd.)
R2 IGDCTRL; C:\Program Files\FRITZ!DSL\IGDCTRL.EXE [88888 2009-07-28] (AVM Berlin)
S2 lxduCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe [29184 2009-10-16] (Lexmark International, Inc.)
R2 lxdu_device; C:\Windows\system32\lxducoms.exe [1039360 2009-10-16] ( )
R2 lxdu_device; C:\Windows\SysWOW64\lxducoms.exe [589824 2009-10-16] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [58345832 2011-09-22] (Microsoft Corporation)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2011-10-31] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-13] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2013-08-13] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S4 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2011-01-02] (www.shadowexplorer.com)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [431464 2011-09-22] (Microsoft Corporation)
R2 TVersityMediaServer; C:\ProgramData\TVersity\Media Server\MediaServer.exe [1249064 2011-07-29] ()
R2 VMLiteService; C:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe [426600 2010-08-21] (VMLite, Inc.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-01-22] (AVM Berlin)
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116096 2010-05-13] (AVM Berlin)
S3 ENTECH64; C:\Windows\system32\DRIVERS\ENTECH64.sys [12744 2008-04-22] (EnTech Taiwan)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 papycpu; C:\Windows\SysWow64\Drivers\papycpu.sys [1984 1998-09-04] ()
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SaiHFF04; C:\Windows\System32\DRIVERS\SaiHFF04.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF04; C:\Windows\System32\DRIVERS\SaiIFF04.sys [20608 2007-05-01] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [16000 2009-06-10] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [43264 2009-06-10] (Saitek)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [526392 2012-01-07] (Duplex Secure Ltd.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
R1 VBoxDrv; C:\Windows\System32\drivers\VBoxDrv.sys [204328 2010-08-11] (VMLite, Inc.)
R3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp.sys [146216 2010-08-11] (VMLite, Inc.)
R3 VBoxNetFlt; C:\Windows\System32\DRIVERS\VBoxNetFlt.sys [165800 2010-08-11] (VMLite, Inc.)
R3 vmlitediskmp; C:\Windows\System32\DRIVERS\vmlitediskmp.sys [147560 2010-01-11] (VMLite, Inc.)
R1 vmlitedrv; C:\Windows\System32\drivers\vmlitedrv.sys [14952 2010-08-03] (VMLite, Inc.)
R3 vmlitestor; C:\Windows\System32\DRIVERS\vmlitestor.sys [177768 2010-08-11] (VMLite, Inc.)
R1 VMLiteUSBMon; C:\Windows\System32\drivers\vmliteusbmon.sys [135272 2010-08-18] (VMLite, Inc.)
S3 WFMC_VAD; C:\Windows\System32\DRIVERS\wfmcvad.sys [24064 2010-02-08] (WiFi Media Connect)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-05] (Microsoft Corporation)
S0 Lbd; system32\DRIVERS\Lbd.sys [X]
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-05 05:02 - 2014-02-05 05:02 - 00119560 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-05 03:56 - 2014-02-05 03:56 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-02-05 03:55 - 2014-02-05 03:55 - 00000344 _____ () C:\Windows\PFRO.log
2014-02-04 19:51 - 2014-02-04 19:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-04 19:51 - 2014-02-04 19:51 - 00000000 ____D () C:\RegBackup
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 18:31 - 2014-02-05 03:51 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-03 17:18 - 2014-02-03 17:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 17:18 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-03 17:18 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-03 16:48 - 2014-02-05 17:23 - 00008030 _____ () C:\Windows\avmacc.log
2014-02-03 16:44 - 2014-02-06 18:05 - 00000560 _____ () C:\Windows\setupact.log
2014-02-03 16:44 - 2014-02-03 16:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 14:08 - 2014-01-31 15:10 - 00000000 ____D () C:\AdwCleaner
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:41 - 2014-01-31 13:42 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:37 - 2014-01-29 18:54 - 00000000 ____D () C:\Qoobox
2014-01-29 18:37 - 2014-01-29 18:50 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:37 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-01-29 18:37 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-01-29 18:37 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-01-29 18:37 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 19:11 - 2014-01-21 21:56 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-27 19:04 - 2014-02-06 18:11 - 00000000 ____D () C:\FRST
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-27 18:46 - 2014-01-29 19:07 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-26 09:24 - 2014-01-26 09:25 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:50 - 2014-01-26 07:51 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-19 19:52 - 2014-01-19 19:53 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:19 - 2014-01-19 17:22 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:18 - 2014-01-19 17:22 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:41 - 2014-01-19 14:46 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:05 - 2014-01-19 14:38 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:00 - 2014-01-18 21:04 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-17 18:54 - 2014-01-21 17:23 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-17 18:54 - 2014-01-21 17:23 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:41 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:41 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:41 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:41 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv
==================== One Month Modified Files and Folders =======
2014-02-06 18:13 - 2010-01-07 06:55 - 00769136 _____ () C:\Windows\system32\perfh007.dat
2014-02-06 18:13 - 2010-01-07 06:55 - 00175866 _____ () C:\Windows\system32\perfc007.dat
2014-02-06 18:13 - 2009-07-14 06:13 - 01816162 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-06 18:12 - 2012-11-27 17:10 - 01354432 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 18:12 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 18:12 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 18:11 - 2014-01-27 19:04 - 00000000 ____D () C:\FRST
2014-02-06 18:07 - 2010-02-26 13:10 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-06 18:06 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-06 18:05 - 2014-02-03 16:44 - 00000560 _____ () C:\Windows\setupact.log
2014-02-05 21:01 - 2013-01-26 09:18 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job
