Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner 'W32/Patched.UA' festgestellt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.03.2014, 18:50   #1
Capricorn
 
Trojaner 'W32/Patched.UA' festgestellt - Standard

Trojaner 'W32/Patched.UA' festgestellt



Hallo Community,

Avira hat auf meinem Rechner den Trojaner/Virus W32/Patched.UA detektiert. Der Scan läuft im Moment noch und somit konnte ich die Log-files noch nicht mitschicken.
Könnt Ihr mir bitte bei der Beseitigung des Problems helfen?
Ich würde gern ohne Formatieren auskommen, aber das ist nur ein kühner Traum.
Welche Informationen werden im Bedarfsfall noch benötigt? Und falls ich mich zu unpräzise ausgedrückt habe, entschuldigt bitte und sagt einfach bescheid.
Für eure Hilfe wäre ich sehr dankbar.

Gruß,
Capricorn

Alt 03.03.2014, 19:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner 'W32/Patched.UA' festgestellt - Standard

Trojaner 'W32/Patched.UA' festgestellt



hi,

dann warten wir mal auf das Log von Antivir.


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 03.03.2014, 19:27   #3
Capricorn
 
Trojaner 'W32/Patched.UA' festgestellt - Standard

Trojaner 'W32/Patched.UA' festgestellt



Okay, habe ich gemacht und die beiden Dateien wurden ausgegeben.
Welchen Teil der .txt dateien benötigt ihr denn? Soll ich alles in die Eckigen Klammern hineinkopieren?
[
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-03-2014
Ran by Christian Hoffmann (administrator) on CHOFFMANN on 03-03-2014 19:13:41
Running from C:\Users\Christian Hoffmann\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums

==================== Processes (Whitelisted) =================

() C:\Windows\system32\services.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\HiTec\bin\wim_serv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\Eap3Host.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Akamai Technologies, Inc.) C:\Users\Christian Hoffmann\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Christian Hoffmann\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Christian Hoffmann\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Akamai Technologies, Inc.) C:\Users\Christian Hoffmann\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Mendeley Ltd.) C:\Program Files (x86)\Mendeley Desktop\MendeleyDesktop.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-08-06] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [489472 2009-08-19] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7940128 2009-07-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-10-14] ()
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.exe [1191432 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-09-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] - C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\Run: [Akamai NetSession Interface] - C:\Users\Christian Hoffmann\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\Run: [Spotify Web Helper] - C:\Users\Christian Hoffmann\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-08] (Spotify Ltd)
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\Run: [Spotify] - C:\Users\Christian Hoffmann\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-08] (Spotify Ltd)
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\Run: [uTorrent] - C:\Users\Christian Hoffmann\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-02-14] (BitTorrent Inc.)
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\MountPoints2: {f4c0aefb-9690-11e0-8e08-001e3324565b} - D:\AutoRun.exe
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\MountPoints2: {f4c0af00-9690-11e0-8e08-001e3324565b} - D:\AutoRun.exe
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\MountPoints2: {f4c0af4d-9690-11e0-8e08-001e3324565b} - D:\AutoRun.exe
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...\MountPoints2: {f4c0af51-9690-11e0-8e08-001e3324565b} - D:\AutoRun.exe
HKU\S-1-5-21-247232768-2787100430-3548774350-1000\...0c966feabec1\InprocServer32: [Default-shell32] C:\Users\Christian Hoffmann\AppData\Local\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\n. ATTENTION! ====> ZeroAccess/Alureon?
Startup: C:\Users\Christian Hoffmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian Hoffmann\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Mixi Dj Search
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = iGoogle Redirect
URLSearchHook: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE392
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://mixidj.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=D6CB001E3324565B&affID=122354&tsp=4924
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE392
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
SearchScopes: HKCU - {BFDAC1FF-9570-4AFE-B185-703405AD90E7} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - uTorrentBar_DE Toolbar - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - C:\Program Files (x86)\uTorrentBar_DE\prxtbuTor.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine  - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)
DPF: HKLM {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.oracle.com/update/1.6.0/jinstall-6u22-windows-i586.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 06 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 mswsock.dll File Not found ()
Winsock: Catalog9 02 mswsock.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 06 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 mswsock.dll File Not found ()
Winsock: Catalog9-x64 02 mswsock.dll File Not found ()
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Winsock: Catalog9-x64 11 mswsock.dll File Not found ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.192.1

FireFox:
========
FF ProfilePath: C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585
FF user.js: detected! => C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585\user.js
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPLV82Win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv90win64.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585\searchplugins\mixidj.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-09-26]
FF Extension: Adblock Plus - C:\Users\Christian Hoffmann\AppData\Roaming\Mozilla\Firefox\Profiles\7amp4km9.default-1358692038585\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2014-02-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-18]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Delta Toolbar) - C:\Users\Christian Hoffmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde [2013-02-16]
CHR Extension: (MixiDj Chrome Toolbar) - C:\Users\Christian Hoffmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpepfkjapeclaafmhoelccknpfedainn [2013-06-25]
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\CHRIST~1\AppData\Local\Temp\crxCB4E.tmp [2013-06-25]

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-08] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [787968 2009-08-19] (Acer Incorporated)
S3 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2008-10-31] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [42544 2009-06-18] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53296 2009-06-18] (National Instruments Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
R2 mxssvr; C:\Program Files (x86)\National Instruments\MAX\nimxs.exe [12696 2009-06-15] (National Instruments Corporation)
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [356912 2009-06-18] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2009-09-18] (Macrovision Corporation)
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-06-04] (National Instruments Corporation)
R2 NITaggerService; C:\Program Files (x86)\National Instruments\Shared\Tagger\tagsrv.exe [740968 2009-06-23] (National Instruments Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-08] (Symantec Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
R2 WIM_Service; C:\HiTec\bin\wim_serv.exe [136192 2007-08-20] ()
R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [296400 2009-03-03] ()
S4 NIApplicationWebServer64; "C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe" -user [X]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-07] (Avira Operations GmbH & Co. KG)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [115328 2008-07-24] (Huawei Technologies Co., Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-03-06] (Marvell Semiconductor, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19936 2010-04-09] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2010-04-09] ()
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-03 19:13 - 2014-03-03 19:16 - 00032686 _____ () C:\Users\Christian Hoffmann\Downloads\FRST.txt
2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\FRST
2014-03-03 19:11 - 2014-03-03 19:12 - 02156544 _____ (Farbar) C:\Users\Christian Hoffmann\Downloads\FRST64.exe
2014-02-25 16:24 - 2014-02-25 16:24 - 00736264 _____ () C:\Windows\Minidump\022514-17331-01.dmp
2014-02-25 14:38 - 2014-02-25 14:39 - 00276760 _____ () C:\Windows\Minidump\022514-21356-01.dmp
2014-02-20 15:19 - 2014-02-20 15:19 - 00276760 _____ () C:\Windows\Minidump\022014-17347-01.dmp
2014-02-20 14:09 - 2014-02-20 14:10 - 00738392 _____ () C:\Windows\Minidump\022014-19328-01.dmp
2014-02-18 16:25 - 2014-02-18 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 14:25 - 2014-02-18 14:25 - 00276760 _____ () C:\Windows\Minidump\021814-20326-01.dmp
2014-02-17 15:14 - 2014-02-17 15:14 - 00000938 _____ () C:\Users\Christian Hoffmann\Downloads\Downloads - Verknüpfung.lnk
2014-02-17 09:05 - 2014-02-17 09:05 - 02609208 _____ () C:\Users\Christian Hoffmann\Downloads\lightning_2.6.4.zip
2014-02-17 09:03 - 2014-02-17 09:03 - 00010330 _____ () C:\Users\Christian Hoffmann\Desktop\Privat.ics
2014-02-14 11:22 - 2014-02-14 11:22 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-14 11:21 - 2014-02-14 11:21 - 24677393 _____ () C:\Users\Christian Hoffmann\Documents\vlc-2.1.3-win32.exe
2014-02-14 10:39 - 2014-02-14 11:06 - 00000000 ____D () C:\Users\Christian Hoffmann\Downloads\Doubt 2008.1080p.BluRay.x264 . NVEE
2014-02-14 10:37 - 2014-02-14 10:37 - 00000000 ____D () C:\Users\Christian Hoffmann\Downloads\Doubt[2008]DvDrip[Eng]-FXG
2014-02-14 10:35 - 2014-02-14 10:35 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-14 10:35 - 2014-02-14 10:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-13 10:41 - 2014-02-13 10:43 - 00010416 _____ () C:\Users\Christian Hoffmann\Desktop\Flights Easter.xlsx
2014-02-07 15:37 - 2014-02-07 15:37 - 00738312 _____ () C:\Windows\Minidump\020714-18470-01.dmp
2014-02-07 12:33 - 2014-02-07 12:33 - 00738312 _____ () C:\Windows\Minidump\020714-18158-01.dmp
2014-02-07 09:48 - 2014-02-07 09:48 - 00000305 _____ () C:\Users\Christian Hoffmann\Downloads\cal.ics
2014-02-06 16:40 - 2014-02-06 16:41 - 00000144 _____ () C:\Windows\system32\ricdb.ini
2014-02-06 16:40 - 2014-02-06 16:40 - 00000000 ___HD () C:\ProgramData\RICOH_DRV
2014-02-04 16:51 - 2014-02-04 16:51 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-02-04 11:10 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-04 11:10 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-04 11:10 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-04 11:10 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-04 11:09 - 2014-02-04 11:10 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-03 09:36 - 2014-02-03 09:36 - 00614784 _____ (Chip Digital GmbH) C:\Users\Christian Hoffmann\Downloads\PDF24 Creator - CHIP-Downloader.exe

