| |
| |||||||
Log-Analyse und Auswertung: AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblocktWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
02.06.2014, 15:57
| #1 |
 |  AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Moin, Vorab, ja ich habe schon auf eigene Faust versucht das Problem zu lösen. Asche über mein Haupt.^^ - EDIT - Anvira Premium Edition und Malwarebytes Anti Malware laufen nur im abgesicherten Modus von Win7. Microsoft Security Essentials läuft momentan. MSE hat das gefunden und gelöscht: Vawtrak file:C:\ProgramData\AmsuvAnkix.dat regkey:HKCU@S-1-5-21-1604142742-313199325-3323007580-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\AmsuvAnkix runkey:HKCU@S-1-5-21-1604142742-313199325-3323007580-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\AmsuvAnkix Alles was ich dazu an Logfiles habe poste ich dazu. Malwarebytes lief nur im Abgesicherten Modus und hat etwas gefunden und entfernt. MSE hat auch etwas gefunden und entfernt. Alles andere steht hoffentlich in den Log files. FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014 01
Ran by Loki (administrator) on ASGARD on 02-06-2014 13:00:32
Running from F:\Temp
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Hi-Rez Studios) H:\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\System32\PnkBstrA.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Akamai Technologies, Inc.) C:\Users\Loki\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Loki\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6215448 2014-02-28] (Logitech Inc.)
HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1339232 2013-04-19] (cFos Software GmbH)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
HKU\.DEFAULT\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1604142742-313199325-3323007580-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Loki\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1604142742-313199325-3323007580-1001\...\Run: [AmsuvAnkix] => regsvr32.exe "C:\ProgramData\AmsuvAnkix.dat"
HKU\S-1-5-21-1604142742-313199325-3323007580-1001\...\MountPoints2: {2ba5bf29-d260-11df-8cca-806e6f6e6963} - E:\wubi.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.olb.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC19F47FDC1DCCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\searchplugins\mysql-manual.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Разпознаване на устройство Logitech - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\DeviceDetection@logitech.com [2012-01-31]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: DDBAC Plug-In - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A} [2013-11-16]
FF Extension: Flashblock - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-04-15]
FF Extension: ChatZilla - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2013-07-14]
FF Extension: DownloadHelper - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: OLB - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{C752FF21-A8EF-468E-B507-5BBAFB84359D} [2013-12-13]
FF Extension: Bitdefender QuickScan - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-06-02]
FF Extension: Firebug - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\firebug@software.joehewitt.com.xpi [2012-09-06]
FF Extension: Self-Destructing Cookies - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-06-26]
FF Extension: NoScript - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-26]
FF Extension: FireFTP - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2011-03-24]
FF Extension: Adblock Plus - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-26]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁 [2014-05-10]
========================== Services (Whitelisted) =================
R2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [801872 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [438112 2013-04-19] (cFos Software GmbH)
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [130976 2011-03-01] (Futuremark Corporation)
U2 HiPatchService; h:\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-09] (Hi-Rez Studios)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-04-13] ()
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2011-11-25] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1052480 2011-11-21] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
S3 ArgusMonitor; C:\Windows\System32\drivers\ArgusMonitor.sys [50552 2014-02-28] (Argotronic UG (haftungsbeschraenkt))
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 BazisVirtualCDBus; C:\Windows\System32\DRIVERS\BazisVirtualCDBus.sys [117584 2011-08-08] (SysProgs.org)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1242464 2013-04-19] (cFos Software GmbH)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24504 2011-04-14] (Turtle Entertainment GmbH)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCi386.sys [378392 2013-04-15] (Logitech)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2i386.sys [53976 2010-09-29] (Logitech)
R3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRi386.sys [78616 2013-04-15] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMi386.sys [335064 2010-09-29] (Logitech)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42648 2011-09-02] (Logitech, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-23] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [39960 2013-05-30] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-23] (Logitech Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12184 2011-09-02] (Logitech, Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [30360 2011-09-02] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKsl8364caeb; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CF710C41-526D-4341-8C14-24A92CEC9862}\MpKsl8364caeb.sys [39464 2014-06-02] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-10-09] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-24] (TuneUp Software)
R3 WacomVTHid; C:\Windows\System32\DRIVERS\WacomVTHid.sys [13480 2009-07-09] (Wacom Technology)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-02 13:00 - 2014-06-02 13:00 - 00000000 ____D () C:\FRST
2014-06-02 12:57 - 2014-06-02 12:57 - 00000676 __RSH () C:\Users\Loki\ntuser.pol
2014-06-02 12:49 - 2014-06-02 12:49 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-02 12:49 - 2014-06-02 12:49 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-02 12:49 - 2014-06-02 12:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-02 12:48 - 2014-06-02 12:49 - 00000000 ____D () C:\1e6104fb98ac01da9535602b5fbb9b
2014-06-02 12:39 - 2014-06-02 12:39 - 00000000 ____D () C:\Users\Loki\AppData\Roaming\QuickScan
2014-06-01 14:45 - 2014-06-01 14:45 - 00220560 _____ () C:\ProgramData\AmsuvAnkix.dat
2014-05-20 15:33 - 2014-05-20 15:33 - 00000000 ____D () C:\ProgramData\Virtual RC Pro
2014-05-20 14:33 - 2014-05-21 11:58 - 00000000 ____D () C:\Users\Loki\AppData\Local\Virtual RC Pro
2014-05-20 14:25 - 2014-05-20 16:30 - 00000000 ____D () C:\Users\Loki\Documents\Virtual RC Pro
2014-05-20 14:25 - 2014-05-20 14:25 - 00000571 _____ () C:\Users\Loki\Desktop\Virtual RC Pro.lnk
2014-05-20 14:25 - 2014-05-20 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual RC Pro
2014-05-19 11:25 - 2014-05-19 11:25 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\Program Files\iPod
2014-05-14 11:14 - 2014-05-14 11:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:08 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 11:08 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 11:08 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 11:06 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 11:06 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 11:06 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 11:06 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-14 11:06 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:06 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 11:06 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 11:06 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 11:05 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:05 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 11:05 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 11:05 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 11:05 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 11:05 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 11:05 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-10 12:24 - 2014-05-10 12:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 00:10 - 2014-05-14 11:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-06-02 13:00 - 2014-06-02 13:00 - 00000000 ____D () C:\FRST
2014-06-02 13:00 - 2010-10-08 00:22 - 00000000 ____D () C:\Users\Loki\AppData\Local\Temp
2014-06-02 12:57 - 2014-06-02 12:57 - 00000676 __RSH () C:\Users\Loki\ntuser.pol