2014-02-05 20:34 - 2010-02-26 13:10 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-05 18:15 - 2013-01-26 09:18 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job
2014-02-05 17:23 - 2014-02-03 16:48 - 00008030 _____ () C:\Windows\avmacc.log
2014-02-05 17:23 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2014-02-05 17:23 - 2010-05-12 19:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2014-02-05 05:02 - 2014-02-05 05:02 - 00119560 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-02-05 05:02 - 2010-02-08 10:14 - 00119560 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-05 03:56 - 2014-02-05 03:56 - 00000000 ____D () C:\Users\Public\Recorded TV
2014-02-05 03:56 - 2009-07-14 05:45 - 05002968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-05 03:55 - 2014-02-05 03:55 - 00000344 _____ () C:\Windows\PFRO.log
2014-02-05 03:51 - 2014-02-03 18:31 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-05 02:01 - 2011-08-01 17:54 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2014-02-04 19:51 - 2014-02-04 19:51 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-04 19:51 - 2014-02-04 19:51 - 00000000 ____D () C:\RegBackup
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-02-04 17:25 - 2014-02-04 17:25 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2014-02-03 19:23 - 2009-07-14 03:34 - 00000514 _____ () C:\Windows\win.ini
2014-02-03 17:31 - 2012-04-04 11:04 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-03 17:31 - 2011-07-09 12:49 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-03 17:21 - 2013-11-04 18:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-03 17:18 - 2014-02-03 17:18 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 17:18 - 2010-05-07 22:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-03 16:48 - 2010-10-08 13:57 - 01746432 ___SH () C:\Users\Admin\Desktop\Thumbs.db
2014-02-03 16:44 - 2014-02-03 16:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-02 17:05 - 2013-10-25 16:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2014-01-31 19:51 - 2014-01-31 19:51 - 02630806 _____ () C:\Users\Admin\Desktop\tyres_iii_by_katha83_by_katha83-d427yim.abr
2014-01-31 17:17 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-31 15:25 - 2014-01-31 15:25 - 00002758 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-01-31 15:21 - 2014-01-31 15:21 - 00000000 ____D () C:\Windows\ERUNT
2014-01-31 15:10 - 2014-01-31 14:08 - 00000000 ____D () C:\AdwCleaner
2014-01-31 15:05 - 2010-03-28 15:38 - 00000000 ____D () C:\ProgramData\ICQ
2014-01-31 13:42 - 2014-01-31 13:42 - 00001747 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-31 13:42 - 2014-01-31 13:41 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iTunes
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files\iPod
2014-01-31 13:41 - 2014-01-31 13:41 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-31 13:37 - 2010-07-11 11:10 - 00000000 ____D () C:\ProgramData\Apple
2014-01-30 19:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-30 19:07 - 2012-01-14 09:04 - 00283829 _____ () C:\Windows\SysWOW64\TVersityMediaServer.log
2014-01-29 20:11 - 2014-01-29 20:11 - 00000062 _____ () C:\Windows\wininit.ini
2014-01-29 19:11 - 2010-05-13 17:34 - 00000000 ____D () C:\Users\Admin\AppData\Local\Apps\2.0
2014-01-29 19:07 - 2014-01-27 18:46 - 00000000 ____D () C:\Users\Admin\Desktop\Trojanerbord
2014-01-29 18:54 - 2014-01-29 18:54 - 00124294 _____ () C:\ComboFix.txt
2014-01-29 18:54 - 2014-01-29 18:37 - 00000000 ____D () C:\Qoobox
2014-01-29 18:50 - 2014-01-29 18:37 - 00000000 ____D () C:\Windows\erdnt
2014-01-29 18:50 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-01-29 18:49 - 2010-02-08 10:13 - 00000000 ____D () C:\Users\Admin
2014-01-29 18:26 - 2010-11-04 18:49 - 00000000 ____D () C:\Windows\Minidump
2014-01-28 20:45 - 2014-01-28 20:45 - 00000000 _____ () C:\Users\Admin\Desktop\Neues Textdokument (8).txt
2014-01-27 18:51 - 2014-01-27 18:51 - 00000020 _____ () C:\Users\Admin\defogger_reenable
2014-01-26 09:34 - 2013-09-01 09:21 - 00000000 ____D () C:\Users\Admin\Desktop\Tim Melzer
2014-01-26 09:25 - 2014-01-26 09:24 - 00000000 ____D () C:\Users\Admin\Desktop\Tor Browser
2014-01-26 09:17 - 2014-01-26 09:17 - 00614784 _____ (Chip Digital GmbH) C:\Users\Admin\Downloads\Tor Browser Paket - CHIP-Downloader.exe
2014-01-26 08:35 - 2014-01-26 08:35 - 00196304 _____ () C:\Users\Admin\Desktop\Extras.Txt
2014-01-26 08:34 - 2014-01-26 08:34 - 00176694 _____ () C:\Users\Admin\Desktop\OTL.Txt
2014-01-26 08:22 - 2014-01-26 08:22 - 00602112 _____ (OldTimer Tools) C:\Users\Admin\Desktop\OTL.exe
2014-01-26 08:00 - 2014-01-26 08:00 - 00001688 _____ () C:\Users\Public\Desktop\Defraggler.lnk
2014-01-26 08:00 - 2010-03-14 12:46 - 00000000 ____D () C:\Program Files\Defraggler
2014-01-26 07:59 - 2012-11-27 17:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-01-26 07:54 - 2014-01-26 07:54 - 00921000 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jxpiinstall.exe
2014-01-26 07:51 - 2014-01-26 07:51 - 09110456 _____ (The Eraser Project) C:\Users\Admin\Downloads\Eraser 6.0.10.2620.exe
2014-01-26 07:51 - 2014-01-26 07:50 - 04208656 _____ (Piriform Ltd) C:\Users\Admin\Downloads\dfsetup216.exe
2014-01-26 07:50 - 2014-01-26 07:50 - 04721920 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup410.exe
2014-01-26 07:49 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Spotify
2014-01-26 07:44 - 2012-11-10 18:10 - 00000000 ____D () C:\Users\Admin\AppData\Local\Spotify
2014-01-24 19:29 - 2014-01-24 19:29 - 00000000 ____D () C:\download
2014-01-21 21:56 - 2014-01-27 19:11 - 00380416 _____ () C:\Users\Admin\Desktop\gmer.exe
2014-01-21 17:23 - 2014-01-17 18:54 - 00002033 _____ () C:\Users\Admin\Desktop\Entfernen des Avira PC Cleaners.lnk
2014-01-21 17:23 - 2014-01-17 18:54 - 00001977 _____ () C:\Users\Admin\Desktop\Avira PC Cleaner.lnk
2014-01-19 19:53 - 2014-01-19 19:52 - 16545600 _____ () C:\Users\Admin\Desktop\▶ 5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 19:36 - 2014-01-19 19:36 - 12235872 _____ () C:\Users\Admin\Desktop\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.mp4
2014-01-19 17:22 - 2014-01-19 17:19 - 16545600 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 2013 - YouTube [360p].mp4
2014-01-19 17:22 - 2014-01-19 17:18 - 28680729 _____ () C:\Users\Admin\Downloads\▶ Beste Qualität für Youtube - Film Rendern After Effects ( Tutorial Deutsch German ) - YouTube [720p].mp4
2014-01-19 14:57 - 2014-01-19 14:57 - 01175552 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-2.flv