==================== One Month Modified Files and Folders =======

2014-03-03 19:16 - 2014-03-03 19:13 - 00032686 _____ () C:\Users\Christian Hoffmann\Downloads\FRST.txt
2014-03-03 19:13 - 2014-03-03 19:13 - 00000000 ____D () C:\FRST
2014-03-03 19:12 - 2014-03-03 19:11 - 02156544 _____ (Farbar) C:\Users\Christian Hoffmann\Downloads\FRST64.exe
2014-03-03 19:11 - 2012-04-12 07:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-03 18:41 - 2011-11-10 20:06 - 00000000 ____D () C:\Users\Christian Hoffmann\AppData\Roaming\Dropbox
2014-03-03 16:33 - 2012-06-14 16:20 - 00000000 ___HD () C:\ProgramData\~1
2014-03-03 16:33 - 2012-06-14 16:19 - 00000000 ____D () C:\Program Files (x86)\Creative
2014-03-03 16:32 - 2012-06-14 16:19 - 00000000 ___HD () C:\ProgramData\~0
2014-03-03 15:59 - 2009-09-29 20:29 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-03 13:36 - 2011-11-10 20:10 - 00000000 ___RD () C:\Users\Christian Hoffmann\Dropbox
2014-03-03 13:30 - 2009-07-14 05:51 - 00183199 _____ () C:\Windows\setupact.log
2014-03-03 13:29 - 2012-09-04 16:55 - 00000000 ____D () C:\Users\Christian Hoffmann\AppData\Roaming\Spotify
2014-03-03 13:29 - 2011-09-08 14:55 - 00000000 ____D () C:\Users\Christian Hoffmann\AppData\Roaming\uTorrent
2014-03-03 12:49 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-03 12:49 - 2009-07-14 05:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-03 12:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-02 13:27 - 2012-09-04 16:55 - 00000000 ____D () C:\Users\Christian Hoffmann\AppData\Local\Spotify
2014-03-01 10:46 - 2012-10-25 07:42 - 00065460 _____ () C:\Users\Christian Hoffmann\danid.log
2014-02-25 16:24 - 2014-02-25 16:24 - 00736264 _____ () C:\Windows\Minidump\022514-17331-01.dmp
2014-02-25 16:24 - 2010-10-17 10:10 - 482785935 _____ () C:\Windows\MEMORY.DMP
2014-02-25 16:24 - 2010-10-17 10:10 - 00000000 ____D () C:\Windows\Minidump
2014-02-25 14:39 - 2014-02-25 14:38 - 00276760 _____ () C:\Windows\Minidump\022514-21356-01.dmp
2014-02-24 09:08 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-24 09:00 - 2009-09-29 21:13 - 00982454 _____ () C:\Windows\PFRO.log
2014-02-21 10:30 - 2012-10-25 07:42 - 01098011 _____ () C:\Users\Christian Hoffmann\danid.log.1
2014-02-21 10:30 - 2010-08-10 20:29 - 00000000 ____D () C:\Users\Christian Hoffmann
2014-02-21 10:11 - 2012-04-12 07:28 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 10:11 - 2012-04-12 07:28 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 10:11 - 2011-05-20 11:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-20 15:19 - 2014-02-20 15:19 - 00276760 _____ () C:\Windows\Minidump\022014-17347-01.dmp
2014-02-20 14:10 - 2014-02-20 14:09 - 00738392 _____ () C:\Windows\Minidump\022014-19328-01.dmp
2014-02-20 14:09 - 2012-05-06 22:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-18 16:25 - 2014-02-18 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-18 14:25 - 2014-02-18 14:25 - 00276760 _____ () C:\Windows\Minidump\021814-20326-01.dmp
2014-02-17 15:14 - 2014-02-17 15:14 - 00000938 _____ () C:\Users\Christian Hoffmann\Downloads\Downloads - Verknüpfung.lnk
2014-02-17 09:05 - 2014-02-17 09:05 - 02609208 _____ () C:\Users\Christian Hoffmann\Downloads\lightning_2.6.4.zip
2014-02-17 09:03 - 2014-02-17 09:03 - 00010330 _____ () C:\Users\Christian Hoffmann\Desktop\Privat.ics
2014-02-14 11:23 - 2011-01-07 17:42 - 00000000 ____D () C:\Users\Christian Hoffmann\AppData\Roaming\vlc
2014-02-14 11:22 - 2014-02-14 11:22 - 00001070 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-02-14 11:21 - 2014-02-14 11:21 - 24677393 _____ () C:\Users\Christian Hoffmann\Documents\vlc-2.1.3-win32.exe
2014-02-14 11:06 - 2014-02-14 10:39 - 00000000 ____D () C:\Users\Christian Hoffmann\Downloads\Doubt 2008.1080p.BluRay.x264 . NVEE
2014-02-14 10:37 - 2014-02-14 10:37 - 00000000 ____D () C:\Users\Christian Hoffmann\Downloads\Doubt[2008]DvDrip[Eng]-FXG
2014-02-14 10:35 - 2014-02-14 10:35 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-14 10:35 - 2014-02-14 10:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-13 10:43 - 2014-02-13 10:41 - 00010416 _____ () C:\Users\Christian Hoffmann\Desktop\Flights Easter.xlsx
2014-02-07 15:37 - 2014-02-07 15:37 - 00738312 _____ () C:\Windows\Minidump\020714-18470-01.dmp
2014-02-07 12:33 - 2014-02-07 12:33 - 00738312 _____ () C:\Windows\Minidump\020714-18158-01.dmp
2014-02-07 09:48 - 2014-02-07 09:48 - 00000305 _____ () C:\Users\Christian Hoffmann\Downloads\cal.ics
2014-02-06 16:41 - 2014-02-06 16:40 - 00000144 _____ () C:\Windows\system32\ricdb.ini
2014-02-06 16:40 - 2014-02-06 16:40 - 00000000 ___HD () C:\ProgramData\RICOH_DRV
2014-02-06 16:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\spool
2014-02-06 10:06 - 2013-12-11 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-02-05 10:03 - 2010-08-11 07:18 - 00000000 ____D () C:\Users\Christian Hoffmann\AppData\Local\Adobe
2014-02-04 16:51 - 2014-02-04 16:51 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-02-04 11:12 - 2013-10-27 13:08 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-04 11:10 - 2014-02-04 11:09 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-04 11:10 - 2010-09-15 16:15 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-04 10:01 - 2012-03-21 16:47 - 00000584 _____ () C:\Users\Christian Hoffmann\Documents\grstyles.stl
2014-02-03 09:38 - 2011-10-25 10:20 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-02-03 09:36 - 2014-02-03 09:36 - 00614784 _____ (Chip Digital GmbH) C:\Users\Christian Hoffmann\Downloads\PDF24 Creator - CHIP-Downloader.exe

ZeroAccess:
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\U\00000004.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\U\00000008.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\U\000000cb.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\U\80000000.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\U\80000032.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\U\80000064.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\00000004.@
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\1afb2d56
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\201d3dde
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\6715e287
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\76603ac3

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

ZeroAccess:
C:\Users\Christian Hoffmann\AppData\Local\{e1efd280-3117-80e7-57a2-620bf46ab1f3}
C:\Users\Christian Hoffmann\AppData\Local\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\@

Some content of TEMP:
====================
C:\Users\Christian Hoffmann\AppData\Local\Temp\03316628.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\044E31A2.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\0716DFCE.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\0845136C.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\086B96D3.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\095A93C9.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\097CA36D.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\0B97A138.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\0B98348A.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\0CCC1502.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\120718284.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\120721186.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\16D79526.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\1A4B8CDA.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\21E0A375.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\26CBEEEA.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\291D3FED.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\2A0B8728.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\2A0D43BB.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\2B431199.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\2D12B625.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\2F73769B.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\3014BDB6.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\30199BA8.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\33E9F92E.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\33FDD472.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\37198B71.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\38BEFAC4.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\394ABCDD.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\394EBCD4.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\429F332E.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\444BC3E6.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\46F26C12.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\46F4EBF1.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\46F5B4A5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\46F7AF7D.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\492EA09C.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\4B17FFA5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\4D3A2BF1.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\4D3D672D.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\528753DD.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\528E3BBC.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\52F5D040.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\5399B994.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\53AEBB81.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\53BA5CB2.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\53C8738F.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\5695AB35.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\5B867AA5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\5E3E26F0.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\63C71E3A.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\670CC562.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\6B2790EF.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\6FE36CCA.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\767B9F30.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\7877DBAD.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\7D0984EA.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\7FA40D6C.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\818F634B.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\849B6CA1.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\8CDF934E.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\8CE105DD.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\8CE57063.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\8DC2EF92.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\8DDE0E01.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\902997BE.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\9147F64B.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\91DC96E5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\91DD3D47.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\94921429.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\9496DD32.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\94A51988.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\96A81867.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\96AF9386.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\96AFC9E6.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\96AFEC00.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A107413E.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A1077CE4.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A10822AA.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A1093113.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A10B332E.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A1360B8E.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A71FFB4C.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A8A2B662.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A8A3DB38.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\A8C952DA.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\AB0AC5E7.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\AC0735A6.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\AC097302.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\AskSLib.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\avgnt.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\B124807C.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B33F153A.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B3400410.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B3408EB8.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B3481EC5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B34896A5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B4062639.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B57463C6.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B64D8D24.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\B7023DA9.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\BEEB4D36.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C2366327.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C2585491.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C2D08FC2.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C33E0DCF.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C33E52B1.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C3E1689B.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C3E61C9D.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C3EC5AD0.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C45AA940.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\C5539660.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\CA550BF2.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\D01EA878.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\D556216A.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\D8D8AA92.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\E0357DC2.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\E22F1813.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\E65C14B2.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\E65D4467.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\E8A00939.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\E9F1C6A0.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\E9F40995.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\F78487F9.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\F9DB9A29.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\F9E3A39D.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\FB3C92EC.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\FB3D3439.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\FB40EDA5.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\FB7C7B88.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\FC1CA1A6.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\htmlayout.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\MixiDJToolbar.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\oct8B22.tmp.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\ResetDevice.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\siinst.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\strings.dll
C:\Users\Christian Hoffmann\AppData\Local\Temp\toolbar355434253.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\uninst1.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\uninstall355525248.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\uninstall355540942.exe
C:\Users\Christian Hoffmann\AppData\Local\Temp\utt2398.tmp.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-07-14 00:19] - [2009-07-14 02:39] - 0328704 ____N () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\services.exe IS INFECTED. <===== ATTENTION!