2014-06-02 12:57 - 2010-10-08 00:22 - 00000000 ____D () C:\Users\Loki
2014-06-02 12:54 - 2010-10-08 00:16 - 01849555 _____ () C:\Windows\WindowsUpdate.log
2014-06-02 12:49 - 2014-06-02 12:49 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-02 12:49 - 2014-06-02 12:49 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-02 12:49 - 2014-06-02 12:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-02 12:49 - 2014-06-02 12:48 - 00000000 ____D () C:\1e6104fb98ac01da9535602b5fbb9b
2014-06-02 12:45 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-02 12:39 - 2014-06-02 12:39 - 00000000 ____D () C:\Users\Loki\AppData\Roaming\QuickScan
2014-06-02 12:37 - 2009-07-14 06:34 - 00014768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-02 12:37 - 2009-07-14 06:34 - 00014768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-02 12:29 - 2013-11-11 21:40 - 00024044 _____ () C:\Windows\setupact.log
2014-06-02 12:29 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 00:35 - 2013-08-14 12:19 - 00000000 ____D () C:\Users\Loki\AppData\Local\Battle.net
2014-06-01 14:45 - 2014-06-01 14:45 - 00220560 _____ () C:\ProgramData\AmsuvAnkix.dat
2014-06-01 14:44 - 2010-10-08 01:35 - 00000000 ____D () C:\Users\Loki\AppData\Local\Deployment
2014-05-29 20:10 - 2013-08-14 12:19 - 00000000 ____D () C:\Program Files\Battle.net
2014-05-29 11:18 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-21 11:58 - 2014-05-20 14:33 - 00000000 ____D () C:\Users\Loki\AppData\Local\Virtual RC Pro
2014-05-20 16:30 - 2014-05-20 14:25 - 00000000 ____D () C:\Users\Loki\Documents\Virtual RC Pro
2014-05-20 15:33 - 2014-05-20 15:33 - 00000000 ____D () C:\ProgramData\Virtual RC Pro
2014-05-20 14:25 - 2014-05-20 14:25 - 00000571 _____ () C:\Users\Loki\Desktop\Virtual RC Pro.lnk
2014-05-20 14:25 - 2014-05-20 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual RC Pro
2014-05-19 18:32 - 2010-10-14 21:28 - 00000000 ____D () C:\Users\Loki\AppData\Roaming\Dropbox
2014-05-19 11:25 - 2014-05-19 11:25 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\Program Files\iPod
2014-05-19 11:25 - 2010-11-02 13:52 - 00000000 ____D () C:\Program Files\iTunes
2014-05-19 11:25 - 2010-11-02 13:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-19 10:53 - 2012-04-01 16:39 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-19 10:53 - 2011-05-20 12:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-16 20:53 - 2013-01-11 17:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-14 18:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-14 15:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-14 15:12 - 2014-01-05 13:14 - 00004420 _____ () C:\Users\Loki\Desktop\Neues Textdokument (2).txt
2014-05-14 11:40 - 2014-05-07 00:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 11:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-14 11:16 - 2010-10-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 11:14 - 2014-05-14 11:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:14 - 2013-08-14 20:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 11:12 - 2010-10-08 16:11 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 08:54 - 2012-04-26 00:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-10 12:24 - 2014-05-10 12:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-10 11:31 - 2011-07-28 19:25 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 11:31 - 2011-07-28 19:25 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-09 09:06 - 2014-05-14 11:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-14 11:06 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 11:02 - 2010-10-08 00:30 - 01629212 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 05:25 - 2014-05-14 11:08 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-14 11:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-14 11:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Files to move or delete:
====================
C:\ProgramData\AmsuvAnkix.dat
Some content of TEMP:
====================
C:\Users\Loki\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-30 13:19
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014 01
Ran by Loki at 2014-06-02 13:01:33
Running from F:\Temp
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - )
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Amazon Kindle (HKLM\...\Amazon Kindle) (Version: - Amazon)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{BF9D2E61-64C4-64EA-6AF7-29EB5A110C26}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArgusMonitor (HKLM\...\ArgusMonitor) (Version: - )
Avira Antivirus Premium (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bamboo Explore (HKLM\...\Bamboo Explore) (Version: 1.2010.1105.1650 - Wacom Europe GmbH)
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield: Bad Company™ 2 (HKLM\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
bcTester 4.9 (de) (HKLM\...\{B18D4784-45FF-4787-A81E-012873CA6515}) (Version: 4.9.2 - QS QualitySoft GmbH)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Bulletstorm (HKLM\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (Version: 1.0.0000.130 - EA) Hidden
BulletStorm (Version: 1.0.0001.130 - EA) Hidden
BulletStorm (Version: 1.0.0005.130 - EA) Hidden
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version: - )
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
cFosSpeed v9.04 (HKLM\...\cFosSpeed) (Version: 9.04 - cFos Software GmbH, Bonn)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
Content Manager 2 (HKLM\...\Content Manager 2) (Version: 3.10.0.52790 - NNG Llc.)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DDBAC (HKLM\...\{8E1246B9-9F66-4303-BF11-212EC2672BBE}) (Version: 5.3.13 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM\...\Dev-C++) (Version: - )
DH Driver Cleaner Professional Edition (HKLM\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Diablo III (HKLM\...\Diablo III) (Version: - Blizzard Entertainment)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.25 - Dropbox, Inc.)
DVDStyler v2.5.2 (HKLM\...\DVDStyler_is1) (Version: - )
eReg (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Falk Navi-Manager (HKLM\...\{3222B0CE-59C5-4CA0-B545-2B88F200756B}) (Version: 2.7.0 - Falk Navigation GmbH)
Falk Navi-Manager (Version: 2.6.1 - Falk Navigation GmbH) Hidden
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.0.0.0 - Futuremark Corporation)
gamelauncher-ps2-psg (HKCU\...\SOE-H:/PS2) (Version: - Sony Online Entertainment)
Gigaset QuickSync (HKLM\...\{a325d0b9-0b5e-4ad1-9c5f-e39aa43f8c9d}) (Version: 7.1.0841.3 - Gigaset Communications GmbH)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
HDD Health v3.3 Beta (HKLM\...\HDD Health_is1) (Version: - )
Hearthstone (HKLM\...\Hearthstone) (Version: - Blizzard Entertainment)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hi-Rez Studios Authenticate and Update Service (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HLSW v1.4.0.2 (HKLM\...\HLSW_is1) (Version: - Stripf Software)
Horland's Scan2Pdf (HKLM\...\Horlands Scan2Pdf_is1) (Version: 2.6.0.9 - Horland Software)
ICQ7.6 (HKLM\...\{7644E42D-B096-457F-8B5B-901238FC81AE}) (Version: 7.6 - ICQ)
Inkscape 0.48.0 (HKLM\...\Inkscape) (Version: 0.48.0 - )
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 25 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Joe (HKLM\...\{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}) (Version: 3.05.0100 - Wirth New Media Sarl)
Logitech Gaming Software (Version: 8.35.18 - Logitech Inc.) Hidden
Logitech Gaming Software 8.52 (HKLM\...\Logitech Gaming Software) (Version: 8.52.15 - Logitech Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Mathematics-Add-In (32 Bit) (HKLM\...\{E2C98732-F973-4985-A9C5-DC06178E16EE}) (Version: 2.0.041222.01 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio Shell 2008 Service Pack 1 - ENU (HKLM\...\{97E3C3BF-76AC-4DEA-BF8A-434F1EA5F272}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
MinGW-Get version 0.5-beta-20120426-1 (HKLM\...\{AC2C1BDB-1E91-4F94-B99C-E716FE2E9C75}_is1) (Version: 0.5-beta-20120426-1 - MinGW)
Monkey Island™ Special Edition Collection (HKLM\...\MISEC) (Version: 1.0.0.0 - LucasArts)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Naviextras Toolbox Prerequesities (HKLM\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
NetBeans IDE 7.1 (HKLM\...\nbi-nb-base-7.1.0.0.0) (Version: 7.1 - NetBeans.org)
Notepad++ (HKLM\...\Notepad++) (Version: 5.9.6 - )
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Oracle VM VirtualBox 4.2.12 (HKLM\...\{5FA29565-1B72-488F-B975-E3C76F179F36}) (Version: 4.2.12 - Oracle Corporation)
PDF24 Creator 6.2.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Plants vs. Zombies (HKLM\...\Plants vs. Zombies) (Version: - PopCap Games)
Polar UpLink Tool (HKLM\...\{F996DEB7-4AD7-4F15-84AA-114B8BE45911}) (Version: 1.61.0 - Polar Electro Oy)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6392 - Realtek Semiconductor Corp.)