2014-01-19 14:46 - 2014-01-19 14:41 - 22009412 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20-1.flv
2014-01-19 14:38 - 2014-01-19 14:05 - 00000000 ____D () C:\Users\Admin\Desktop\I Phone Foto´s
2014-01-19 08:49 - 2014-01-19 08:49 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\QuickScan
2014-01-18 21:47 - 2014-01-18 21:47 - 00359310 _____ () C:\Users\Admin\AppData\Local\census.cache
2014-01-18 21:47 - 2014-01-18 21:47 - 00181174 _____ () C:\Users\Admin\AppData\Local\ars.cache
2014-01-18 21:04 - 2014-01-18 21:00 - 15035430 _____ () C:\Users\Admin\Downloads\5. Bielefelder Hörsaal-Slam - Julia Engelmann - Campus TV 20.flv
2014-01-15 20:07 - 2009-09-17 22:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-15 20:06 - 2013-07-27 09:49 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 20:03 - 2010-02-26 14:16 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:23 - 2011-01-07 19:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\TS3Client
2014-01-15 19:10 - 2014-01-15 19:10 - 00000206 _____ () C:\Users\Admin\Documents\cc_20140115_191034.reg
2014-01-15 19:08 - 2014-01-15 19:08 - 00010598 _____ () C:\Users\Admin\Documents\cc_20140115_190837.reg
2014-01-15 18:42 - 2010-06-26 09:07 - 00000000 ____D () C:\Windows\pss
2014-01-11 03:01 - 2010-07-11 13:14 - 01789506 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-10 18:18 - 2014-01-10 18:18 - 00001077 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-10 18:18 - 2011-01-16 12:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-10 18:10 - 2011-06-27 17:42 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2014-01-09 21:37 - 2014-01-09 21:37 - 00000168 _____ () C:\Users\Admin\Downloads\2591617_hd.flv
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-29 17:31
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2014 Ran by Admin at 2014-02-06 18:14:20 Running from C:\Users\Admin\Desktop\Trojanerbord\Programme Boot Mode: Normal ========================================================== ==================== Security Center ======================== ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (x32 Version: - Microsoft) 7-Zip 9.20 (x32 Version: - ) Acer eRecovery Management (x32 Version: 4.05.3003 - Acer Incorporated) Acer GameZone Console (x32 Version: 5.1.0.2 - Oberon Media, Inc.) Acer Registration (x32 Version: 1.02.3004 - Acer Incorporated) Acer ScreenSaver (x32 Version: 1.1.0812 - Acer Incorporated) Acer Updater (x32 Version: 1.01.3014 - Acer Incorporated) Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Adobe After Effects CS4 (x32 Version: 9 - Adobe Systems Incorporated) Hidden Adobe After Effects CS4 Presets (x32 Version: 9 - Adobe Systems Incorporated) Hidden Adobe After Effects CS4 Third Party Content (x32 Version: 9 - Adobe Systems Incorporated) Hidden Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.3.0.3670 - Adobe Systems Incorporated) Hidden Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Color Video Profiles AE CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe Community Help (x32 Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.2 - Adobe Systems Incorporated) Hidden Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Adobe Dreamweaver CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated) Adobe Fonts All (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Additional Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Exporter (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe Media Player (x32 Version: 1.1 - Adobe Systems Incorporated) Adobe MotionPicture Color Files CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS5 (x32 Version: 12.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated) Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Akamai NetSession Interface (HKCU Version: - Akamai Technologies, Inc) Akamai NetSession Interface Service (x32 Version: - ) AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden AMD AVIVO64 Codecs (Version: 11.7.0.11109 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden AMD System Monitor (x32 Version: 1.0.0 - Advanced Micro Devices, Inc.) Apple Application Support (x32 Version: 3.0 - Apple Inc.) Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.) Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.) Application Profiles (x32 Version: 2.0.4232.33935 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4301.35982 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4315.34200 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4331.36041 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4385.36018 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4469.34733 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4674.34053 - Advanced Micro Devices, Inc.) Application Profiles (x32 Version: 2.0.4719.35969 - Advanced Micro Devices, Inc.) Audacity 1.2.6 (x32 Version: - ) Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira) AVM FRITZ!Box Dokumentation (x32 Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (x32 Version: - AVM Berlin) AVS Update Manager 1.0 (x32 Version: - Online Media Technologies Ltd.) AVS Video Converter 6 (x32 Version: - Online Media Technologies Ltd.) AVS4YOU Software Navigator 1.4 (x32 Version: - Online Media Technologies Ltd.) Battlefield 2(TM) (x32 Version: - ) Battlefield 2: Special Forces (x32 Version: - ) Battlefield 3™ (x32 Version: 1.0.0.0 - Electronic Arts) Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0 - Electronic Arts) Battlelog Web Plugins (x32 Version: 2.1.7 - EA Digital Illusions CE AB) Bonjour (Version: 3.0.0.10 - Apple Inc.) Bonjour-Druckdienste (Version: 2.0.0.36 - Apple Inc.) Borderlands (x32 Version: 1.0.295 - 2K Games) Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (x32 Version: - Infinity Ward) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.1026.2246.39002 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.1125.2142.38865 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden CCleaner (Version: 4.10 - Piriform) Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden ConvertHelper 2.2 (x32 Version: - DownloadHelper) ConvertXtoDVD 4.1.19.365 (x32 Version: 4.1.19.365 - ) Counter-Strike (x32 Version: - Valve) Counter-Strike: Global Offensive Beta (x32 Version: - ) Counter-Strike: Source (x32 Version: - Valve) Counter-Strike: Source Beta (x32 Version: - ) Creative Audio-Systemsteuerung (x32 Version: 3.00 - Creative Technology Limited) Creative MediaSource 5 (x32 Version: 5.00 - ) Creative Software AutoUpdate (x32 Version: 1.40 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (x32 Version: - Creative Technology Limited) Dairy Dash (x32 Version: - Oberon Media) Darkest