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-28 13:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---
][/CODE]

[Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-03-2014
Ran by Christian Hoffmann at 2014-03-03 19:17:26
Running from C:\Users\Christian Hoffmann\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.25 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.97.717 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.97.717 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3006 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0810 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version: - )
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (Version: 10.9.0.40901 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C0471655-9851-F7E9-2BF1-D1F98E5D5FB8}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
AutoNom Standard (HKLM-x32\...\AutoNom Standard) (Version: - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.25 - NewTech Infosystems) Hidden
BKChem-0.13.0 (HKLM-x32\...\BKChem_is1) (Version: - Beda Kosata)
BMG LABTECH MARS Data Analysis (HKLM-x32\...\BMG LABTECH MARS Data Analysis) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0901.2227.38495 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help English (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help French (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help German (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
ccc-utility64 (Version: 2009.0901.2227.38495 - ATI) Hidden
ChemDoodle (HKLM-x32\...\ChemDoodle) (Version: - )
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Citrix Authentication Manager (x32 Version: 2.0.0.41479 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
Citrix Receiver (USB) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 3.1.0.64094 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.3201.50 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.1.3201.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{2528825D-9FB9-4680-88B2-51D245D7B269}) (Version: - Microsoft)
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Edraw Max 7.5 (HKLM-x32\...\Edraw Max_is1) (Version: - EdrawSoft)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free Studio version 5.0.3 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.1.40.1031 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Groovy-1.7.4 (HKLM-x32\...\Groovy-1.7.4) (Version: - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
ISIS Draw 2.4 Standalone (HKLM-x32\...\ISIS Draw 2.4 Standalone) (Version: - )
ISO Workshop 2.3 (HKLM-x32\...\ISO Workshop_is1) (Version: - Glorylogic)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
MATLAB Component Runtime (HKLM-x32\...\{36397154-0993-445D-A22F-8049559D4B22}) (Version: 7.2 - MathWorks)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mendeley Desktop 1.3.2 (HKLM-x32\...\Mendeley Desktop) (Version: 1.3.2 - Mendeley Ltd.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
MestReC 4.7.0 (HKLM-x32\...\MestReC_is1) (Version: - MestReC Lite)
MestReNova 7.1.2-10008 (HKLM-x32\...\MestReNova) (Version: 7.1.2-10008 - Mestrelab Research S.L.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 Language Pack Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}) (Version: - Microsoft)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{d740c22b-08a3-4794-a294-e0ad11171150}) (Version: - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.15.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero Recode (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero Recode Help (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.24.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.16.100 - Nero AG) Hidden
Nero Vision Help (x32 Version: 6.4.15.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.27.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NI Assistant Framework (x32 Version: 6.5.191.0 - National Instruments) Hidden
NI Assistant Framework 64-bit (Version: 6.5.62.0 - National Instruments) Hidden
NI Assistant Framework LabVIEW Code Generator 2009 (64-bit) (Version: 6.5.51.0 - National Instruments) Hidden
NI CodeSignAPI (x32 Version: 2.70.346 - National Instruments) Hidden
NI DataSocket 4.7.0 (64-bit) (Version: 4.7.39.0 - National Instruments) Hidden
NI DataSocket 4.7.0 (x32 Version: 4.7.82.0 - National Instruments) Hidden
NI Distributed System Manager 2009 (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI EULA Depot (x32 Version: 2.71.128 - National Instruments) Hidden
NI Example Finder 9.0 (Version: 9.0.146.0 - National Instruments) Hidden
NI Help Assistant (64bit) (Version: 1.0.10 - National Instruments) Hidden
NI Help Assistant (x32 Version: 1.0.10 - National Instruments) Hidden
NI Instrument IO Assistant for LabVIEW 9.0 64 (Version: 1.0.48.0 - National Instruments) Hidden
NI LabVIEW 2009 (64 bit) MeasAppChm File (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 2009 (64-bit) (Version: 9.0.182.0 - National Instruments) Hidden
NI LabVIEW 2009 Applibs (Version: 9.0.184.0 - National Instruments) Hidden
NI LabVIEW 2009 CINtools (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 Deployment Framework (x32 Version: 9.0.5.0 - National Instruments) Hidden
NI LabVIEW 2009 Examples (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 gMath (Version: 9.0.179.0 - National Instruments) Hidden
NI LabVIEW 2009 Help (Version: 9.0.173.0 - National Instruments) Hidden
NI LabVIEW 2009 Help File (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 2009 Instr.lib (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 License (x32 Version: 9.0.253.0 - National Instruments) Hidden
NI LabVIEW 2009 Manuals (Version: 9.0.173.0 - National Instruments) Hidden
NI LabVIEW 2009 Menus (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 Project (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 Resource (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 2009 Run-Time Engine Web Services (64-bit) (Version: 9.0.119.0 - National Instruments) Hidden
NI LabVIEW 2009 Simulation (Version: 9.0.101.0 - National Instruments) Hidden
NI LabVIEW 2009 Templates (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 User.lib (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 VI.lib (Version: 9.0.178.0 - National Instruments) Hidden
NI LabVIEW 2009 Web Server 64-Bit (Version: 9.0.118.0 - National Instruments) Hidden
NI LabVIEW 2009 Web Services Runtime (64-bit) (Version: 9.0.118.0 - National Instruments) Hidden
NI LabVIEW 2009 WWW (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 9.0.0 f3 (64-Bit) (Version: 9.0.8.0 - National Instruments) Hidden
NI LabVIEW Broker (64 bit) (Version: 6.7.21.0 - National Instruments) Hidden
NI LabVIEW Broker (x32 Version: 6.7.21.0 - National Instruments) Hidden
NI LabVIEW C Interface (x32 Version: 1.0.1 - National Instruments) Hidden
NI LabVIEW Compare Utility 9.0.0 (x32 Version: 9.0.3.0 - National Instruments) Hidden
NI LabVIEW Deployable License 2009 (x32 Version: 9.0.253.0 - National Instruments) Hidden
NI LabVIEW MAX XML (x32 Version: 9.0.6.0 - National Instruments) Hidden
NI LabVIEW Merge Utility 9.0.0 (x32 Version: 9.0.148.0 - National Instruments) Hidden
NI LabVIEW Real-Time Error Dialog (x32 Version: 8.5.294.0 - National Instruments) Hidden
NI LabVIEW Real-Time FIFO for Runtime (x32 Version: 8.2.74.0 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 9.0.222.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 (64-bit) (Version: 9.0.222.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 (x32 Version: 9.0.266.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 8.2.1 (x32 Version: 8.2.379.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (64-bit) (Version: 9.0.112.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (x32 Version: 9.0.22.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Web Services (x32 Version: 9.0.197.0 - National Instruments) Hidden
NI LabVIEW Web Server 64-Bit for Run-Time Engine (Version: 9.0.120.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 9.0.185.0 - National Instruments) Hidden
NI LabWindows/CVI 9.0 Run-Time Engine (x32 Version: 9.0.0355 - National Instruments) Hidden
NI LabWindows/CVI Code Generator (x32 Version: 9.0.1376 - National Instruments) Hidden
NI LabWindows/CVI DLL Builder for LabVIEW (x32 Version: 9.0.1376 - National Instruments) Hidden
NI License Manager (x32 Version: 3.4.28 - National Instruments) Hidden
NI Logos 5.1 (x32 Version: 5.1.118.0 - National Instruments) Hidden
NI Logos LabVIEW 2009 Support (Version: 9.0.173.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.1.66.0 - National Instruments) Hidden
NI Logos64 5.1 (Version: 5.1.71.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.1.63.0 - National Instruments) Hidden
NI LVBrokerAux 8.2.1 (x32 Version: 8.2.303.0 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.28.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
NI MAX LabVIEW 64 Support Installer 4.6 (Version: 4.60.49153 - National Instruments) Hidden
NI MAX Remote Configuration Installer 4.6 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI MAX Support for 64 Bit Windows (Version: 4.60.49153 - National Instruments) Hidden
NI MDF Support (x32 Version: 2.71.128 - National Instruments) Hidden
NI Measurement & Automation Explorer 4.6.0 (x32 Version: 4.60.49153 - National Instruments) Hidden
NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101 - National Instruments) Hidden
NI MXS 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI MXS 4.6.0 for 64 Bit Windows (Version: 4.60.49152 - National Instruments) Hidden
NI MXS 4.6.0f0 for LabVIEW Real-Time (x32 Version: 4.60.49152 - National Instruments) Hidden
NI OPC Support (x32 Version: 9.0.35.0 - National Instruments) Hidden
NI Portable Configuration 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI Portable Configuration Help for 64 Bit Windows 4.6.0 (Version: 4.60.49152 - National Instruments) Hidden
NI Registration Wizard (x32 Version: 1.2.71 - National Instruments) Hidden
NI Remote Provider for MAX 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI Remote PXI Provider for MAX 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI Service Locator (x32 Version: 9.0.260.0 - National Instruments) Hidden
NI Software Provider for MAX 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI SSL LabVIEW 2009 Support (64-bit) (Version: 9.0.92.0 - National Instruments) Hidden
NI SSL Support (64-bit) (Version: 9.0.11.0 - National Instruments) Hidden
NI SSL Support (x32 Version: 9.0.5.0 - National Instruments) Hidden
NI System API RT (x32 Version: 1.0.45.0 - National Instruments) Hidden
NI System API Windows 32-bit (x32 Version: 1.0.48.0 - National Instruments) Hidden
NI System API Windows 64-bit (Version: 1.0.41.0 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 9.0.128.0 - National Instruments) Hidden
NI System State Publisher (x32 Version: 9.0.150.0 - National Instruments) Hidden
NI TDM Excel Add-In 2.1 (x32 Version: 2.1.37.0 - National Instruments) Hidden
NI TDMS (64-bit) (Version: 2.0.170.0 - National Instruments) Hidden
NI TDMS (x32 Version: 2.0.170.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 9.0.128.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 2.71.128 - National Instruments) Hidden
NI USI 1.7.0 (x32 Version: 1.7.03805 - National Instruments) Hidden
NI USI 1.7.0 64-Bit (Version: 1.7.03805 - National Instruments) Hidden
NI Variable Engine (64-bit) (Version: 2.3.26.0 - National Instruments) Hidden
NI Variable Engine 2.3.0 (x32 Version: 2.3.59.0 - National Instruments) Hidden
NI Variable Engine LabVIEW 2009 Support (Version: 9.0.172.0 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.01.5 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.01.5 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.100 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.100 - National Instruments) Hidden
NI Web Pipeline 2.0.1 (x32 Version: 2.0.128.0 - National Instruments) Hidden
NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0 - National Instruments) Hidden
NI Xalan Delay Load 1.10.1 (x32 Version: 1.10.46.0 - National Instruments) Hidden
NI Xalan Delay Load 1.10.1 64-bit (Version: 1.10.47.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.1 (x32 Version: 2.7.123.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.1 64-bit (Version: 2.7.128.0 - National Instruments) Hidden
NI-DAQmx - LabVIEW shared documentation (x32 Version: 1.50.49152 - National Instruments) Hidden
NI-DAQmx - LabVIEW shared documentation for 64 Bit Windows 1.5.0 (Version: 1.50.49152 - National Instruments) Hidden
NI-RPC 4.1.1f0 (x32 Version: 4.11.49152 - National Instruments) Hidden
NI-RPC 4.1.1f0 for 64 Bit Windows (Version: 4.11.49152 - National Instruments) Hidden
NI-RPC 4.1.1f0 for Phar Lap ETS (x32 Version: 4.11.49152 - National Instruments) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.18320 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Omega (HKLM-x32\...\Omega) (Version: - )
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Origin90 (HKLM-x32\...\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}) (Version: 9.00.00 - OriginLab Corporation)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
PDF-XChange Viewer (HKLM\...\{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}) (Version: 2.5.193.0 - Tracker Software Products Ltd.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
SD PresentationEngine for PowerPoint (HKLM-x32\...\{E00679D5-2BD3-4DD2-AF5F-E67987703F6B}) (Version: 2.80.0024 - SkabelonDesign)
Secure Download Manager (HKLM-x32\...\{C28422FB-F2CD-427A-ADED-9F281745CDB2}) (Version: 3.0.3 - e-academy Inc.)
SecureW2 Enterprise Client 3.1.4 for Windows (HKLM-x32\...\SecureW2 Enterprise Client) (Version: - )
Self-Service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Software von National Instruments (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - SopCast - Free P2P internet TV | live football, NBA, cricket)
Spark 2.5.8 (HKLM-x32\...\Spark 2.5.8) (Version: - Jive Software)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
ThinLinc Client 3.3.0 (HKLM-x32\...\tlclient) (Version: - )
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{15058154-469F-4794-ACD5-94F8420F9B80}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.VISIOR_{995A7832-B512-46D5-87C9-2D71FB541435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.VISIOR_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{C8694FF0-8203-483B-A07A-2BC40433167D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{4D98EEEA-A31B-42FA-991A-F989594F4DA5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{4D98EEEA-A31B-42FA-991A-F989594F4DA5}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{C5325053-3C37-4A69-959E-4802AE6686EF}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
uTorrentBar_DE Toolbar (HKLM-x32\...\uTorrentBar_DE Toolbar) (Version: 6.3.5.3 - uTorrentBar_DE) <==== ATTENTION
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\95E56D57DA5C5A08C88234D00B94023A8AD713AA) (Version: 02/17/2009 2.04.16 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\C3323A996199A7675B69D3FDB0A25449206A4231) (Version: 02/17/2009 2.04.16 - FTDI)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)