Samsung New PC Studio (HKLM\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (2.0.0.3001) (HKLM\...\Secunia PSI) (Version: - )
Secure Download Manager (HKLM\...\{9268B41D-6045-4F5F-A14E-3F8E51CD2666}) (Version: 3.0.5 - e-academy Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Source SDK Base 2007 (HKLM\...\Steam App 218) (Version: - Valve)
Star Trek Online (HKLM\...\Star Trek Online) (Version: - Cryptic Studios)
StarCraft II (HKLM\...\StarCraft II) (Version: - Blizzard Entertainment)
Super Mario Bros. X version 1.3 (HKLM\...\{C9EAEE6B-741F-421D-B9CE-9FA300DA92AD}_is1) (Version: 1.3 - SuperMarioBrothers.org)
System Requirements Lab (HKLM\...\{92482FB3-C05B-41C6-89E7-75D985602A6E}) (Version: 4.1.72.0 - Husdawg, LLC)
System Requirements Lab CYRI (HKLM\...\{1F77C418-2C90-459C-BD33-B56A4182B9FA}) (Version: 4.4.26.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tribes Ascend (HKLM\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios)
TuneUp Utilities (HKLM\...\TuneUp Utilities) (Version: 9.0.6030.1 - TuneUp Software)
TuneUp Utilities (Version: 9.0.6030.1 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 9.0.6030.1 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 System (KB2539530) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Visual Studio Web Authoring Component (KB945140) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{F9DE79A2-9049-4589-9787-815147371581}) (Version: - Microsoft)
Virtual RC Pro Racing Simulator (HKLM\...\{BF530916-26EE-4FE4-8946-670C82357454}_is1) (Version: - )
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoiceOver Kit (HKLM\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.)
War Thunder Launcher 1.0.1.199 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation)
WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
WildStar (HKLM\...\WildStar) (Version: 0.5.12.6406 - NCSOFT)
Winamp (HKLM\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinCDEmu (HKLM\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net)
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Restore Points =========================
21-05-2014 09:41:32 Windows Update
30-05-2014 09:56:00 Windows Update
02-06-2014 10:52:31 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {087AD854-2F93-40F7-989B-BFDD0A9C96B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {215B9618-6C56-4F26-94D3-A0390F04DE9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-28] (Google Inc.)
Task: {26262920-85E6-4CC3-954B-8D78ABD806EE} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files\TuneUp Utilities 2010\OneClick.exe [2011-11-21] (TuneUp Software)
Task: {43DED82B-F034-4604-AF7C-CA4FFF61FDBB} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {5073C347-792A-4C1A-B9B3-7C26B4CF93E0} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {7807D483-56FB-4091-ADA9-E1BB46780BFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-07-28] (Google Inc.)
Task: {97AFC2C0-AF0C-45E4-8A49-23DC7B3443F9} - System32\Tasks\{200BEB1F-354A-405F-A03A-2EE780B5D0CA} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {AF4C6AEB-160D-4E23-8C4D-995BFFFDFA51} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {F76FAB4E-506B-47E3-8306-14E7138F0082} - System32\Tasks\{586DBEF5-FA59-418F-8E0F-BD35D095A58A} => Firefox.exe hxxp://ui.skype.com/ui/0/5.5.0.124.259/en/abandoninstall?page=tsPlugin&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-06 16:10 - 2012-04-13 22:38 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2010-12-25 12:40 - 2010-10-21 09:38 - 00962416 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-07-18 23:04 - 2011-07-18 23:04 - 00296448 _____ () C:\Program Files\Notepad++\NppShell_04.dll
2013-06-18 16:49 - 2013-06-18 16:49 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-30 00:08 - 2013-04-30 00:08 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-10 12:24 - 2014-05-10 12:24 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/01/2014 09:22:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/01/2014 09:17:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/30/2014 01:24:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/30/2014 01:20:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/28/2014 11:38:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/28/2014 11:35:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/28/2014 10:59:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/27/2014 06:06:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/26/2014 05:45:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/26/2014 05:40:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (05/20/2014 04:38:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/20/2014 04:38:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1352
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/20/2014 04:38:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (05/19/2014 02:12:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (05/16/2014 01:56:14 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (05/09/2014 05:20:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (05/09/2014 05:20:17 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1352
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (05/09/2014 05:20:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}
Error: (05/05/2014 11:31:59 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C}
Error: (05/01/2014 01:12:34 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000116 (0x885bf008, 0x91ac67f2, 0xc0000001, 0x00000003)C:\Windows\MEMORY.DMP050114-18938-01
Microsoft Office Sessions:
=========================
Error: (06/01/2014 09:22:04 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\WinCDEmu\vmnt64.exe
Error: (06/01/2014 09:17:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
Error: (05/30/2014 01:24:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\WinCDEmu\vmnt64.exe
Error: (05/30/2014 01:20:13 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
Error: (05/28/2014 11:38:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\WinCDEmu\vmnt64.exe
Error: (05/28/2014 11:35:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
Error: (05/28/2014 10:59:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
Error: (05/27/2014 06:06:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
Error: (05/26/2014 05:45:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\WinCDEmu\vmnt64.exe
Error: (05/26/2014 05:40:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"C:\Program Files\Microsoft Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 3326.49 MB
Available physical RAM: 1528.75 MB
Total Pagefile: 9468.78 MB
Available Pagefile: 7056.52 MB
Total Virtual: 2047.88 MB
Available Virtual: 1882.2 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:108.03 GB) (Free:60.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive f: (Daten) (Fixed) (Total:140.8 GB) (Free:52.74 GB) NTFS
Drive h: (Games) (Fixed) (Total:216.93 GB) (Free:22.05 GB) NTFS
Drive i: (Dev) (Fixed) (Total:48.83 GB) (Free:34.38 GB) NTFS
Drive j: (Music'n Movies) (Fixed) (Total:68.36 GB) (Free:7.45 GB) NTFS
Drive k: (Backup) (Fixed) (Total:69.1 GB) (Free:47.43 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 186 GB) (Disk ID: A64DA64D)
Partition 1: (Not Active) - (Size=186 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 3F563F55)
Partition 1: (Active) - (Size=108 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=358 GB) - (Type=05)
==================== End Of Log ============================
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 13:23:22