Hour: Europe '44-'45 (x32 Version: - Darkest Hour Team) DashCommand (x32 Version: 3.0.1 - Palmer Performance Engineering) Day of Defeat (x32 Version: - Valve) Dead Island (x32 Version: - Techland) Dead Space (x32 Version: - EA Redwood Shores) Deathmatch Classic (x32 Version: - Valve) DebugMode Wax 2.0 (x32 Version: - ) Defraggler (Version: 2.16 - Piriform) DH Driver Cleaner Professional Edition (x32 Version: Version 1.5 - Ruud Ketelaars) DiRT 2 (x32 Version: - Codemasters) DivX-Setup (x32 Version: 2.6.1.87 - DivX, LLC) DivxToDVD 0.5.2b (x32 Version: 0.5.2b - VSO-Software SARL) Dream Day First Home (x32 Version: - Oberon Media) DVDx 4.0 Open Edition (x32 Version: 4.0 (Open Edition) - labDV) eBay Worldwide (x32 Version: 2.1.0703 - OEM) Eraser 6.0.10.2620 (Version: 6.0.2620 - The Eraser Project) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESET Online Scanner v3 (x32 Version: - ) ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden EVEMon (x32 Version: 1.8.4.4125 - battleclinic.com) EVEREST Ultimate Edition v5.50 (x32 Version: 5.50 - Lavalys, Inc.) Exact Audio Copy 1.0beta3 (x32 Version: 1.0beta3 - Andre Wiethoff) Excel Protection Remover (x32 Version: - ) EXIFeditor (x32 Version: 1.0.0 - kiwi.software.NET) Exif-Viewer 2.50 (x32 Version: 2.50 - Ralf Bibinger) FileZilla Client 3.5.3 (HKCU Version: 3.5.3 - FileZilla Project) Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0 - MAGIX AG) FLAC 1.2.1b (remove only) (x32 Version: 1.2.1b - Xiph.org) FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25) - Martijn de Visser) Free Video to MP3 Converter version 3.5 (x32 Version: - DVDVideoSoft Limited.) FRITZ!Box USB-Fernanschluss - 1 (HKCU Version: 2.3.2.0 - AVM Berlin) FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.0.2 - AVM Berlin) FRITZ!DSL64 (Version: 2.04.03 - AVM Berlin) FRITZ!Fernzugang (Version: 1.2.6 - AVM Berlin) Futuremark SystemInfo (x32 Version: 4.0.0.0 - Futuremark Corporation) GameShadow (x32 Version: 2.03.0000 - GameShadow Ltd) GetRight (x32 Version: - Headlight Software, Inc.) GFI LANguard 9.0 ReportPack (x32 Version: 9.0.2009.0709 - GFI Software Ltd) GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) GFI LANguard 9.6 (x32 Version: 9.6.2010.1113 - GFI Software Ltd) Hidden GFI ReportCenter Framework (x32 Version: 3.6.2009.0630 - GFI Software Ltd) GIMP 2.6.10 (Version: 2.6.10 - The GIMP Team) Google Earth (x32 Version: 7.0.2.8415 - Google) Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden Grand Prix Legends (x32 Version: - ) Granny In Paradise (x32 Version: - Oberon Media) GRID (x32 Version: 1.00.0000 - Codemasters) GTR Evolution (x32 Version: - SimBin Studios) Half-Life (x32 Version: - Valve) Half-Life 2 (x32 Version: - Valve) Half-Life 2: Deathmatch (x32 Version: - Valve) Half-Life 2: Episode One (x32 Version: - Valve) Half-Life 2: Episode Two (x32 Version: - Valve) Half-Life 2: Lost Coast (x32 Version: - Valve) Half-Life Deathmatch: Source (x32 Version: - Valve) Half-Life: Blue Shift (x32 Version: - Gearbox) Hama Cromo Pad (x32 Version: 1.00.0000 - GASIA) Hitman: Sniper Challenge (x32 Version: - IO Interactive) HOMEFRONT (x32 Version: - THQ) Host OpenAL (x32 Version: 1.00 - Creative Technology Limited) Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2565057) (x32 Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (x32 Version: 1 - Microsoft Corporation) Hotkey Utility (x32 Version: 1.00.3004 - Acer Incorporated) iArt 3 (x32 Version: - iPodSoft) iCloud (Version: 3.1.0.40 - Apple Inc.) ICQ7.2 (x32 Version: 7.2 - ICQ) Identity Card (x32 Version: 1.00.3001 - Acer Incorporated) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden ImTOO Video Converter Ultimate 6 (x32 Version: 6.8.0.1101 - ImTOO) Intel® Matrix Storage Manager (Version: - Intel Corporation) iTunes (Version: 11.1.4.62 - Apple Inc.) Java 7 Update 25 (64-bit) (Version: 7.0.250 - Oracle) Java 7 Update 51 (x32 Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java(TM) 6 Update 35 (x32 Version: 6.0.350 - Oracle) JDownloader 2 (Version: 2.0 - AppWork GmbH) JMicron JMB36X Driver (x32 Version: 1.00.0000 - JMICRON Technology Corp.) Junk Mail filter update (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Left 4 Dead (x32 Version: - Valve) Left 4 Dead 2 (x32 Version: - Valve) Left 4 Dead Authoring Tools (x32 Version: - Valve) Lexmark (x32 Version: 1.0.0.0 - ) Lexmark 5600-6600 Series (Version: - Lexmark International, Inc.) Lexmark 5600-6600 Series (x32 Version: - Lexmark International, Inc.) Lidl-Fotos (x32 Version: - ) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation) Metro 2033 (x32 Version: - THQ) Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Digital Image Library 9 - Blocker (x32 Version: 9.00.0000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Suite Activation Assistant (x32 Version: 2.9 - Microsoft Corporation) Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Microsoft Picture It! Foto Premium 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden Microsoft Picture It!-Bibliothek 10 (x32 Version: 10.0.0715 - Microsoft Corporation) Hidden Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (Version: - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Browser (x32 Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2008 Common Files (Version: 10.3.5500.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Database Engine Services (Version: 10.3.5500.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Database Engine Shared (Version: 10.3.5500.0 - Microsoft Corporation) Hidden Microsoft SQL Server 2008 Native Client (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft SQL Server 2008 RsFx Driver (Version: 10.3.5500.0 - Microsoft Corporation) Hidden Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server VSS Writer (Version: 10.3.5500.0 - Microsoft Corporation) Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.58298 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (x32 Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden MozBackup 1.5.1 (x32 Version: - Pavel Cvrcek) Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla) Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla) Mozilla Thunderbird 24.0.1 (x86 de) (x32 Version: 24.0.1 - Mozilla) Mp3tag v2.50 (x32 Version: v2.50 - Florian Heidenreich) MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation) Mumble and Murmur (x32 Version: 1.2.2 - Mumble) Music Manager (HKCU Version: - Google, Inc.) MyPhoneExplorer (x32 Version: 1.8.0 - F.J. Wechselberger) MyWinLocker (x32 Version: 3.1.72.0 - Egis Technology Inc.) Need For Speed™ World (x32 Version: 1.0.0.659 - Electronic