==================== Restore Points =========================

03-03-2014 14:50:22 Configured CambridgeSoft ChemDraw Ultra 11.0
03-03-2014 14:59:38 Removed CambridgeSoft ChemDraw Ultra 12.0.
03-03-2014 15:08:28 Removed CambridgeSoft Activation Client.

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-07-09 17:10 - 00443048 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 [¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 Gadgets And More
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 Easy 123 Movie Download

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {227C5CE4-75B4-47AA-BF77-89B04B897F17} - System32\Tasks\{C6FA034A-919B-4F96-9DF7-A6A71DF18CF3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {51536293-D544-4E53-BFB2-3F255DD4B466} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {59000224-E522-4423-BF4D-50E785A02E71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {660CD02C-9FC0-463D-893D-6D5D5B88FD05} - System32\Tasks\AdobeAAMUpdater-1.0-CHoffmann-Christian Hoffmann => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {A0C726CA-43D3-4A2D-9975-32F31808E930} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {E3F6C6FE-7E27-487E-8103-A65DA5F0B64C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-06-21 17:14 - 2010-11-20 14:27 - 00326144 _____ () C:\Windows\system32\mswsock.dll
2009-07-14 00:19 - 2009-07-14 02:39 - 00328704 ____N () C:\Windows\system32\services.exe
2011-06-21 17:14 - 2010-11-20 14:27 - 00326144 _____ () C:\Windows\system32\MSWSOCK.dll
2011-06-21 17:14 - 2010-11-20 14:27 - 00326144 _____ () C:\Windows\System32\mswsock.dll
2012-03-19 14:20 - 2010-03-04 16:56 - 00289280 _____ () C:\Windows\System32\HP1100LM.DLL
2011-09-09 16:48 - 2011-02-17 18:13 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2011-01-29 13:30 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll
2012-03-19 14:21 - 2010-03-04 16:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2007-08-20 13:12 - 2007-08-20 13:12 - 00136192 _____ () C:\HiTec\bin\wim_serv.exe
2011-06-17 13:35 - 2009-03-03 11:45 - 00296400 ____N () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
2009-07-17 16:20 - 2009-07-17 16:20 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-10-29 21:44 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-10-14 18:14 - 2009-10-14 18:14 - 00200704 _____ () C:\Windows\PLFSetI.exe
2009-07-29 21:10 - 2009-07-29 21:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-09-29 20:37 - 2009-09-29 20:37 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-10-29 14:02 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2007-02-20 14:47 - 2007-02-20 14:47 - 00134144 _____ () C:\HiTec\bin\ANW.DLL
2007-02-20 14:47 - 2007-02-20 14:47 - 00163840 _____ () C:\HiTec\bin\POOL.DLL
2007-02-20 14:47 - 2007-02-20 14:47 - 00131072 _____ () C:\HiTec\bin\WIM_REG.DLL
2007-08-16 16:34 - 2007-08-16 16:34 - 00147456 _____ () C:\HiTec\bin\SYS_DLL.DLL
2010-11-08 11:09 - 2010-11-08 11:09 - 00172544 _____ () C:\HiTec\bin\HDB_POST.DLL
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Christian Hoffmann\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-18 16:25 - 2014-02-18 16:25 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 22:09 - 2014-02-06 10:06 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-12-11 22:09 - 2014-02-06 10:06 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-12-11 22:09 - 2014-02-06 10:06 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-02-21 10:11 - 2014-02-21 10:11 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
2012-02-13 13:24 - 2014-02-04 16:37 - 00294400 _____ () C:\Program Files (x86)\Mendeley Desktop\Mendeley.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TempFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Spark => C:\Program Files (x86)\Spark\Spark.exe
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2014 01:53:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/23/2014 07:49:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/18/2014 11:35:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/16/2014 11:37:56 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/07/2014 06:02:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/05/2014 00:08:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/04/2014 00:28:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/03/2014 10:38:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/01/2014 06:39:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6661.5000, Zeitstempel: 0x4f7cd9da
Name des fehlerhaften Moduls: wwlib.dll, Version: 12.0.6661.5000, Zeitstempel: 0x4f7cdad7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00dcb599
ID des fehlerhaften Prozesses: 0x1778
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (01/31/2014 02:37:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (03/03/2014 01:34:20 PM) (Source: Service Control Manager) (User: )
Description: Heimnetzgruppen-AnbieterFunktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/03/2014 01:34:20 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/03/2014 01:33:51 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 82.130.65.11 mit dem Computer mit der
Netzwerkhardwareadresse 90-1B-0E-1A-AB-A3 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (03/03/2014 00:42:31 PM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (03/03/2014 00:41:41 PM) (Source: Service Control Manager) (User: )
Description: IPsec-Richtlinien-AgentBFE

Error: (03/03/2014 00:41:37 PM) (Source: Service Control Manager) (User: )
Description: Computerbrowser%%1060

Error: (03/03/2014 00:41:37 PM) (Source: Service Control Manager) (User: )
Description: IKE- und AuthIP IPsec-SchlüsselerstellungsmoduleBFE

Error: (03/02/2014 09:34:19 PM) (Source: Service Control Manager) (User: )
Description: Heimnetzgruppen-AnbieterFunktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/02/2014 09:34:19 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/02/2014 06:07:26 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891


Microsoft Office Sessions:
=========================
Error: (02/01/2014 06:39:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14028 seconds with 4500 seconds of active time. This session ended with a crash.

Error: (06/20/2012 08:06:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4896 seconds with 1620 seconds of active time. This session ended with a crash.

Error: (04/10/2012 10:14:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12000 seconds with 6120 seconds of active time. This session ended with a crash.

Error: (04/02/2012 00:41:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12129 seconds with 2820 seconds of active time. This session ended with a crash.

Error: (03/25/2012 04:01:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4813 seconds with 1860 seconds of active time. This session ended with a crash.

Error: (01/09/2011 08:09:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17459 seconds with 1380 seconds of active time. This session ended with a crash.