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\user.js
Ordner Gefunden : C:\Program Files\driver-soft
Ordner Gefunden : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\FoxTab
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\YahooPartnerToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\Software\Driver-Soft
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
Zeile gefunden : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
*************************
AdwCleaner[R0].txt - [1415 octets] - [02/06/2014 13:23:22]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1475 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 13:34:09
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [714 octets] - [02/06/2014 13:34:09]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [833 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 13:51:32
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [912 octets] - [02/06/2014 13:34:09]
AdwCleaner[R2].txt - [773 octets] - [02/06/2014 13:51:32]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
AdwCleaner[S1].txt - [972 octets] - [02/06/2014 13:34:50]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [951 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 15:26:28
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [912 octets] - [02/06/2014 13:34:09]
AdwCleaner[R2].txt - [1030 octets] - [02/06/2014 13:51:32]
AdwCleaner[R3].txt - [735 octets] - [02/06/2014 15:26:28]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
AdwCleaner[S1].txt - [972 octets] - [02/06/2014 13:34:50]
AdwCleaner[S2].txt - [1092 octets] - [02/06/2014 13:52:04]
########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [973 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 13:26:59
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\driver-soft
Ordner Gelöscht : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\FoxTab
Datei Gelöscht : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : HKCU\Software\Headlight
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\Driver-Soft
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[S0].txt - [1476 octets] - [02/06/2014 13:26:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1536 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 13:34:50
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [912 octets] - [02/06/2014 13:34:09]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
AdwCleaner[S1].txt - [834 octets] - [02/06/2014 13:34:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [893 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 13:52:04
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [912 octets] - [02/06/2014 13:34:09]
AdwCleaner[R2].txt - [1030 octets] - [02/06/2014 13:51:32]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
AdwCleaner[S1].txt - [972 octets] - [02/06/2014 13:34:50]
AdwCleaner[S2].txt - [953 octets] - [02/06/2014 13:52:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1012 octets] ##########
Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 15:27:08
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\Temp\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [912 octets] - [02/06/2014 13:34:09]
AdwCleaner[R2].txt - [1030 octets] - [02/06/2014 13:51:32]
AdwCleaner[R3].txt - [1052 octets] - [02/06/2014 15:26:28]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
AdwCleaner[S1].txt - [972 octets] - [02/06/2014 13:34:50]
AdwCleaner[S2].txt - [1092 octets] - [02/06/2014 13:52:04]
AdwCleaner[S3].txt - [975 octets] - [02/06/2014 15:27:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1034 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by Loki on 02.06.2014 at 15:56:22,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Loki\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{08DA274C-4979-4E9D-A075-3526EC2B3F45}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{0B94313A-17E0-49DF-BF2C-6E8504DEEA59}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{0F85E988-E221-49EC-A36D-7152FA3D3D8F}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{1494413E-3A65-4AA3-B98D-5A8F9AEF3908}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{1E0F15DD-C6EF-41DD-AE17-BC11CF5C56F4}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{226C98F0-2438-42A0-BC8C-1218EAA7E6F5}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{38A08652-6CE4-41D3-99B5-AF482E5B274D}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{4FBC5E1F-650B-43BB-BF2D-7C6763AC4BE8}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{5A7A6392-4C20-4D20-AC8F-C94FA4A909FE}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{5D3D36EE-DA34-4868-8445-2E7EF5378093}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{6563DD9F-D52E-411D-A730-53E6D25FFD88}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{66E69545-A06E-45A2-92B6-C5D5F196C08E}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{78805F5C-016E-4656-988C-8855AB9A373D}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{7F2C0856-3C41-4DFA-820C-FEDBA76BF7E9}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{8FC07D74-4579-4EE6-AECF-0F309DCA7E95}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{97108B2E-30F5-4EE3-B7D9-8EA85EDEF73A}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{A6C67021-D8BC-436B-9C1A-84EE9F17439D}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{AED051F7-1D73-457F-821A-20B530922CB9}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{D23E3724-C154-4245-A1BB-090100DCF42E}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{D8491051-EECB-4625-9298-D3F70302AA63}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{DFF6DA6D-F7C1-4137-BE4A-8FCDCC4C4E0E}
Successfully deleted: [Empty Folder] C:\Users\Loki\appdata\local\{F5B46E72-4B29-4AAE-AD78-77E4B8122A3A}
~~~ FireFox
Emptied folder: C:\Users\Loki\AppData\Roaming\mozilla\firefox\profiles\xxkln6yb.default\minidumps [287 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.06.2014 at 16:12:28,92
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Loki Geändert von Darkloki (02.06.2014 um 16:14 Uhr) |
|
02.06.2014, 18:17
| #2 |
| /// the machine /// TB-Ausbilder    | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt hi,
__________________Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Scan mit Combofix
__________________ |
|
03.06.2014, 19:10
| #3 |
| | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Hi Schrauber,
__________________Danke schon mal für deine schnelle Antwort. Hier das Fixlist Log Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:02-06-2014
Ran by Loki at 2014-06-02 20:30:30 Run:1
Running from F:\Temp\FRST
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Trend Micro <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Malwarebytes' Anti-Malware <====== ATTENTION
*****************
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
==== End of Fixlog ====
Loki Und hier kommt das Combofix Log hinterher: Code:
ATTFilter ComboFix 14-05-29.01 - Loki 02.06.2014 20:49:05.1.2 - x86
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.3326.1688 [GMT 2:00]
ausgeführt von:: c:\users\Loki\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Loki\AppData\Local\assembly\tmp
c:\users\Loki\AppData\Local\Microsoft\Windows\Temporary Internet Files\GermanyRain.gadget
c:\users\Loki\AppData\Local\Microsoft\Windows\Temporary Internet Files\Top100Station.de_Sidebarplayer_1.0.gadget
c:\users\Loki\AppData\Roaming\.#
c:\windows\system32\SET57B9.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-02 bis 2014-06-02 ))))))))))))))))))))))))))))))
.
.