Arts) Nero 9 Essentials (x32 Version: - Nero AG) Nero Burning ROM 10 (x32 Version: 10.2.11000.12.100 - Nero AG) Nero Burning ROM 10 (x32 Version: 10.5.10300 - Nero AG) Nero BurningROM 10 Help (CHM) (x32 Version: 10.5.10100 - Nero AG) Hidden Nero BurnRights 10 (x32 Version: 4.2.10300.0.102 - Nero AG) Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Control Center 10 (x32 Version: 10.2.10600.0.6 - Nero AG) Hidden Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.17400.8.2 - Nero AG) Hidden Nero DiscSpeed (x32 Version: 5.4.7.201 - Nero AG) Hidden Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden Nero DriveSpeed (x32 Version: 4.4.7.201 - Nero AG) Hidden Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden Nero Express Help (x32 Version: 9.4.9.100 - Nero AG) Hidden Nero InfoTool (x32 Version: 6.4.7.201 - Nero AG) Hidden Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden Nero StartSmart (x32 Version: 9.4.11.209 - Nero AG) Hidden Nero StartSmart Help (x32 Version: 9.4.1.100 - Nero AG) Hidden Nero StartSmart OEM (x32 Version: 9.16.0.100 - Nero AG) Hidden Nero Update (x32 Version: 1.0.0018 - Nero AG) NeroExpress (x32 Version: 9.4.10.505 - Nero AG) Hidden neroxml (x32 Version: 1.0.0 - Nero AG) Hidden No More Room in Hell (x32 Version: - No More Room in Hell Team) Norton Online Backup (x32 Version: 1.2.0.36 - Symantec) NVIDIA Drivers (Version: 1.7 - ) NVIDIA PhysX (x32 Version: 9.12.0613 - NVIDIA Corporation) OnlineFotoservice (x32 Version: - ) OpenAL (x32 Version: - ) Origin (x32 Version: 8.5.0.4550 - Electronic Arts, Inc.) PageshotsPro 1.0.0 (x32 Version: 1.0.0 - PageshotsPro) particleIllusion 3.0.4 (x32 Version: 3.0.4 - wondertouch LLC) PAYDAY: The Heist (x32 Version: - ) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Picasa 3 (x32 Version: 3.8 - Google, Inc.) Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Portal (x32 Version: - Valve) PS3 Media Server (x32 Version: 1.90.1 - PS3 Media Server) PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.) QuickTime (x32 Version: 7.74.80.86 - Apple Inc.) RACE 07 (x32 Version: - SimBin Studios) Race: The WTCC Game (x32 Version: - SimBin Studios) Rapture3D 2.3.26 Game (x32 Version: - Blue Ripple Sound) RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (x32 Version: 16.0.0 - RealNetworks) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (Version: 1.44 - Piriform) Red Orchestra: Ostfront 41-45 (x32 Version: - Tripwire Interactive) RESIDENT EVIL 5 (x32 Version: 1.0.0.129 - CAPCOM CO., LTD.) Ricochet (x32 Version: - Valve) S.T.A.L.K.E.R. - Shadow of Chernobyl (x32 Version: 1.0000 - THQ) Saitek SD6 Programming Software 6.6.6.9 (Version: 6.6.6.9 - Saitek) Service Pack 3 für SQL Server 2008 (KB2546951) (64-bit) (Version: 10.3.5500.0 - Microsoft Corporation) ShadowExplorer 0.8 (x32 Version: 0.8.430.0 - ShadowExplorer.com) Sierra Utilities (x32 Version: - ) Silent Hunter 4 Wolves of the Pacific (x32 Version: 1.03.0000 - Ubisoft) SIW version 2010.07.14 (x32 Version: 2010.07.14 - Topala Software Solutions) SmartCopy (x32 Version: - Northstar Systems Corp.) SmartLauncher (x32 Version: - Northstar Systems Corp.) Sniper: Ghost Warrior (x32 Version: - City Interactive S.A.) Sound Blaster X-Fi (x32 Version: 1.0 - ) Source SDK (x32 Version: - Valve) Source SDK Base 2007 (x32 Version: - Valve) Speccy (Version: 1.10 - Piriform) Spotify (HKCU Version: 0.8.5.1333.g822e0de8 - Spotify AB) Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden Star Defender 4 (x32 Version: - Oberon Media) Steam (x32 Version: 1.0.0.0 - Valve Corporation) StreamTransport version: 1.0.2.2171 (x32 Version: - ) Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Sweet Home 3D version 3.3 (x32 Version: - eTeks) TCPEye 1.0 (x32 Version: - Free Software Relase) Team Fortress Classic (x32 Version: - Valve) TeamSpeak 2 RC2 (x32 Version: 2.0.32.60 - Dominating Bytes Design) TeamSpeak 3 Client (x32 Version: 3.0.13.1 - TeamSpeak Systems GmbH) Tom Clancy's H.A.W.X (x32 Version: 1.02.00000 - Ubisoft) TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.) Trust Tablet Driver (x32 Version: - ) TVAnts 1.0 (x32 Version: - ) TVersity Codec Pack 1.7 (x32 Version: 1.7 - TVersity Inc.) TVersity Media Server 1.9.7 (x32 Version: 1.9.7 - TVersity) Tweaking.com - Windows Repair (All in One) (x32 Version: 2.2.0 - Tweaking.com) Überwachungstool für die Intel® Turbo-Boost-Technologie (Version: 1.0.115.11 - Intel) Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT) UltraMon (Version: 3.0.10 - Realtime Soft Ltd) Unlocker 1.9.1 (x32 Version: 1.9.1 - Cedrick Collomb) Unlocker 1.9.2 (Version: 1.9.2 - Cedrick Collomb) Unterstützungsdateien für Microsoft SQL Server 2008-Setup (Version: 10.3.5500.0 - Microsoft Corporation) Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (x32 Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (x32 Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual C++ 2008 x86 Runtime - (v9.0.30729) (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Visual C++ 2008 x86 Runtime - v9.0.30729.01 (x32 Version: 9.0.30729.01 - Microsoft Corporation) VMLite Workstation (Version: 3.2.6 - VMLite) Welcome Center (x32 Version: 1.00.3005 - Acer Incorporated) WinCDEmu (x32 Version: 3.6 - Bazis) Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden Windows Live Essentials (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Windows Live Essentials (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 14.0.8064.206 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation) Windows Live Mail (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden Windows Live Sync (x32 Version: 14.0.8064.206 - Microsoft Corporation) Windows Live Writer (x32 Version: 14.0.8064.0206 - Microsoft Corporation) Hidden Windows Live-Uploadtool (x32 Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp) Windows XP Mode (Version: 1.3.7600.16422 - Microsoft Corporation) WinRAR (Version: - ) World of Padman (x32 Version: 1.1 - Padworld Entertainment) XBMC (HKCU Version: - Team XBMC) Xiph.Org Open Codecs 0.85.17777 (x32 Version: 0.85.17777 - Xiph.Org) ==================== Restore Points ========================= 29-01-2014 17:37:56 ComboFix created restore point 03-02-2014 16:17:54 Installed Java 7 Update 51 04-02-2014 18:50:48 Tweaking.com - Windows Repair ==================== Hosts content: ========================== 2009-07-14 03:34 - 2014-01-29 18:50 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {0115A5A6-E64A-403E-ACAA-CC03CCEA8961} - System32\Tasks\{BEC36182-3C31-41AF-903B-DA5417E01792} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {0286D2A2-1E63-4032-841E-4B977FBD7810} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.) Task: {03720371-86AE-43B6-B7F3-CCCD57810264} - System32\Tasks\{1C5F50C9-41C0-4A0A-A6B2-3E2F0B13CB70} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {1564EC25-AE28-46D9-8059-13CA9E8BCFA4} - System32\Tasks\Installation App Launcher => C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\ezprint.exe [2010-02-04] (Lexmark International Inc.) Task: {213B6E15-7BE6-418F-8F75-647F45A8AD3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.) Task: {235F1315-633F-499C-BF8D-B6181DF4CCE6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) Task: {38A89AE3-A38B-4CD6-8BDC-5975B69B9DE2} - System32\Tasks\{0D6D11F9-1C40-46D7-8CA3-4C7C0D126EBD} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {3B9857BE-320A-4982-BFEE-A6C0E0C60B7F} - System32\Tasks\{A399484D-F591-4733-818C-DC7338273965} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc. Bellevue, WA 98007) Task: {70577F12-FB82-400B-AE8A-2F65F7CA8ECC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-02-26] (Google Inc.) Task: {71E9F36C-EAFA-43DE-9D06-E10AD4DAB409} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe Task: {729350B7-1537-4BD9-800C-4747F4334C0D} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2715126414-4153456669-2541334608-1010 Task: {8B0B1CDA-71D1-48E7-A959-E5E3773CB4A5} - System32\Tasks\{A9F987D8-E27B-4A6E-AF95-591274BBCFE1} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {8D9B1BA3-47A8-40DA-BF16-BEE94378AE41} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.) Task: {8EC55220-8702-49AC-A22D-1920809C22C3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.) Task: {91C39897-7AD6-452A-9089-B91838183D53} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-26] (Google Inc.) Task: {94925380-9B7E-4D9C-A1AD-FB6D689E26DF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.) Task: {99CE50B9-986C-46A7-B0DB-F48DEE09F083} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated) Task: {9A2FD0BA-7ABB-4DCF-B0FC-0C513C3C9B3A} - System32\Tasks\{0D305426-792B-4830-AD55-34D63689F52D} => C:\Adobe After Effects CS5.5\Set-up.exe Task: {9E14EB50-1670-438F-9CFE-D6355012E8C3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {BA83B7BA-EB12-4347-B67A-BAF1C658BAE0} - System32\Tasks\{42B98F6C-E6A1-449C-864F-8840083F92D0} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {BF24A726-5A9A-4E70-BFBF-DD3F82A8C814} - System32\Tasks\{19667509-9130-4E49-922E-3A85A064D196} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {C0F6313F-C440-45B2-8CD7-C7A9DAD819B1} - System32\Tasks\{C26A75A3-8B13-4FA8-9F1E-A1E2761ABEDB} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc. Bellevue, WA 98007) Task: {C3B15D4E-F036-45FA-B197-E9157035C5C5} - System32\Tasks\{40252C16-B304-4946-A21A-A72C62710961} => C:\Users\Admin\Downloads\tomtom\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Borderlands Claptraps New Robot Revolution DLC-RELOADED\Binaries\Borderlands.exe Task: {C3BA5DA4-6B3E-4D2F-B2B1-E1844B234BFA} - System32\Tasks\{B049F9BB-5F69-4D85-8268-E17D45B6EEBA} => C:\Users\Admin\Downloads\Sony Ericsson PC Suite 2.10.46.exe Task: {D50D10AA-5B1D-439D-92C1-91346CDE732F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2715126414-4153456669-2541334608-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.) Task: {DD8F72FA-2BD2-4376-9223-B2ACAF44D269} - System32\Tasks\{FA0972CC-1C72-4D7D-B73F-EA0731EAA574} => C:\Adobe After Effects CS5.5\Set-up.exe Task: {E1D0CF52-AE3F-4B90-A040-F7F7DCFFD02B} - System32\Tasks\{E69133B3-03F7-47EA-9DD3-C1E9E8FB0D20} => C:\SIERRA\gpl\gpl.exe [2007-03-22] (Sierra On-Line Inc. Bellevue, WA 98007) Task: {EC0F8BBE-33EC-4DFB-AA57-AF4A72872C88} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer) Task: {F25783B2-2843-4A07-A384-80AD1BF7669B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000Core.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715126414-4153456669-2541334608-1000UA.job => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2013-05-20 11:32 - 2013-01-25 09:25 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-11-10 09:55 - 2010-11-10 09:55 - 00360960 _____ () C:\Program Files (x86)\GFI\LANguard 9\lnssalerter.dll 2010-10-20 18:25 - 2010-10-20 18:25 - 00233984 _____ () C:\Program Files (x86)\GFI\LANguard 9\apistrings.dll 2010-11-01 10:32 - 2010-11-01 10:32 - 00142336 _____ () C:\Program Files (x86)\GFI\LANguard 9\modlop.dll 2010-05-10 10:58 - 2010-05-10 10:58 - 00640512 _____ () C:\Program Files (x86)\GFI\LANguard 9\exporter.dll 2010-11-11 15:54 - 2010-11-11 15:54 - 01691136 _____ () C:\Program Files (x86)\GFI\LANguard 9\crmimodule.dll 2010-11-11 15:29 - 2010-11-11 15:29 - 00181760 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchautodownload.dll 2010-05-07 13:36 - 2010-05-07 13:36 - 00221696 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedcompactdb.dll 2010-11-10 19:12 - 2010-11-10 19:12 - 00434176 _____ () C:\Program Files (x86)\GFI\LANguard 9\patchdeployment.dll 2006-06-02 16:37 - 2006-06-02 16:37 - 00741376 _____ () C:\Program Files (x86)\GFI\LANguard 9\TntUnicodeVcl_R90.bpl 2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2010-05-06 09:14 - 2010-05-06 09:14 - 00256000 _____ () C:\Program Files (x86)\GFI\LANguard 9\scheduledscans.dll 2010-05-07 14:27 - 2010-05-07 14:27 - 00065024 _____ () C:\Program Files (x86)\GFI\LANguard 9\schedupdates.dll 2003-05-08 15:17 - 2003-05-08 15:17 - 00098304 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\gfi_log.dll 2009-07-09 15:17 - 2009-07-09 15:17 - 00131072 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\LNSS9PlugIn.dll 2006-09-12 17:39 - 2006-09-12 17:39 - 00002560 _____ () C:\Program Files (x86)\Common Files\GFI\ReportCenter\Framework v3.5\invoke.dll 2009-06-18 13:22 - 2009-06-18 13:22 - 00136704 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\modlop9.dll 2008-09-30 15:19 - 2008-09-30 15:19 - 00010240 _____ () C:\Program Files (x86)\GFI\LANguard 9.0 ReportPack\nsslc9.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00347944 _____ () C:\ProgramData\TVersity\Media Server\taglib.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00225064 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_lcms_.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00031528 _____ () C:\ProgramData\TVersity\Media Server\CORE_RL_xlib_.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00716584 _____ () C:\ProgramData\TVersity\Media Server\log4cxx.dll 2011-07-13 19:35 - 2011-07-13 19:35 - 04534072 _____ () C:\ProgramData\TVersity\Media Server\avcodec-52.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00083768 _____ () C:\ProgramData\TVersity\Media Server\avutil-50.