Error: (10/28/2010 10:01:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12488 seconds with 300 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 76%
Total physical RAM: 3998.84 MB
Available physical RAM: 949.23 MB
Total Pagefile: 7995.87 MB
Available Pagefile: 4459.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:285.99 GB) (Free:108.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C13DD012)

Partition: GPT Partition Type.

==================== End Of Log ============================][/CODE]
__________________

Alt 04.03.2014, 08:27   #4
Capricorn
 
Trojaner 'W32/Patched.UA' festgestellt - Standard

Trojaner 'W32/Patched.UA' festgestellt



[Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-03-2014
Ran by Christian Hoffmann at 2014-03-03 19:17:26
Running from C:\Users\Christian Hoffmann\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Enabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
ACD/Labs Software in C:\ACDFREE12\ (HKLM-x32\...\ACDLabs in C__ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.25 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.97.717 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.97.717 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.07.3006 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0810 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Akamai NetSession Interface Service (HKLM-x32\...\Akamai) (Version: - )
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (Version: 10.9.0.40901 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C0471655-9851-F7E9-2BF1-D1F98E5D5FB8}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
AutoNom Standard (HKLM-x32\...\AutoNom Standard) (Version: - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.25 - NewTech Infosystems) Hidden
BKChem-0.13.0 (HKLM-x32\...\BKChem_is1) (Version: - Beda Kosata)
BMG LABTECH MARS Data Analysis (HKLM-x32\...\BMG LABTECH MARS Data Analysis) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0901.2227.38495 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help English (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help French (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help German (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0901.2226.38495 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0901.2227.38495 - ATI) Hidden
ccc-utility64 (Version: 2009.0901.2227.38495 - ATI) Hidden
ChemDoodle (HKLM-x32\...\ChemDoodle) (Version: - )
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Citrix Authentication Manager (x32 Version: 2.0.0.41479 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.)
Citrix Receiver (USB) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 3.1.0.64094 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version: - Conduit Ltd.) <==== ATTENTION
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.1.3201.50 - CyberLink Corp.)
CyberLink PowerDVD 8 (x32 Version: 8.1.3201.50 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{2528825D-9FB9-4680-88B2-51D245D7B269}) (Version: - Microsoft)
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Edraw Max 7.5 (HKLM-x32\...\Edraw Max_is1) (Version: - EdrawSoft)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Soft)
Free Studio version 5.0.3 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.1.40.1031 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.16.1030 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.16.1030 - DVDVideoSoft Ltd.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Groovy-1.7.4 (HKLM-x32\...\Groovy-1.7.4) (Version: - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
ISIS Draw 2.4 Standalone (HKLM-x32\...\ISIS Draw 2.4 Standalone) (Version: - )
ISO Workshop 2.3 (HKLM-x32\...\ISO Workshop_is1) (Version: - Glorylogic)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.05 - Acer Inc.)
MATLAB Component Runtime (HKLM-x32\...\{36397154-0993-445D-A22F-8049559D4B22}) (Version: 7.2 - MathWorks)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mendeley Desktop 1.3.2 (HKLM-x32\...\Mendeley Desktop) (Version: 1.3.2 - Mendeley Ltd.)
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
MestReC 4.7.0 (HKLM-x32\...\MestReC_is1) (Version: - MestReC Lite)
MestReNova 7.1.2-10008 (HKLM-x32\...\MestReNova) (Version: 7.1.2-10008 - Mestrelab Research S.L.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 Language Pack Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}) (Version: - Microsoft)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MiKTeX 2.8 (HKLM-x32\...\MiKTeX 2.8) (Version: 2.8 - MiKTeX.org)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.72.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{d740c22b-08a3-4794-a294-e0ad11171150}) (Version: - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.15.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero Recode (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero Recode Help (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.24.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.16.100 - Nero AG) Hidden
Nero Vision Help (x32 Version: 6.4.15.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.27.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
NI Assistant Framework (x32 Version: 6.5.191.0 - National Instruments) Hidden
NI Assistant Framework 64-bit (Version: 6.5.62.0 - National Instruments) Hidden
NI Assistant Framework LabVIEW Code Generator 2009 (64-bit) (Version: 6.5.51.0 - National Instruments) Hidden
NI CodeSignAPI (x32 Version: 2.70.346 - National Instruments) Hidden
NI DataSocket 4.7.0 (64-bit) (Version: 4.7.39.0 - National Instruments) Hidden
NI DataSocket 4.7.0 (x32 Version: 4.7.82.0 - National Instruments) Hidden
NI Distributed System Manager 2009 (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI EULA Depot (x32 Version: 2.71.128 - National Instruments) Hidden
NI Example Finder 9.0 (Version: 9.0.146.0 - National Instruments) Hidden
NI Help Assistant (64bit) (Version: 1.0.10 - National Instruments) Hidden
NI Help Assistant (x32 Version: 1.0.10 - National Instruments) Hidden
NI Instrument IO Assistant for LabVIEW 9.0 64 (Version: 1.0.48.0 - National Instruments) Hidden
NI LabVIEW 2009 (64 bit) MeasAppChm File (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 2009 (64-bit) (Version: 9.0.182.0 - National Instruments) Hidden
NI LabVIEW 2009 Applibs (Version: 9.0.184.0 - National Instruments) Hidden
NI LabVIEW 2009 CINtools (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 Deployment Framework (x32 Version: 9.0.5.0 - National Instruments) Hidden
NI LabVIEW 2009 Examples (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 gMath (Version: 9.0.179.0 - National Instruments) Hidden
NI LabVIEW 2009 Help (Version: 9.0.173.0 - National Instruments) Hidden
NI LabVIEW 2009 Help File (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 2009 Instr.lib (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 License (x32 Version: 9.0.253.0 - National Instruments) Hidden
NI LabVIEW 2009 Manuals (Version: 9.0.173.0 - National Instruments) Hidden
NI LabVIEW 2009 Menus (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 Project (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 Resource (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 2009 Run-Time Engine Web Services (64-bit) (Version: 9.0.119.0 - National Instruments) Hidden
NI LabVIEW 2009 Simulation (Version: 9.0.101.0 - National Instruments) Hidden
NI LabVIEW 2009 Templates (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 User.lib (Version: 9.0.183.0 - National Instruments) Hidden
NI LabVIEW 2009 VI.lib (Version: 9.0.178.0 - National Instruments) Hidden
NI LabVIEW 2009 Web Server 64-Bit (Version: 9.0.118.0 - National Instruments) Hidden
NI LabVIEW 2009 Web Services Runtime (64-bit) (Version: 9.0.118.0 - National Instruments) Hidden
NI LabVIEW 2009 WWW (Version: 9.0.181.0 - National Instruments) Hidden
NI LabVIEW 9.0.0 f3 (64-Bit) (Version: 9.0.8.0 - National Instruments) Hidden
NI LabVIEW Broker (64 bit) (Version: 6.7.21.0 - National Instruments) Hidden
NI LabVIEW Broker (x32 Version: 6.7.21.0 - National Instruments) Hidden
NI LabVIEW C Interface (x32 Version: 1.0.1 - National Instruments) Hidden
NI LabVIEW Compare Utility 9.0.0 (x32 Version: 9.0.3.0 - National Instruments) Hidden
NI LabVIEW Deployable License 2009 (x32 Version: 9.0.253.0 - National Instruments) Hidden
NI LabVIEW MAX XML (x32 Version: 9.0.6.0 - National Instruments) Hidden
NI LabVIEW Merge Utility 9.0.0 (x32 Version: 9.0.148.0 - National Instruments) Hidden
NI LabVIEW Real-Time Error Dialog (x32 Version: 8.5.294.0 - National Instruments) Hidden
NI LabVIEW Real-Time FIFO for Runtime (x32 Version: 8.2.74.0 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 9.0.222.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 (64-bit) (Version: 9.0.222.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 (x32 Version: 9.0.266.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 8.2.1 (x32 Version: 8.2.379.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (64-bit) (Version: 9.0.112.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (x32 Version: 9.0.22.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Web Services (x32 Version: 9.0.197.0 - National Instruments) Hidden
NI LabVIEW Web Server 64-Bit for Run-Time Engine (Version: 9.0.120.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 9.0.185.0 - National Instruments) Hidden
NI LabWindows/CVI 9.0 Run-Time Engine (x32 Version: 9.0.0355 - National Instruments) Hidden
NI LabWindows/CVI Code Generator (x32 Version: 9.0.1376 - National Instruments) Hidden
NI LabWindows/CVI DLL Builder for LabVIEW (x32 Version: 9.0.1376 - National Instruments) Hidden
NI License Manager (x32 Version: 3.4.28 - National Instruments) Hidden
NI Logos 5.1 (x32 Version: 5.1.118.0 - National Instruments) Hidden
NI Logos LabVIEW 2009 Support (Version: 9.0.173.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.1.66.0 - National Instruments) Hidden
NI Logos64 5.1 (Version: 5.1.71.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.1.63.0 - National Instruments) Hidden
NI LVBrokerAux 8.2.1 (x32 Version: 8.2.303.0 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.28.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
NI MAX LabVIEW 64 Support Installer 4.6 (Version: 4.60.49153 - National Instruments) Hidden
NI MAX Remote Configuration Installer 4.6 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI MAX Support for 64 Bit Windows (Version: 4.60.49153 - National Instruments) Hidden
NI MDF Support (x32 Version: 2.71.128 - National Instruments) Hidden
NI Measurement & Automation Explorer 4.6.0 (x32 Version: 4.60.49153 - National Instruments) Hidden
NI Measurement Studio Recipe Processor (x32 Version: 8.0.0101 - National Instruments) Hidden
NI MXS 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI MXS 4.6.0 for 64 Bit Windows (Version: 4.60.49152 - National Instruments) Hidden
NI MXS 4.6.0f0 for LabVIEW Real-Time (x32 Version: 4.60.49152 - National Instruments) Hidden
NI OPC Support (x32 Version: 9.0.35.0 - National Instruments) Hidden
NI Portable Configuration 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI Portable Configuration Help for 64 Bit Windows 4.6.0 (Version: 4.60.49152 - National Instruments) Hidden
NI Registration Wizard (x32 Version: 1.2.71 - National Instruments) Hidden
NI Remote Provider for MAX 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI Remote PXI Provider for MAX 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI Service Locator (x32 Version: 9.0.260.0 - National Instruments) Hidden
NI Software Provider for MAX 4.6.0 (x32 Version: 4.60.49152 - National Instruments) Hidden
NI SSL LabVIEW 2009 Support (64-bit) (Version: 9.0.92.0 - National Instruments) Hidden
NI SSL Support (64-bit) (Version: 9.0.11.0 - National Instruments) Hidden
NI SSL Support (x32 Version: 9.0.5.0 - National Instruments) Hidden
NI System API RT (x32 Version: 1.0.45.0 - National Instruments) Hidden
NI System API Windows 32-bit (x32 Version: 1.0.48.0 - National Instruments) Hidden
NI System API Windows 64-bit (Version: 1.0.41.0 - National Instruments) Hidden
NI System State Publisher (64-bit) (Version: 9.0.128.0 - National Instruments) Hidden
NI System State Publisher (x32 Version: 9.0.150.0 - National Instruments) Hidden
NI TDM Excel Add-In 2.1 (x32 Version: 2.1.37.0 - National Instruments) Hidden
NI TDMS (64-bit) (Version: 2.0.170.0 - National Instruments) Hidden
NI TDMS (x32 Version: 2.0.170.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 9.0.128.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI Uninstaller (x32 Version: 2.71.128 - National Instruments) Hidden
NI USI 1.7.0 (x32 Version: 1.7.03805 - National Instruments) Hidden
NI USI 1.7.0 64-Bit (Version: 1.7.03805 - National Instruments) Hidden
NI Variable Engine (64-bit) (Version: 2.3.26.0 - National Instruments) Hidden
NI Variable Engine 2.3.0 (x32 Version: 2.3.59.0 - National Instruments) Hidden
NI Variable Engine LabVIEW 2009 Support (Version: 9.0.172.0 - National Instruments) Hidden
NI VC2005MSMs x64 (Version: 8.01.5 - National Instruments) Hidden
NI VC2005MSMs x86 (x32 Version: 8.01.5 - National Instruments) Hidden
NI VC2008MSMs x64 (Version: 9.0.100 - National Instruments) Hidden
NI VC2008MSMs x86 (x32 Version: 9.0.100 - National Instruments) Hidden
NI Web Pipeline 2.0.1 (x32 Version: 2.0.128.0 - National Instruments) Hidden
NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0 - National Instruments) Hidden
NI Xalan Delay Load 1.10.1 (x32 Version: 1.10.46.0 - National Instruments) Hidden
NI Xalan Delay Load 1.10.1 64-bit (Version: 1.10.47.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.1 (x32 Version: 2.7.123.0 - National Instruments) Hidden
NI Xerces Delay Load 2.7.1 64-bit (Version: 2.7.128.0 - National Instruments) Hidden
NI-DAQmx - LabVIEW shared documentation (x32 Version: 1.50.49152 - National Instruments) Hidden
NI-DAQmx - LabVIEW shared documentation for 64 Bit Windows 1.5.0 (Version: 1.50.49152 - National Instruments) Hidden
NI-RPC 4.1.1f0 (x32 Version: 4.11.49152 - National Instruments) Hidden
NI-RPC 4.1.1f0 for 64 Bit Windows (Version: 4.11.49152 - National Instruments) Hidden
NI-RPC 4.1.1f0 for Phar Lap ETS (x32 Version: 4.11.49152 - National Instruments) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.18320 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
Omega (HKLM-x32\...\Omega) (Version: - )
Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
Origin90 (HKLM-x32\...\{685A89CB-DF27-42D6-A623-34F40DBBFFB2}) (Version: 9.00.00 - OriginLab Corporation)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
PDF-XChange Viewer (HKLM\...\{EE18FF09-2F2A-4A88-85B3-B845EFD5C5FE}) (Version: 2.5.193.0 - Tracker Software Products Ltd.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5888 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
SD PresentationEngine for PowerPoint (HKLM-x32\...\{E00679D5-2BD3-4DD2-AF5F-E67987703F6B}) (Version: 2.80.0024 - SkabelonDesign)
Secure Download Manager (HKLM-x32\...\{C28422FB-F2CD-427A-ADED-9F281745CDB2}) (Version: 3.0.3 - e-academy Inc.)
SecureW2 Enterprise Client 3.1.4 for Windows (HKLM-x32\...\SecureW2 Enterprise Client) (Version: - )
Self-Service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 5.10 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)
Software von National Instruments (HKLM-x32\...\NI Uninstaller) (Version: - National Instruments)
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - SopCast - Free P2P internet TV | live football, NBA, cricket)
Spark 2.5.8 (HKLM-x32\...\Spark 2.5.8) (Version: - Jive Software)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Star Defender 4 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}) (Version: - Oberon Media)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
ThinLinc Client 3.3.0 (HKLM-x32\...\tlclient) (Version: - )
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.2020.4 - TuneUp Software) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{15058154-469F-4794-ACD5-94F8420F9B80}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.VISIOR_{995A7832-B512-46D5-87C9-2D71FB541435}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.VISIOR_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{C8694FF0-8203-483B-A07A-2BC40433167D}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{4D98EEEA-A31B-42FA-991A-F989594F4DA5}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{4D98EEEA-A31B-42FA-991A-F989594F4DA5}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{C5325053-3C37-4A69-959E-4802AE6686EF}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{052CA271-6C3E-4B8F-9EEE-CEA84BC901DC}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 (KB974631) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CA2F3DF8-C8AE-4933-92F1-FE482442F6E6}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{3613AECC-1454-4DDD-AC36-C42DC16D6DEE}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
uTorrentBar_DE Toolbar (HKLM-x32\...\uTorrentBar_DE Toolbar) (Version: 6.3.5.3 - uTorrentBar_DE) <==== ATTENTION
Veetle TV 0.9.18 (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3005 - Acer Incorporated)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.9700 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.581 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\95E56D57DA5C5A08C88234D00B94023A8AD713AA) (Version: 02/17/2009 2.04.16 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package (02/17/2009 2.04.16) (HKLM\...\C3323A996199A7675B69D3FDB0A25449206A4231) (Version: 02/17/2009 2.04.16 - FTDI)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)