2014-06-02 18:56 . 2014-06-02 18:57 -------- d-----w- c:\users\Loki\AppData\Local\temp
2014-06-02 18:56 . 2014-06-02 18:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-02 18:42 . 2014-06-02 18:42 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D17DE03F-5517-4EDA-B7B3-A2CCA3E714A1}\MpKsle9bd945c.sys
2014-06-02 18:34 . 2014-06-02 18:34 39464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D17DE03F-5517-4EDA-B7B3-A2CCA3E714A1}\MpKsl0844ba12.sys
2014-06-02 13:52 . 2014-06-02 13:52 -------- d-----w- c:\windows\ERUNT
2014-06-02 13:32 . 2014-04-30 14:37 8073384 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D17DE03F-5517-4EDA-B7B3-A2CCA3E714A1}\mpengine.dll
2014-06-02 11:23 . 2014-06-02 14:13 -------- d-----w- C:\AdwCleaner
2014-06-02 11:00 . 2014-06-02 18:30 -------- d-----w- C:\FRST
2014-06-02 10:53 . 2014-06-02 10:52 765968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4069EC13-85B8-42A0-A6A5-0D2092B3A378}\gapaengine.dll
2014-06-02 10:52 . 2014-04-30 14:37 8073384 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-06-02 10:49 . 2014-06-02 10:49 -------- d-----w- c:\program files\Microsoft Security Client
2014-06-02 10:39 . 2014-06-02 10:39 -------- d-----w- c:\users\Loki\AppData\Roaming\QuickScan
2014-05-30 09:56 . 2014-04-30 23:37 8073384 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1B236547-A7BD-449D-8D84-65D4F5578A97}\mpengine.dll
2014-05-20 13:33 . 2014-05-20 13:33 -------- d-----w- c:\programdata\Virtual RC Pro
2014-05-20 12:33 . 2014-05-21 09:58 -------- d-----w- c:\users\Loki\AppData\Local\Virtual RC Pro
2014-05-19 09:25 . 2014-05-19 09:25 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-19 09:25 . 2014-05-19 09:25 -------- d-----w- c:\program files\iPod
2014-05-14 09:08 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-14 09:06 . 2014-05-09 07:06 369664 ----a-w- c:\windows\system32\aepdu.dll
2014-05-14 09:06 . 2014-05-09 07:04 302592 ----a-w- c:\windows\system32\aeinv.dll
2014-05-14 09:06 . 2014-04-12 02:11 1059840 ----a-w- c:\windows\system32\lsasrv.dll
2014-05-14 09:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\system32\ntkrnlpa.exe
2014-05-14 09:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\system32\ntoskrnl.exe
2014-05-14 09:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-14 09:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\system32\kerberos.dll
2014-05-14 09:06 . 2014-03-04 09:17 304128 ----a-w- c:\windows\system32\winlogon.exe
2014-05-08 11:21 . 2014-05-08 11:21 188272 ----a-w- c:\program files\Internet Explorer\Plugins\nppdf32.dll
2014-05-06 22:10 . 2014-05-14 09:40 -------- d-s---w- c:\windows\system32\CompatTel
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-19 08:53 . 2012-04-01 14:39 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-19 08:53 . 2011-05-20 10:37 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 09:56 . 2012-10-09 09:35 93528 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2014-04-29 09:56 . 2012-10-09 09:35 136216 ----a-w- c:\windows\system32\drivers\avipbb.sys
2014-04-15 00:34 . 2014-04-15 00:34 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-04-14 18:13 . 2014-04-28 09:22 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-04-05 16:52 . 2010-10-07 23:25 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2014-03-31 07:35 . 2010-10-07 22:37 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-30 14:54 . 2011-02-06 14:10 139048 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-03-30 14:54 . 2011-02-06 14:10 282296 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-03-30 14:54 . 2010-10-14 20:14 282296 ----a-w- c:\windows\system32\PnkBstrB.xtr
2014-03-30 14:51 . 2010-10-14 20:12 280736 ----a-w- c:\windows\system32\PnkBstrB.ex0
2014-03-11 07:52 . 2014-03-11 07:52 104264 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-06 08:31 . 2014-04-29 22:53 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:02 . 2014-04-29 22:53 61952 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:02 . 2014-04-29 22:54 455168 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:01 . 2014-04-29 22:53 51200 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 07:46 . 2014-04-29 22:53 4254720 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 07:38 . 2014-04-29 22:53 112128 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 07:38 . 2014-04-29 22:53 108032 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 07:36 . 2014-04-29 22:53 592896 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 07:28 . 2014-04-29 22:53 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 07:13 . 2014-04-29 22:53 32256 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 06:40 . 2014-04-29 22:53 1967104 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 05:41 . 2014-04-29 22:53 1789440 ----a-w- c:\windows\system32\wininet.dll
2011-07-14 08:31 . 2011-04-08 15:17 1456640 ----a-w- c:\program files\Common Files\Falk Navi-Manager.msi
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Loki\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Loki\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Loki\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Loki\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Loki\AppData\Local\Akamai\netsession_win.exe" [2014-04-17 4672920]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-06-09 10082920]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-05-22 737872]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-02-27 6215448]
"cFosSpeed"="c:\program files\cFosSpeed\cFosSpeed.exe" [2013-04-19 1339232]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2013-04-29 642304]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"PDFPrint"=c:\program files\PDF24\pdf24.exe
.
R2 AntiVirMailService;Avira Email Schutz;c:\program files\Avira\AntiVir Desktop\avmailc.exe [2014-05-22 801872]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-10-23 172192]
R3 ArgusMonitor;ArgusMonitor kernel mode driver;c:\windows\system32\drivers\ArgusMonitor.sys [2014-02-28 50552]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x32.sys [x]
R3 EagleXNt;EagleXNt;c:\windows\system32\drivers\EagleXNt.sys [x]
R3 ESLvnic1;ESLvnic Virtual Network 32 Bit;c:\windows\system32\DRIVERS\ESLvnic.sys [2011-04-14 24504]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-03-01 130976]
R3 GigasetGenericUSB;GigasetGenericUSB;c:\windows\system32\DRIVERS\GigasetGenericUSB.sys [2009-02-20 44032]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-03-06 108032]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2i386.sys [2010-09-29 53976]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMi386.sys [2010-09-29 335064]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\Drivers\LEqdUsb.Sys [2011-09-02 42648]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\Drivers\LHidEqd.Sys [2011-09-02 12184]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-03-11 104264]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe [2014-03-11 279776]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-10 993848]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-04-27 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-04-27 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-04-27 123648]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-10-05 16240]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-10-01 37352]
S1 MpKsl0844ba12;MpKsl0844ba12;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D17DE03F-5517-4EDA-B7B3-A2CCA3E714A1}\MpKsl0844ba12.sys [2014-06-02 39464]
S1 MpKsle9bd945c;MpKsle9bd945c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D17DE03F-5517-4EDA-B7B3-A2CCA3E714A1}\MpKsle9bd945c.sys [2014-06-02 39464]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2013-04-12 188176]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2013-04-12 94480]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-11-16 217088]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-05-22 430160]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-05-22 1039440]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [2010-07-04 238952]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-01-10 399416]
S2 TabletServicePen;TabletServicePen;c:\program files\Tablet\Pen\Pen_Tablet.exe [2010-10-21 4869488]
S2 TouchServicePen;Wacom Consumer Touch Service;c:\program files\Tablet\Pen\Pen_TouchService.exe [2010-10-21 416112]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [2011-11-21 1052480]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW73.sys [2012-05-14 86656]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys [2011-08-08 117584]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.SYS [2010-06-14 36608]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCi386.sys [2013-04-15 378392]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRi386.sys [2013-04-15 78616]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-11-23 19720]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys [2009-07-01 23432]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 39960]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [2009-11-23 14856]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-03-22 278560]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [2010-02-24 10064]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2013-04-12 104720]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2013-04-12 115984]
S3 WacomVTHid;Virtual Touch Driver;c:\windows\system32\DRIVERS\WacomVTHid.sys [2009-07-09 13480]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - FSUSBEXDISK
*NewlyCreated* - MPKSLE9BD945C
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-28 17:25]
.