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00313640 _____ () C:\ProgramData\TVersity\Media Server\libmp3lame-0.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00795448 _____ () C:\ProgramData\TVersity\Media Server\avformat-52.dll 2011-07-13 19:35 - 2011-07-13 19:35 - 00203064 _____ () C:\ProgramData\TVersity\Media Server\swscale-0.dll 2011-07-13 19:36 - 2011-07-13 19:36 - 00509720 _____ () C:\ProgramData\TVersity\Media Server\sqlite3.dll 2009-09-24 16:17 - 2009-09-24 16:17 - 00267264 _____ () C:\Windows\system32\WinTab32.DLL 2009-09-24 16:16 - 2009-09-24 16:16 - 00200704 _____ () C:\Windows\SysWOW64\WinTab32.DLL 2010-07-04 22:32 - 2010-07-04 22:32 - 00004608 _____ () C:\Program Files (x86)\Unlocker\UnlockerHook.dll 2010-09-24 17:06 - 2009-02-06 18:52 - 00073728 _____ () C:\Windows\SysWOW64\CmdRtr.DLL 2010-09-24 17:06 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL 2009-08-26 04:29 - 2009-08-26 04:29 - 00150016 _____ () C:\Windows\SysWOW64\OemSpiE.dll 2013-12-20 18:54 - 2013-12-20 18:54 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-01-25 18:14 - 2014-02-03 17:31 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:1D32EC29 ==================== Safe Mode (whitelisted) =================== ==================== Faulty Device Manager Devices ============= Name: Standardtastatur (PS/2) Description: Standardtastatur (PS/2) Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardtastaturen) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2-Maus Description: Microsoft PS/2-Maus Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (02/05/2014 05:18:34 PM) (Source: Application Hang) (User: ) Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 8d8 Startzeit: 01cf2289e7fae423 Endzeit: 265 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: 109beca5-8e81-11e3-91db-90fba62bc3cb Error: (02/05/2014 05:14:22 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (02/05/2014 02:17:09 AM) (Source: PerfOS) (User: ) Description: Error: (02/05/2014 02:17:08 AM) (Source: PerfOS) (User: ) Description: Error: (02/05/2014 02:17:07 AM) (Source: PerfOS) (User: ) Description: Error: (02/04/2014 08:49:16 PM) (Source: WinMgmt) (User: ) Description: 0x8004100aC:\PROGRAM FILES (X86)\MICROSOFT SQL SERVER\100\SHARED\SQLMGMPROVIDERXPSP2UP.MOF Error: (02/04/2014 08:49:13 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\DE-DE\AACLIENT.MFL Error: (02/04/2014 08:49:08 PM) (Source: WinMgmt) (User: ) Description: 0x8004401eC:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF Error: (02/04/2014 07:19:59 PM) (Source: Customer Experience Improvement Program) (User: ) Description: 80004005 Error: (02/04/2014 00:35:25 AM) (Source: SideBySide) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (02/06/2014 06:08:38 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Lbd papycpu2 Error: (02/06/2014 06:08:39 PM) (Source: WMPNetworkSvc) (User: ) Description: Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden, da ein Fehler "0x80004005" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente "UPnPHost" richtig installiert ist. Error: (02/06/2014 06:07:26 PM) (Source: iaStor) (User: ) Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet. Error: (02/06/2014 06:06:27 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/06/2014 06:06:27 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst lxduCATSCustConnectService erreicht. Error: (02/06/2014 06:05:39 PM) (Source: Application Popup) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\papycpu2.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (02/05/2014 06:19:38 PM) (Source: Disk) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2. Error: (02/05/2014 06:19:09 PM) (Source: Disk) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk2\DR2. Error: (02/05/2014 05:21:45 PM) (Source: Service Control Manager) (User: ) Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: Lbd papycpu2 Error: (02/05/2014 05:20:48 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= Error: (12/04/2010 07:32:51 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28 seconds with 0 seconds of active time. This session ended with a crash. Error: (10/10/2010 04:07:29 PM) (Source: Microsoft Office 12 Sessions)(User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 560 seconds with 420 seconds of active time. This session ended with a crash. CodeIntegrity Errors: =================================== Date: 2014-01-29 18:49:26.310 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-29 18:49:26.248 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-01-19 18:31:31.406 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-19 18:31:31.288 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-19 18:31:31.165 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 22:29:18.949 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 22:29:18.840 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 22:29:18.731 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-tpm-driver-wmi_31bf3856ad364e35_6.0.6001.18000_none_d6005436ad01f9a3\Win32_Tpm.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 22:28:18.921 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-01-16 22:28:18.811 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume6\Windows\winsxs\wow64_microsoft-windows-bcrypt-dll_31bf3856ad364e35_6.0.6002.18005_none_56eb524ed945a70c\bcrypt.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 63% Total physical RAM: 4087.08 MB Available physical RAM: 1497.6 MB Total Pagefile: 8172.34 MB Available Pagefile: 4987.63 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:119.99 GB) NTFS Drive d: (DATA) (Fixed) (Total:456.46 GB) (Free:243.3 GB) NTFS Drive f: (ACER) (Fixed) (Total:366.76 GB) (Free:195.97 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (Volume) (Fixed) (Total:274.98 GB) (Free:234.68 GB) NTFS Drive h: (Games) (Fixed) (Total:275.12 GB) (Free:76.74 GB) NTFS Drive q: (Iomega HDD) (Fixed) (Total:596.17 GB) (Free:367.05 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7) Partition 1: (Not Active) - (Size=19 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 932 GB) (Disk ID: 7E8E1FA3) Partition 1: (Not Active) - (Size=15 GB) - (Type=27) Partition 2: (Active) - (Size=367 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=275 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=275 GB) - (Type=OF Extended) ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 596 GB) (Disk ID: CBD306F8) Partition 1: (Not Active) - (Size=596 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
|
07.02.2014, 16:49
| #18 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.