==================== Restore Points =========================

03-03-2014 14:50:22 Configured CambridgeSoft ChemDraw Ultra 11.0
03-03-2014 14:59:38 Removed CambridgeSoft ChemDraw Ultra 12.0.
03-03-2014 15:08:28 Removed CambridgeSoft Activation Client.

==================== Hosts content: ==========================

2009-07-14 03:34 - 2012-07-09 17:10 - 00443048 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 [¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 ²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 Gadgets And More
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 Easy 123 Movie Download

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {227C5CE4-75B4-47AA-BF77-89B04B897F17} - System32\Tasks\{C6FA034A-919B-4F96-9DF7-A6A71DF18CF3} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2012-07-13] (Skype Technologies S.A.)
Task: {51536293-D544-4E53-BFB2-3F255DD4B466} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {59000224-E522-4423-BF4D-50E785A02E71} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {660CD02C-9FC0-463D-893D-6D5D5B88FD05} - System32\Tasks\AdobeAAMUpdater-1.0-CHoffmann-Christian Hoffmann => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {A0C726CA-43D3-4A2D-9975-32F31808E930} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {E3F6C6FE-7E27-487E-8103-A65DA5F0B64C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-06-21 17:14 - 2010-11-20 14:27 - 00326144 _____ () C:\Windows\system32\mswsock.dll
2009-07-14 00:19 - 2009-07-14 02:39 - 00328704 ____N () C:\Windows\system32\services.exe
2011-06-21 17:14 - 2010-11-20 14:27 - 00326144 _____ () C:\Windows\system32\MSWSOCK.dll
2011-06-21 17:14 - 2010-11-20 14:27 - 00326144 _____ () C:\Windows\System32\mswsock.dll
2012-03-19 14:20 - 2010-03-04 16:56 - 00289280 _____ () C:\Windows\System32\HP1100LM.DLL
2011-09-09 16:48 - 2011-02-17 18:13 - 00136704 _____ () C:\Windows\System32\zlhp2600.dll
2011-01-29 13:30 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2006-12-04 00:26 - 2006-12-04 00:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll
2012-03-19 14:21 - 2010-03-04 16:56 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2007-08-20 13:12 - 2007-08-20 13:12 - 00136192 _____ () C:\HiTec\bin\wim_serv.exe
2011-06-17 13:35 - 2009-03-03 11:45 - 00296400 ____N () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
2009-07-17 16:20 - 2009-07-17 16:20 - 00173344 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2010-10-29 21:44 - 2010-03-15 10:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-10-14 18:14 - 2009-10-14 18:14 - 00200704 _____ () C:\Windows\PLFSetI.exe
2009-07-29 21:10 - 2009-07-29 21:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-09-29 20:37 - 2009-09-29 20:37 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-10-29 14:02 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2007-02-20 14:47 - 2007-02-20 14:47 - 00134144 _____ () C:\HiTec\bin\ANW.DLL
2007-02-20 14:47 - 2007-02-20 14:47 - 00163840 _____ () C:\HiTec\bin\POOL.DLL
2007-02-20 14:47 - 2007-02-20 14:47 - 00131072 _____ () C:\HiTec\bin\WIM_REG.DLL
2007-08-16 16:34 - 2007-08-16 16:34 - 00147456 _____ () C:\HiTec\bin\SYS_DLL.DLL
2010-11-08 11:09 - 2010-11-08 11:09 - 00172544 _____ () C:\HiTec\bin\HDB_POST.DLL
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Christian Hoffmann\AppData\Roaming\Dropbox\bin\libcef.dll
2014-02-18 16:25 - 2014-02-18 16:25 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 22:09 - 2014-02-06 10:06 - 03019376 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-12-11 22:09 - 2014-02-06 10:06 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-12-11 22:09 - 2014-02-06 10:06 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-02-21 10:11 - 2014-02-21 10:11 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
2012-02-13 13:24 - 2014-02-04 16:37 - 00294400 _____ () C:\Program Files (x86)\Mendeley Desktop\Mendeley.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TempFC5A2B2