2014-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-07-28 17:25]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://www.olb.de/
uInternet Settings,ProxyOverride = *.local;<local>
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files\ICQ7.6\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: no-ip.org\grueneweg
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-PS2 - h:\ps2\Uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1604142742-313199325-3323007580-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:de,5c,34,0e,b3,c5,30,b1,1d,43,fc,83,10,1b,50,a9,a5,ab,d7,ff,96,6e,8e,
65,e4,e5,db,e8,65,1e,56,eb,09,67,72,ed,49,14,43,9e,d4,0e,6c,2f,af,07,01,b4,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-1604142742-313199325-3323007580-1001\Software\SecuROM\License information*]
"datasecu"=hex:f9,1c,59,9c,3f,df,fd,34,8d,eb,28,95,fa,77,67,22,6d,59,0f,b8,29,
45,e7,20,7c,7e,09,f7,16,f2,eb,f3,89,a1,ae,db,b0,8b,5e,6e,bb,15,f8,aa,04,62,\
"rkeysecu"=hex:47,ee,72,b0,06,80,92,0e,f1,f2,e1,6d,32,56,7e,7d
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-02 20:59:05
ComboFix-quarantined-files.txt 2014-06-02 18:59
.
Vor Suchlauf: 13 Verzeichnis(se), 63.695.048.704 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 63.630.102.528 Bytes frei
.
- - End Of File - - 2D3C855368B53809EF91274829A66B4B
A36C5E4F47E84449FF07ED3517B43A31
Malwarebytes hat gestern in meiner ICQ Installation eine Version des "Pup.Optional" gefunden und gelöscht. Das fiel mir grade beim Stöbern im Forum wieder ein. Loki Hab ich irgendwas vergessen oder nicht beachtet?
__________________ |
|
04.06.2014, 18:27
| #4 | |
| /// the machine /// TB-Ausbilder | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblocktZitat:
 Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.06.2014, 19:41
| #5 |
| | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Ich wollte Dir nicht unterstellen, das Du nicht arbeiten würdest. Nur habe ich gesehen, das Du andere Beiträge beantwortet hast und ich dachte da fehlt halt noch was bei mir... :P MBAM hat nichts gefunden AdwCleaner Log: Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 04/06/2014 um 20:22:47
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Loki - ASGARD
# Gestartet von : F:\TrojBoard\Adw\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [1555 octets] - [02/06/2014 13:23:22]
AdwCleaner[R1].txt - [912 octets] - [02/06/2014 13:34:09]
AdwCleaner[R2].txt - [1030 octets] - [02/06/2014 13:51:32]
AdwCleaner[R3].txt - [1052 octets] - [02/06/2014 15:26:28]
AdwCleaner[R4].txt - [1280 octets] - [04/06/2014 20:22:06]
AdwCleaner[S0].txt - [1616 octets] - [02/06/2014 13:26:59]
AdwCleaner[S1].txt - [972 octets] - [02/06/2014 13:34:50]
AdwCleaner[S2].txt - [1092 octets] - [02/06/2014 13:52:04]
AdwCleaner[S3].txt - [1114 octets] - [02/06/2014 15:27:08]
AdwCleaner[S4].txt - [1202 octets] - [04/06/2014 20:22:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1262 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Professional x86
Ran by Loki on 04.06.2014 at 20:34:24,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2014 at 20:37:10,05
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Loki (administrator) on ASGARD on 04-06-2014 20:39:29
Running from F:\TrojBoard
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Hi-Rez Studios) H:\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Windows\System32\PnkBstrA.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Akamai Technologies, Inc.) C:\Users\Loki\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Loki\AppData\Local\Akamai\netsession_win.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-06-09] (Realtek Semiconductor)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [6215448 2014-02-28] (Logitech Inc.)
HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1339232 2013-04-19] (cFos Software GmbH)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [AMD AVT] => C:\Program Files\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKU\.DEFAULT\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1604142742-313199325-3323007580-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Loki\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.olb.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC19F47FDC1DCCB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 - C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\searchplugins\mysql-manual.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Разпознаване на устройство Logitech - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\DeviceDetection@logitech.com [2012-01-31]
FF Extension: DDBAC Plug-In - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{271A3CF5-5A54-447B-A08F-BE805F0DA60A} [2013-11-16]
FF Extension: Flashblock - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2013-04-15]
FF Extension: OLB - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{C752FF21-A8EF-468E-B507-5BBAFB84359D} [2013-12-13]
FF Extension: Self-Destructing Cookies - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013-06-26]
FF Extension: NoScript - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-26]
FF Extension: FireFTP - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2011-03-24]
FF Extension: Adblock Plus - C:\Users\Loki\AppData\Roaming\Mozilla\Firefox\Profiles\xxkln6yb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-03-26]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\䍻䙁䕅䅆ⵃ〰㜱〭〰ⴰ〰㔰䄭䍂䕄䙆䑅䉃絁 [2014-05-10]
========================== Services (Whitelisted) =================
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [801872 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [438112 2013-04-19] (cFos Software GmbH)
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [130976 2011-03-01] (Futuremark Corporation)
U2 HiPatchService; h:\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-09] (Hi-Rez Studios)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-04-13] ()
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [399416 2011-01-10] (Secunia)
S3 TuneUp.Defrag; C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe [435008 2011-11-25] (TuneUp Software)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe [1052480 2011-11-21] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
S3 ArgusMonitor; C:\Windows\System32\drivers\ArgusMonitor.sys [50552 2014-02-28] (Argotronic UG (haftungsbeschraenkt))
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-04-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 BazisVirtualCDBus; C:\Windows\System32\DRIVERS\BazisVirtualCDBus.sys [117584 2011-08-08] (SysProgs.org)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1242464 2013-04-19] (cFos Software GmbH)
S3 ESLvnic1; C:\Windows\System32\DRIVERS\ESLvnic.sys [24504 2011-04-14] (Turtle Entertainment GmbH)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [36608 2010-06-14] ()
S3 GigasetGenericUSB; C:\Windows\System32\DRIVERS\GigasetGenericUSB.sys [44032 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
R3 LADF_CaptureOnly; C:\Windows\System32\DRIVERS\ladfGSCi386.sys [378392 2013-04-15] (Logitech)
S3 LADF_DHP2; C:\Windows\System32\DRIVERS\ladfDHP2i386.sys [53976 2010-09-29] (Logitech)
R3 LADF_RenderOnly; C:\Windows\System32\DRIVERS\ladfGSRi386.sys [78616 2013-04-15] (Logitech)
S3 LADF_SBVM; C:\Windows\System32\DRIVERS\ladfSBVMi386.sys [335064 2010-09-29] (Logitech)
S3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42648 2011-09-02] (Logitech, Inc.)
R3 LGBusEnum; C:\Windows\System32\drivers\LGBusEnum.sys [19720 2009-11-23] (Logitech Inc.)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [23432 2009-07-01] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [39960 2013-05-30] (Logitech Inc.)
R3 LGVirHid; C:\Windows\System32\drivers\LGVirHid.sys [14856 2009-11-23] (Logitech Inc.)
S3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [12184 2011-09-02] (Logitech, Inc.)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [30360 2011-09-02] (Logitech, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2010-09-01] (Secunia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-10-09] (Avira GmbH)
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2010-04-27] (MCCI)
S3 ss_bmdfl; C:\Windows\System32\DRIVERS\ss_bmdfl.sys [14848 2010-04-27] (MCCI Corporation)
S3 ss_bmdm; C:\Windows\System32\DRIVERS\ss_bmdm.sys [123648 2010-04-27] (MCCI Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys [10064 2010-02-24] (TuneUp Software)
R3 WacomVTHid; C:\Windows\System32\DRIVERS\WacomVTHid.sys [13480 2009-07-09] (Wacom Technology)
R3 WmBEnum; C:\Windows\System32\drivers\WmBEnum.sys [22856 2010-04-27] (Logitech Inc.)