__________________Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ProxyServer: 216.155.139.115:3128
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
How to perform a clean boot in Windows Mach bitte mal nen Clean Boot, besser?
__________________ |
|
08.02.2014, 09:51
| #19 |
| | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hier das Fixlog Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2014
Ran by Admin at 2014-02-07 17:20:14 Run:1
Running from C:\Users\Admin\Desktop\Trojanerbord\Programme
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
ProxyServer: 216.155.139.115:3128
S0x01000000 papycpu2; \SystemRoot\system32\drivers\papycpu2.sys [X]
U5 papyjoy; C:\Windows\SysWOW64\Drivers\papyjoy.sys [1888 1998-09-04] ()
*****************
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
papyjoy => Service deleted successfully.
==== End of Fixlog ====
Gruß Vater Sohn  Hallo Schrauber... Ich habe jetzt eine CleanBoot gemacht! Die Meldung  war trotzdem wieder da! Sonnst war es ein Schneller PC Start, Programme liefen bis jetzt ohne Probleme CPU bei 1% , Arbeitsspeicher bei 51% Gruß Vater Sohn |
|
08.02.2014, 17:13
| #20 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Bitte jetzt jeden deaktivierten Dienst wieder einzeln aktivieren, dazwischen rebooten und testen. Ist mühselig, so finden wir aber raus welcher Dienst den rechner so bremst, dann können wir handeln. Die Meldung machen wir dann im Anschluss.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.02.2014, 16:57
| #21 |
| | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Ich hatte im msconfig nicht auf übernehmen geklickt.. Ich mache einen neuen CleanBoot.. Avira Echtzeit-Scanner, Avira Planer und FABS-Helping agent for MAGIX media database lassen sich nicht deaktivieren ist das OK? |
|
10.02.2014, 11:50
| #22 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Wie die lassen sich nicht deaktivieren? Das muss gehen, wenn du die MS Dienste ausblendest einfach überall den Haken raus. Wenn nicht teste so, dann ggf Avira komplett deinstallieren und ohne testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.02.2014, 18:18
| #23 |
| | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hallo Schrauber.. Ich Schau mir das mit dem CleanBoot nochmal an evtl. habe ich da was falsch gemacht  Heute wieder spoofmails bekommen. Edit: habe gerade noch mal alles nach der Anleitung(CleanBoot) gemacht. Bin mir nicht sicher ob ich auf übernehmen klicken muss? im Reiter "Dienste" nach dem ich auf "Alle deaktivieren" geklickt habe, oder nur auf OK ? "schulterzuck* Auf jeden Fall kam diese Meldung. Gruß Vater Sohn Geändert von Vater Sohn (11.02.2014 um 18:39 Uhr) |
|
12.02.2014, 17:45
| #24 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Deinstalliere bitte mal diesen Avira Dreck.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.02.2014, 18:59
| #25 |
| | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hallo Schrauber... Wenn ich den Avira Dreck deinstalliere, welchen Virenscanner kannst du empfehlen ? Damit ich weiter nach dem Problem suchen kann. Zu den SpoofMails von eBay und PayPal gibt es neues zu berichten. Ich habe heute mal die eBay Seite aufgerufen und mal auf Passwort vergessen geklickt, dann meine betroffenen E-Mail Adresse angegeben, und siehe da einen Passwort Link bekommen. Daraufhin hab ich bei ebay angerufen und ihnen mitgeteilt das dieses Konto nicht mir gehört. Das Betroffenen Konto wurde 2003 mit meiner neuen E-Mail Adresse bestätigt. Ich selbst habe diese Adresse seit dem 07.01.2014. Das E-Bay Konto ist noch Aktiv der Nutzer wird nun von ebay angeschrieben und aufgefordert eine aktuelle Mailadresse anzugeben. Das gleiche bei PayPal. Der Nutzer muss seine E-mail Adresse aufgegeben haben und ich habe sie auf mich registriert. leider hat er wohl seine Daten nicht geändert. Gruß Vater Sohn Geändert von Vater Sohn (12.02.2014 um 19:54 Uhr) |
|
13.02.2014, 21:29
| #26 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Ich empfehle immer Emsisoft. Aber eigentlich egal, alles is besser als Antivir. Ehm, irgendwie kann ich dir nit folgen. Du klickt auf PW vergessen, gibst deinen Account an oder deine Email, und bekommst nen Link auf deine Email. Das ist doch korrekt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.02.2014, 17:26
| #27 | |
| | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hallo Schrauber... Ja richtig.. Ich bekomme eine E-Mail mit einem Passwort Link.. Ebay schreibt: Zitat:
Ich suche mir mal ein anderes Viren Programm... Antivir war so schön Gratis |
|
15.02.2014, 15:42
| #28 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! schön gratis is schön scheisse  Ändere das PW des Email Accountes. Ändere alle PW und Zugänge und beobachte das ganze mal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.02.2014, 20:09
| #29 |
| | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hallo Schrauber... PW habe ich schon gewechselt, Email, Ebay und PayPal.. obwohl es wirklich so aus schaut das ich ne SceondHand Mail Adresse bekommen habe.. Ich Lade mir gerade "emsisoft internet security" herunter soll ich das Programm dann mal durchlaufen lassen.. ?? und evtl. hast du einen Testbericht von dem Programm? Gruß Vater Sohn ps: Hast du schon etwas verdächtiges auf unserem PC gefunden.. die Log´s sagen mir nicht wirklich viel...  schönen Sonntag Abend noch.. Update: emsisoft Internet security sagt : 30 Tage Test abgelaufen..  wie kann das sein? |
|
17.02.2014, 14:24
| #30 |
| /// the machine /// TB-Ausbilder | Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! Hattest Du es schon mal benutzt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: Neue E-Mail Adresse erstellt und gleich Spoof Mail bekommen... Ebay rät Trojaner Check! |
| brauche, browser, check, code, e-mail, ebay, erstellt, fake, falsch, fehler, fehlermeldung, keine rückmeldung, mails, neue, neustart, paypal, programm, rückmeldung, spiele, spielen, start, starten, suche, trojaner, windows, windows 7 |
Linear-Darstellung