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk => C:\Windows\pss\Acer VCM.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ7.2\ICQ.exe" silent loginmode=4
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Spark => C:\Program Files (x86)\Spark\Spark.exe
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/28/2014 01:53:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/23/2014 07:49:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/18/2014 11:35:35 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/16/2014 11:37:56 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/07/2014 06:02:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/05/2014 00:08:46 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/04/2014 00:28:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/03/2014 10:38:42 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (02/01/2014 06:39:57 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 12.0.6661.5000, Zeitstempel: 0x4f7cd9da
Name des fehlerhaften Moduls: wwlib.dll, Version: 12.0.6661.5000, Zeitstempel: 0x4f7cdad7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00dcb599
ID des fehlerhaften Prozesses: 0x1778
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3

Error: (01/31/2014 02:37:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (03/03/2014 01:34:20 PM) (Source: Service Control Manager) (User: )
Description: Heimnetzgruppen-AnbieterFunktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/03/2014 01:34:20 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/03/2014 01:33:51 PM) (Source: Tcpip) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 82.130.65.11 mit dem Computer mit der
Netzwerkhardwareadresse 90-1B-0E-1A-AB-A3 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (03/03/2014 00:42:31 PM) (Source: Service Control Manager) (User: )
Description: cdrom

Error: (03/03/2014 00:41:41 PM) (Source: Service Control Manager) (User: )
Description: IPsec-Richtlinien-AgentBFE

Error: (03/03/2014 00:41:37 PM) (Source: Service Control Manager) (User: )
Description: Computerbrowser%%1060

Error: (03/03/2014 00:41:37 PM) (Source: Service Control Manager) (User: )
Description: IKE- und AuthIP IPsec-SchlüsselerstellungsmoduleBFE

Error: (03/02/2014 09:34:19 PM) (Source: Service Control Manager) (User: )
Description: Heimnetzgruppen-AnbieterFunktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/02/2014 09:34:19 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (03/02/2014 06:07:26 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891


Microsoft Office Sessions:
=========================
Error: (02/01/2014 06:39:56 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14028 seconds with 4500 seconds of active time. This session ended with a crash.

Error: (06/20/2012 08:06:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4896 seconds with 1620 seconds of active time. This session ended with a crash.

Error: (04/10/2012 10:14:37 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12000 seconds with 6120 seconds of active time. This session ended with a crash.

Error: (04/02/2012 00:41:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12129 seconds with 2820 seconds of active time. This session ended with a crash.

Error: (03/25/2012 04:01:33 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4813 seconds with 1860 seconds of active time. This session ended with a crash.

Error: (01/09/2011 08:09:06 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17459 seconds with 1380 seconds of active time. This session ended with a crash.

Error: (10/28/2010 10:01:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12488 seconds with 300 seconds of active time. This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 76%
Total physical RAM: 3998.84 MB
Available physical RAM: 949.23 MB
Total Pagefile: 7995.87 MB
Available Pagefile: 4459.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:285.99 GB) (Free:108.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C13DD012)

Partition: GPT Partition Type.

==================== End Of Log ============================][/CODE]

Schlussendlich ist Avira ebenfalls fertig geworden.
Hier ist der dazugehörige Bericht. Ich wäre super dankbar für Hilfe.[vira Free Antivirus
Erstellungsdatum der Reportdatei: Montag, 3. März 2014 15:47


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Antivirus Free
Seriennummer : 0000149996-AVHOE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : CHOFFMANN

Versionsinformationen:
BUILD.DAT : 14.0.3.338 56624 Bytes 14.02.2014 11:00:00
AVSCAN.EXE : 14.0.3.332 1058384 Bytes 20.02.2014 13:49:52
AVSCANRC.DLL : 14.0.2.292 62008 Bytes 18.02.2014 13:30:40
LUKE.DLL : 14.0.3.336 65616 Bytes 20.02.2014 13:49:54
AVSCPLR.DLL : 14.0.3.336 124496 Bytes 20.02.2014 13:49:52
AVREG.DLL : 14.0.3.336 250448 Bytes 20.02.2014 13:49:52
avlode.dll : 14.0.3.336 544848 Bytes 20.02.2014 13:49:52
avlode.rdf : 14.0.3.26 58589 Bytes 12.02.2014 16:07:20
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 15:14:28
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 21:00:56
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 21:15:04
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:39:40
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 04:47:28
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:08:16
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 15:29:23
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 17:10:25
VBASE008.VDF : 7.11.126.50 3615744 Bytes 22.01.2014 14:18:45
VBASE009.VDF : 7.11.128.174 2030080 Bytes 03.02.2014 14:39:57
VBASE010.VDF : 7.11.128.175 2048 Bytes 03.02.2014 14:39:57
VBASE011.VDF : 7.11.128.176 2048 Bytes 03.02.2014 14:39:57
VBASE012.VDF : 7.11.128.177 2048 Bytes 03.02.2014 14:39:58
VBASE013.VDF : 7.11.128.178 2048 Bytes 03.02.2014 14:39:58
VBASE014.VDF : 7.11.129.9 211456 Bytes 04.02.2014 14:08:20
VBASE015.VDF : 7.11.129.163 215040 Bytes 06.02.2014 14:40:39
VBASE016.VDF : 7.11.130.21 220672 Bytes 08.02.2014 09:35:54
VBASE017.VDF : 7.11.130.99 230400 Bytes 10.02.2014 15:59:41
VBASE018.VDF : 7.11.130.193 195072 Bytes 11.02.2014 16:07:19
VBASE019.VDF : 7.11.131.53 285184 Bytes 13.02.2014 14:54:25
VBASE020.VDF : 7.11.131.125 154624 Bytes 14.02.2014 09:33:57
VBASE021.VDF : 7.11.131.201 194560 Bytes 15.02.2014 13:42:08
VBASE022.VDF : 7.11.132.11 233472 Bytes 17.02.2014 13:42:08
VBASE023.VDF : 7.11.132.80 415232 Bytes 18.02.2014 13:30:32
VBASE024.VDF : 7.11.132.205 185344 Bytes 20.02.2014 13:49:56
VBASE025.VDF : 7.11.133.33 291328 Bytes 22.02.2014 20:30:22
VBASE026.VDF : 7.11.133.81 134144 Bytes 23.02.2014 18:19:28
VBASE027.VDF : 7.11.133.143 183808 Bytes 25.02.2014 08:18:00
VBASE028.VDF : 7.11.133.215 247808 Bytes 27.02.2014 21:04:05
VBASE029.VDF : 7.11.134.9 160256 Bytes 28.02.2014 15:46:00
VBASE030.VDF : 7.11.134.15 2048 Bytes 28.02.2014 15:46:00
VBASE031.VDF : 7.11.134.16 84992 Bytes 28.02.2014 15:46:00
Engineversion : 8.2.14.18
AEVDF.DLL : 8.1.3.4 102774 Bytes 13.06.2013 16:02:53
AESCRIPT.DLL : 8.1.4.194 524670 Bytes 27.02.2014 21:04:04
AESCN.DLL : 8.1.10.6 131447 Bytes 11.12.2013 19:03:54
AESBX.DLL : 8.2.20.6 1331575 Bytes 13.01.2014 14:07:40
AERDL.DLL : 8.2.0.138 704888 Bytes 07.12.2013 19:45:20
AEPACK.DLL : 8.4.0.4 774520 Bytes 27.02.2014 21:04:04
AEOFFICE.DLL : 8.1.2.82 205181 Bytes 19.02.2014 15:17:13
AEHEUR.DLL : 8.1.4.938 6521210 Bytes 27.02.2014 21:04:04
AEHELP.DLL : 8.1.27.10 266618 Bytes 22.11.2013 13:00:33
AEGEN.DLL : 8.1.7.22 446839 Bytes 15.01.2014 15:49:49
AEEXP.DLL : 8.4.1.238 483704 Bytes 27.02.2014 21:04:04
AEEMU.DLL : 8.1.3.2 393587 Bytes 19.09.2012 14:42:55
AECORE.DLL : 8.1.35.0 229753 Bytes 12.02.2014 16:07:19
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 19:15:22
AVWINLL.DLL : 14.0.3.252 23608 Bytes 20.02.2014 13:49:52
AVPREF.DLL : 14.0.3.252 48696 Bytes 20.02.2014 13:49:52
AVREP.DLL : 14.0.3.252 175672 Bytes 20.02.2014 13:49:52
AVARKT.DLL : 14.0.3.336 256080 Bytes 20.02.2014 13:49:52
AVEVTLOG.DLL : 14.0.3.336 165968 Bytes 20.02.2014 13:49:52
SQLITE3.DLL : 3.7.0.1 397088 Bytes 19.09.2012 18:17:40
AVSMTP.DLL : 14.0.3.252 60472 Bytes 20.02.2014 13:49:52
NETNT.DLL : 14.0.3.252 13368 Bytes 20.02.2014 13:49:54
RCIMAGE.DLL : 14.0.3.260 4979256 Bytes 20.02.2014 13:49:52
RCTEXT.DLL : 14.0.3.282 72760 Bytes 20.02.2014 13:49:52