S3 WmFilter; C:\Windows\System32\drivers\WmFilter.sys [37704 2010-04-27] (Logitech Inc.)
S3 WmVirHid; C:\Windows\System32\drivers\WmVirHid.sys [15048 2010-04-27] (Logitech Inc.)
R3 WmXlCore; C:\Windows\System32\drivers\WmXlCore.sys [66632 2010-04-27] (Logitech Inc.)
S3 catchme; \??\C:\Users\Loki\AppData\Local\Temp\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-04 20:37 - 2014-06-04 20:37 - 00000647 _____ () C:\Users\Loki\Desktop\JRT.txt
2014-06-04 20:05 - 2014-06-04 20:06 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 20:05 - 2014-06-04 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-04 20:04 - 2014-06-04 20:05 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-06-04 20:04 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-04 20:04 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-04 19:52 - 2014-06-04 19:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Loki\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-03 12:45 - 2014-06-03 12:45 - 00150192 _____ () C:\Users\Loki\Downloads\TweakUiPowertoySetup.exe
2014-06-02 20:59 - 2014-06-04 20:39 - 00000000 ____D () C:\Users\Loki\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00021680 _____ () C:\ComboFix.txt
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\1337\AppData\Local\temp
2014-06-02 20:46 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-02 20:46 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-02 20:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-02 20:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-02 20:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-02 20:46 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-02 20:46 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-02 20:46 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-02 20:34 - 2014-06-02 20:59 - 00000000 ____D () C:\Qoobox
2014-06-02 20:34 - 2014-06-02 20:57 - 00000000 ____D () C:\Windows\erdnt
2014-06-02 20:33 - 2014-06-02 20:33 - 05203398 ____R (Swearware) C:\Users\Loki\Downloads\ComboFix.exe
2014-06-02 16:36 - 2014-06-02 16:37 - 00143096 _____ () C:\Windows\Minidump\060214-20560-01.dmp
2014-06-02 16:29 - 2014-06-02 16:29 - 00380416 _____ () C:\Users\Loki\Downloads\Gmer-19357.exe
2014-06-02 15:52 - 2014-06-02 15:52 - 00000000 ____D () C:\Windows\ERUNT
2014-06-02 15:35 - 2014-06-02 15:35 - 00000033 _____ () C:\Users\Loki\AppData\Roaming\mbam.context.scan
2014-06-02 15:34 - 2014-06-02 15:34 - 01016261 _____ (Thisisu) C:\Users\Loki\Desktop\JRT.exe
2014-06-02 13:23 - 2014-06-04 20:22 - 00000000 ____D () C:\AdwCleaner
2014-06-02 13:00 - 2014-06-04 20:39 - 00000000 ____D () C:\FRST
2014-06-02 12:57 - 2014-06-02 12:57 - 00000676 __RSH () C:\Users\Loki\ntuser.pol
2014-06-02 12:49 - 2014-06-02 12:49 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-02 12:49 - 2014-06-02 12:49 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-02 12:49 - 2014-06-02 12:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-02 12:39 - 2014-06-02 12:39 - 00000000 ____D () C:\Users\Loki\AppData\Roaming\QuickScan
2014-05-20 15:33 - 2014-05-20 15:33 - 00000000 ____D () C:\ProgramData\Virtual RC Pro
2014-05-20 14:33 - 2014-05-21 11:58 - 00000000 ____D () C:\Users\Loki\AppData\Local\Virtual RC Pro
2014-05-20 14:25 - 2014-05-20 16:30 - 00000000 ____D () C:\Users\Loki\Documents\Virtual RC Pro
2014-05-20 14:25 - 2014-05-20 14:25 - 00000571 _____ () C:\Users\Loki\Desktop\Virtual RC Pro.lnk
2014-05-20 14:25 - 2014-05-20 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual RC Pro
2014-05-19 11:25 - 2014-05-19 11:25 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\Program Files\iPod
2014-05-14 11:14 - 2014-05-14 11:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:08 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 11:08 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 11:08 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 11:06 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 11:06 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 11:06 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 11:06 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-14 11:06 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 11:06 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 11:06 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 11:06 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 11:05 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 11:05 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 11:05 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 11:05 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 11:05 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 11:05 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 11:05 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 11:05 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-10 12:24 - 2014-05-10 12:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-07 00:10 - 2014-05-14 11:40 - 00000000 ___SD () C:\Windows\system32\CompatTel
==================== One Month Modified Files and Folders =======
2014-06-04 20:39 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Loki\AppData\Local\temp
2014-06-04 20:39 - 2014-06-02 13:00 - 00000000 ____D () C:\FRST
2014-06-04 20:37 - 2014-06-04 20:37 - 00000647 _____ () C:\Users\Loki\Desktop\JRT.txt
2014-06-04 20:37 - 2010-10-08 00:16 - 01991575 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 20:33 - 2013-11-11 21:40 - 00025108 _____ () C:\Windows\setupact.log
2014-06-04 20:33 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 20:32 - 2010-10-08 00:22 - 00000000 ____D () C:\Users\Loki
2014-06-04 20:32 - 2009-07-14 06:34 - 00014768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 20:32 - 2009-07-14 06:34 - 00014768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 20:24 - 2014-02-12 13:11 - 00127696 _____ () C:\Windows\PFRO.log
2014-06-04 20:22 - 2014-06-02 13:23 - 00000000 ____D () C:\AdwCleaner
2014-06-04 20:06 - 2014-06-04 20:05 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-04 20:05 - 2014-06-04 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-04 20:05 - 2014-06-04 20:04 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-06-04 20:05 - 2013-04-12 00:53 - 00001060 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-04 20:05 - 2011-01-20 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-04 20:02 - 2013-08-14 12:19 - 00000000 ____D () C:\Users\Loki\AppData\Local\Battle.net
2014-06-04 19:53 - 2014-06-04 19:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Loki\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-04 18:44 - 2010-10-08 01:35 - 00000000 ____D () C:\Users\Loki\AppData\Local\Deployment
2014-06-03 12:45 - 2014-06-03 12:45 - 00150192 _____ () C:\Users\Loki\Downloads\TweakUiPowertoySetup.exe
2014-06-02 20:59 - 2014-06-02 20:59 - 00021680 _____ () C:\ComboFix.txt
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:59 - 00000000 ____D () C:\Users\1337\AppData\Local\temp
2014-06-02 20:59 - 2014-06-02 20:34 - 00000000 ____D () C:\Qoobox
2014-06-02 20:59 - 2014-01-29 23:19 - 00000000 ____D () C:\Users\1337
2014-06-02 20:59 - 2010-10-08 01:35 - 00000000 ____D () C:\Users\Loki\AppData\Local\Apps\2.0
2014-06-02 20:59 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-06-02 20:57 - 2014-06-02 20:34 - 00000000 ____D () C:\Windows\erdnt
2014-06-02 20:57 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini
2014-06-02 20:33 - 2014-06-02 20:33 - 05203398 ____R (Swearware) C:\Users\Loki\Downloads\ComboFix.exe
2014-06-02 16:37 - 2014-06-02 16:36 - 00143096 _____ () C:\Windows\Minidump\060214-20560-01.dmp
2014-06-02 16:36 - 2013-11-22 22:34 - 362384597 _____ () C:\Windows\MEMORY.DMP
2014-06-02 16:36 - 2013-06-26 14:55 - 00000000 ____D () C:\Windows\Minidump
2014-06-02 16:29 - 2014-06-02 16:29 - 00380416 _____ () C:\Users\Loki\Downloads\Gmer-19357.exe
2014-06-02 15:52 - 2014-06-02 15:52 - 00000000 ____D () C:\Windows\ERUNT
2014-06-02 15:35 - 2014-06-02 15:35 - 00000033 _____ () C:\Users\Loki\AppData\Roaming\mbam.context.scan
2014-06-02 15:34 - 2014-06-02 15:34 - 01016261 _____ (Thisisu) C:\Users\Loki\Desktop\JRT.exe
2014-06-02 12:57 - 2014-06-02 12:57 - 00000676 __RSH () C:\Users\Loki\ntuser.pol
2014-06-02 12:49 - 2014-06-02 12:49 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-06-02 12:49 - 2014-06-02 12:49 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-06-02 12:49 - 2014-06-02 12:49 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-06-02 12:45 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-02 12:39 - 2014-06-02 12:39 - 00000000 ____D () C:\Users\Loki\AppData\Roaming\QuickScan
2014-05-29 20:10 - 2013-08-14 12:19 - 00000000 ____D () C:\Program Files\Battle.net
2014-05-29 11:18 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-21 11:58 - 2014-05-20 14:33 - 00000000 ____D () C:\Users\Loki\AppData\Local\Virtual RC Pro
2014-05-20 16:30 - 2014-05-20 14:25 - 00000000 ____D () C:\Users\Loki\Documents\Virtual RC Pro
2014-05-20 15:33 - 2014-05-20 15:33 - 00000000 ____D () C:\ProgramData\Virtual RC Pro
2014-05-20 14:25 - 2014-05-20 14:25 - 00000571 _____ () C:\Users\Loki\Desktop\Virtual RC Pro.lnk
2014-05-20 14:25 - 2014-05-20 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual RC Pro
2014-05-19 18:32 - 2010-10-14 21:28 - 00000000 ____D () C:\Users\Loki\AppData\Roaming\Dropbox
2014-05-19 11:25 - 2014-05-19 11:25 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-05-19 11:25 - 2014-05-19 11:25 - 00000000 ____D () C:\Program Files\iPod
2014-05-19 11:25 - 2010-11-02 13:52 - 00000000 ____D () C:\Program Files\iTunes
2014-05-19 11:25 - 2010-11-02 13:51 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-19 10:53 - 2012-04-01 16:39 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-19 10:53 - 2011-05-20 12:37 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-16 20:53 - 2013-01-11 17:41 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-14 18:39 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-05-14 15:34 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-14 15:12 - 2014-01-05 13:14 - 00004420 _____ () C:\Users\Loki\Desktop\Neues Textdokument (2).txt
2014-05-14 11:40 - 2014-05-07 00:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 11:40 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-14 11:16 - 2010-10-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 11:14 - 2014-05-14 11:14 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-14 11:14 - 2013-08-14 20:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 11:12 - 2010-10-08 16:11 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-12 08:54 - 2012-04-26 00:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-12 07:26 - 2014-06-04 20:04 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-06-04 20:04 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2011-01-20 21:03 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 12:24 - 2014-05-10 12:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-10 11:31 - 2011-07-28 19:25 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-10 11:31 - 2011-07-28 19:25 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-09 09:06 - 2014-05-14 11:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-14 11:06 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 11:02 - 2010-10-08 00:30 - 01629212 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-06 05:25 - 2014-05-14 11:08 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-14 11:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-14 11:08 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Loki\AppData\Local\temp\avgnt.exe
C:\Users\Loki\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-30 13:19
==================== End Of Log ============================
--- --- ---
__________________ - Niemand ist 100% sicher! - (User mit gefährlichem Halbwissen) |
|
05.06.2014, 19:15
| #6 |
| /// the machine /// TB-Ausbilder | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblocktESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt |
|
06.06.2014, 15:55
| #7 |
| | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Wieso Probleme?  Hier die Logs: ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=8ae1f3c95aeed946a9fc952baaef1259
# engine=18552
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-06 02:40:59
# local_time=2014-06-06 04:40:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 359481 25049653 0 0
# scanned=328468
# found=1
# cleaned=0
# scan_time=12481
sh=47ACFEDB7620FD82D3A386D17263AB081E24CAB9 ft=1 fh=70f2756a6f08d5db vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="F:\Temp\DVDStyler-2.5.2-win32.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.83
Windows 7 Service Pack 1 x86 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Microsoft Security Essentials
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Secunia PSI (2.0.0.3001)
TuneUp Utilities
TuneUp Utilities Language Pack (de-DE)
TuneUp Utilities
DH Driver Cleaner Professional Edition
Java 7 Update 55
Java SE Development Kit 7 Update 25
Adobe Flash Player 13.0.0.214
Adobe Reader 10.1.10 Adobe Reader out of Date!
Mozilla Firefox (29.0.1)
Mozilla Thunderbird (24.5.0)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
__________________ - Niemand ist 100% sicher! - (User mit gefährlichem Halbwissen) |
|
07.06.2014, 11:07
| #8 |
| /// the machine /// TB-Ausbilder | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Adobe updaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.06.2014, 12:18
| #9 |
| | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Adobe hatte ich schon erledigt. Avira Premium werde ich noch so lange ich gelöhnt habe betreiben und danach auf AVAST umsatteln. Den Rest der "Tips" nutze ich eh schon. Das Emailvorschaufenster von Thunderbird ist standardmäßig aktiviert. Bei mir ist es aus, aber wenn man den TB ein zweites Mal startet, dann ist das Vorschaufenster aktiv in der zweiten Instanz. so und nicht anders werde ich mich wohl infiziert haben. Ärgerlich... Mal sehen wie ich das noch verbessern kann. Danke nochmal Loki P.S. Achja im Lob und Kritik Forum kriegst Du dein Fett weg Schrauber! :P
__________________ - Niemand ist 100% sicher! - (User mit gefährlichem Halbwissen) |
|
08.06.2014, 09:30
| #10 |
| /// the machine /// TB-Ausbilder | AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu AntiVir & Malware Bytes - Dieses Programm wurde duch eine Gruppenrichtlinie geblockt |
| 0x00000116, 0xc0000001, akamai, antivir, antivirus, association, avira, bonjour, branding, browser, converter, desktop, error, excel, firefox, flash player, helper, homepage, launch, malware, malware bytes, memory.dmp, problem, programm, realtek, registrierungsdatenbank, scan, security, software, svchost.exe, system, tablet, updates, virtualbox, windows |
WARNUNG an die MITLESER: 
Linear-Darstellung