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Montag, 3. März 2014 15:47

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
c:\program files (x86)\creative\shared files\ctdevsrv.exe
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.
[WARNUNG] Die Datei wurde ignoriert.
c:\program files (x86)\creative\creative centrale\ctupnpsv.exe
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.
[WARNUNG] Die Datei wurde ignoriert.
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Session Manager\PendingFileRenameOperations
[HINWEIS] Der Registrierungseintrag ist nicht sichtbar.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '131' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'btwdins.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'dsiwmis.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerSvc.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'GregHSRW.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPSIsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'lkads.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'lktsrv.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'MWLService.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'nimxs.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'NBService.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'nidmsrv.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'nisvcloc.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'tagsrv.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'NOBuAgent.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'RS_Service.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wim_serv.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'WTGService.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAANTMon.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'Eap3Host.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '202' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAAnotif.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPEnh.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'mwlDaemon.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'PLFSetI.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'sidebar.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyWebHelper.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'BTTray.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSScheduler.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'SynTPHelper.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'EgisUpdate.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '170' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerTray.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'unsecapp.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxext.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'ePowerEvent.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'thunderbird.exe' - '150' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_12_0_0_70.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_12_0_0_70.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'MendeleyDesktop.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'WINWORD.EXE' - '120' Modul(e) wurden durchsucht
Durchsuche Prozess 'splwow64.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'MendeleyWordPlugin.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '35' Modul(e) wurden durchsucht
Modul ist infiziert -> <C:\Windows\system32\services.exe>
[FUND] Enthält Code des Windows-Virus W32/Patched.UA
[HINWEIS] Prozess 'services.exe' wurde beendet
[WARNUNG] Bei diesem Prozess handelt es sich um einen Systemprozess. Die zugehörige Datei wird hicht gelöscht.
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <Acer>
C:\Users\Christian Hoffmann\AppData\Local\Temp\120718284.exe
[FUND] Ist das Trojanische Pferd TR/Spy.ZBot.ahl.2
C:\Users\Christian Hoffmann\AppData\Local\Temp\120721186.exe
[FUND] Ist das Trojanische Pferd TR/Spy.ZBot.ahl.2
C:\Users\Christian Hoffmann\AppData\Local\Temp\2QMOnrKY.exe.part
[FUND] Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7
[0] Archivtyp: RSRC
--> C:\Users\Christian Hoffmann\AppData\Roaming\Dropbox\bin\Dropbox.exe
[1] Archivtyp: RSRC
--> C:\$Recycle.Bin\S-1-5-21-247232768-2787100430-3548774350-1000\$RP6RNN7.exe
[2] Archivtyp: NSIS
--> C:\$Recycle.Bin\S-1-5-21-247232768-2787100430-3548774350-1000\$RQS2OVG.exe
[3] Archivtyp: Inno Setup
--> C:\$Recycle.Bin\S-1-5-21-247232768-2787100430-3548774350-1000\$RQSO9KD.exe
[4] Archivtyp: Runtime Packed
--> C:\OEM\Preload\Autorun\APP\MyWinLocker v3\program files\EgisTec\MyWinLocker 3\HTCA_SelfExtract.bin
[5] Archivtyp: OVL
--> C:\Program Files (x86)\Acer GameZone\Merriam Websters Spell Jam\SPELL-JAM.exe
[6] Archivtyp: RSRC
--> C:\Program Files (x86)\EgisTec\MyWinLocker 3\HTCA_SelfExtract.bin
[7] Archivtyp: OVL
--> C:\Users\Christian Hoffmann\AppData\Local\Temp\DJVRTB
[8] Archivtyp: ZIP
--> okmokmokmoka.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/JAVA.Rafold.V.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> okmokmokmokb.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-1723.A.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> NewClass1.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Pesur.R.2
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> okmokmokmokc.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Kara.AI.4
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Christian Hoffmann\AppData\Local\Temp\DJVRTB
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Kara.AI.4
--> C:\Users\Christian Hoffmann\AppData\Local\Temp\jar_cache4610014545514560468.tmp
[8] Archivtyp: ZIP
--> ad9djcmd.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Lamar.CY
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> Example.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/JAVA.Ivinest.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> Help.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CL
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
--> TestApplet.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CM
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Christian Hoffmann\AppData\Local\Temp\jar_cache4610014545514560468.tmp
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CM
C:\Windows\assembly\GAC_32\Desktop.ini
[FUND] Ist das Trojanische Pferd TR/Sirefef.AB.26
C:\Windows\assembly\GAC_64\Desktop.ini
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\00000004.@
[FUND] Ist das Trojanische Pferd TR/ZAccess.H
C:\Windows\System32\services.exe
[FUND] Enthält Code des Windows-Virus W32/Patched.UA

Beginne mit der Desinfektion:
C:\Windows\System32\services.exe
[FUND] Enthält Code des Windows-Virus W32/Patched.UA
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 55015e44.qua erstellt ( QUARANTÄNE )
[WARNUNG] Die Datei wurde auf Nachfrage nicht repariert!
C:\Windows\Installer\{e1efd280-3117-80e7-57a2-620bf46ab1f3}\L\00000004.@
[FUND] Ist das Trojanische Pferd TR/ZAccess.H
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d5471c7.qua' verschoben!
C:\Windows\assembly\GAC_64\Desktop.ini
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[WARNUNG] Die Datei konnte nicht gelöscht werden!
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
[HINWEIS] Die Datei wurde zum Löschen nach einem Neustart markiert.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
C:\Windows\assembly\GAC_32\Desktop.ini
[FUND] Ist das Trojanische Pferd TR/Sirefef.AB.26
[WARNUNG] Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
[WARNUNG] Die Datei konnte nicht gelöscht werden!
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
[HINWEIS] Die Datei wurde zum Löschen nach einem Neustart markiert.
[HINWEIS] Für die abschliessende Reparatur wird ein Neustart des Computers eingeleitet.
C:\Users\Christian Hoffmann\AppData\Local\Temp\jar_cache4610014545514560468.tmp
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CM
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3c7a499d.qua' verschoben!
C:\Users\Christian Hoffmann\AppData\Local\Temp\DJVRTB
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Kara.AI.4
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '438d7b87.qua' verschoben!
C:\Users\Christian Hoffmann\AppData\Local\Temp\2QMOnrKY.exe.part
[FUND] Enthält Erkennungsmuster der Adware ADWARE/InstallCore.Gen7
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0f3e57c5.qua' verschoben!
C:\Users\Christian Hoffmann\AppData\Local\Temp\120721186.exe
[FUND] Ist das Trojanische Pferd TR/Spy.ZBot.ahl.2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '730317b4.qua' verschoben!
C:\Users\Christian Hoffmann\AppData\Local\Temp\120718284.exe
[FUND] Ist das Trojanische Pferd TR/Spy.ZBot.ahl.2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5e5938f9.qua' verschoben!
[/CODE]

Alt 05.03.2014, 08:57   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner 'W32/Patched.UA' festgestellt - Standard

Trojaner 'W32/Patched.UA' festgestellt



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Trojaner 'W32/Patched.UA' festgestellt
adware/installcore.gen7, exp/2012-0507.cl, exp/2012-0507.cm, exp/cve-2012-1723.a.gen, exp/java.ivinest.gen, exp/java.rafold.v.gen, java/dldr.kara.ai.4, java/dldr.lamar.cy, java/dldr.pesur.r.2, präzise, tr/atraps.gen2, tr/sirefef.ab.26, tr/spy.zbot.ahl.2, tr/zaccess.h, trojaner/virus, w32/patched.ua




Ähnliche Themen: Trojaner 'W32/Patched.UA' festgestellt


  1. WIN7 SP1: Trojaner TR/Patched.Ren.Gen
    Log-Analyse und Auswertung - 12.08.2015 (16)
  2. Problem: Win8..TR/Patched.Ren.Gen..und..TR/Patched.Ren.Gen2
    Plagegeister aller Art und deren Bekämpfung - 07.11.2014 (5)
  3. Virus/ Trojaner TR/Patched.Ren.Gen
    Log-Analyse und Auswertung - 27.02.2014 (13)
  4. Trojaner von Antivir festgestellt TR/Crypt.Xpack.38852 nach öffnen einer Anwaltsmail
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (28)
  5. Trojaner eingefangen: TR/Patched.Ren.Gen
    Plagegeister aller Art und deren Bekämpfung - 09.12.2013 (39)
  6. Problem mit Trojaner W32/Patched.UC
    Plagegeister aller Art und deren Bekämpfung - 22.06.2013 (15)
  7. Datei C:\Windows\System32\services.exe infiziert: W32/Patched.UB, Patched.UA, Patched.ZA
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  8. AVIRA findet 9 trojaner :( u.a. TR/patched.gen
    Log-Analyse und Auswertung - 22.12.2011 (1)
  9. Trojaner TR/Kazy.11017.4. durch Avira festgestellt
    Log-Analyse und Auswertung - 02.06.2011 (1)
  10. Trojaner TR/Patched.GR.10 ?
    Plagegeister aller Art und deren Bekämpfung - 09.12.2010 (28)
  11. TR/Patched.GR.10 in explorer.exe & TR/Patched.KL.238 in winlogon.exe
    Plagegeister aller Art und deren Bekämpfung - 01.12.2010 (5)
  12. Trojaner TR/Patched.KL.134 in wininit.exe
    Log-Analyse und Auswertung - 01.11.2010 (6)
  13. Trojaner tr/patched.gen2 in user32.dll gefunden
    Plagegeister aller Art und deren Bekämpfung - 29.03.2010 (12)
  14. Trojaner.Win32.Patched
    Log-Analyse und Auswertung - 10.04.2009 (1)
  15. Trojaner TR/Patched.CK.56 auf meinem Rechner
    Log-Analyse und Auswertung - 18.01.2009 (14)
  16. Trojaner beim booten? TR/Patched.BD.145
    Plagegeister aller Art und deren Bekämpfung - 07.07.2008 (1)
  17. Hilfe - Trojaner: TR/Patched.B.1
    Log-Analyse und Auswertung - 19.10.2007 (1)

Zum Thema Trojaner 'W32/Patched.UA' festgestellt - Hallo Community, Avira hat auf meinem Rechner den Trojaner/Virus W32/Patched.UA detektiert. Der Scan läuft im Moment noch und somit konnte ich die Log-files noch nicht mitschicken. Könnt Ihr mir bitte - Trojaner 'W32/Patched.UA' festgestellt...
Archiv
Du betrachtest: Trojaner 'W32/Patched.UA' festgestellt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.