| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.09.2014, 21:50
| #1 |
| |  Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hallo liebes Forum, ich habe heute festgestellt, dass ich ein Problem habe. Bis jetzt hatte ich immer GData als Virenscanner installiert und war auch soweit zufrieden. Heute habe ich zum ersten Mal bewusst wahrgenommen, dass das Tray-Icon nicht mehr da ist und habe versucht GData zu starten. Dabei kam die Meldung: "Das Programm wurde durch eine Gruppenrichtlinie blockiert. [...]" Im Folgenden habe ich zunächst GData über "Programme und Funktionen" deinstalliert, danach Microsoft Security Essentials von hxxp://windows.microsoft.com/de-de/windows/security-essentials-download heruntergeladen und Installiert. Leider kommt auch hier die Meldung: "Das Programm wurde durch eine Gruppenrichtlinie blockiert. [...]". Ich hoffe hier kann mir jemand Helfen! defogger_disable.log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:42 on 01/09/2014 (MG)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)
-=E.O.F=-
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02
Ran by MG at 2014-09-01 18:53:41
Running from C:\Users\MG\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Android Studio (HKLM-x32\...\Android Studio) (Version: 1.0 - Google Inc.)
ANNO 1602 Königs-Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
Borderlands (HKLM-x32\...\Borderlands-u-GOTY_is1) (Version: 1.4.1 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
capella-scan 8.0 (HKLM-x32\...\{B8EBE87E-78E4-45A5-A2AB-93F8F8DBD301}) (Version: 8.0.12 - capella-software AG)
Citrix Authentication Manager (x32 Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver (USB) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{0B79C91F-978F-4C2E-9FE4-D4B567808858}) (Version: - Microsoft)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.9.0.3 (HKCU\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Hotfix für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2938803) (HKLM-x32\...\KB2938803.T369_128ToU880_128) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (KB944899) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB944899) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (KB946344) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB946344) (Version: 1 - Microsoft Corporation)
Huawei USB Driver (HKLM-x32\...\{84F167F3-B5FD-400D-B883-EB2A232413D7}) (Version: 1.6.0 - Huawei Incorporated)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}) (Version: 1.0.0.0135 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.362 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.362 - LogMeIn, Inc.) Hidden
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Device Emulator Version 1.0 - DEU (HKLM-x32\...\{88F93A2E-A2F3-4C36-B3D3-EEB274AA2C1C}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2005 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2005 Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 Language Pack - DEU (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visual Web Developer 2007 (x32 Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [DEU] Developer Tools (HKLM-x32\...\{A6F6725C-12C3-42B5-9647-8668E1BEE2D2}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - DEU (HKLM\...\{0592AC66-BE45-4EC3-8A45-DDE0E7CE1873}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - DEU (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - DEU (x32 Version: 8.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Professional Edition - DEU Service Pack 1 (KB926606) (HKLM-x32\...\KB926606.T2_128ToU265_128) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50701 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio ProjectAggregator2 (HKLM-x32\...\{3D6F415D-BCD5-437A-8683-0169B7228F19}) (Version: 1.01.61205.56 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.6 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.3 - )
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF24 Creator 5.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Phone F USB Driver (HKLM-x32\...\{D03DCDA1-F92A-4BC3-9941-DD80CB2B7009}) (Version: 2.2.0 - Mobile)
Phone INQ USB Driver (HKLM-x32\...\{59647C35-19D3-48B5-999F-4903CBB86F9A}) (Version: 2.0.0 - INQ)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0045 - Pegatron Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Protector Suite 2011 (HKLM\...\{BF30D9F5-23B6-4E1C-B580-C9CDBA2CD894}) (Version: 5.9.4.6894 - UPEK Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12952.91 - raidcall.com)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RoboForm 7-8-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-8-8-5 - Siber Systems)
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Rome Total War - patch 1.3 (HKLM-x32\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
RSDLite (HKLM-x32\...\{EAC93E1D-4807-43E2-B39A-8170B731B7D0}) (Version: 5.6 - Motorola)
Ruby 2.0.0-p481 (HKCU\...\{ABAA9781-845A-43CC-BABA-76CB580FE35D}_is1) (Version: 2.0.0-p481 - RubyInstaller Team)
Screenhero (HKLM-x32\...\{3F6FC6AB-D7CA-492D-903B-5346E3B081F9}) (Version: 0.14.4010 - Screenhero, Inc.)
SDK Debuggers (x32 Version: 8.100.26629 - Microsoft Corporation) Hidden
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2251481) (HKLM-x32\...\KB2251481.T369_128ToU865_128) (Version: 3 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2538218) (HKLM-x32\...\KB2538218.T369_128ToU866_128) (Version: 2 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2548826) (HKLM-x32\...\KB2548826.T369_128ToU869_128) (Version: 4 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB937061) (HKLM-x32\...\KB937061.T369_128ToU594_128) (Version: 1 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB973673) (HKLM-x32\...\KB973673.T369_128ToU841_128) (Version: 1 - Microsoft Corporation)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SharpDevelop 4.4 (HKLM-x32\...\{814E4191-A98A-4CDF-99AE-E6D6BACEA22F}) (Version: 4.4.9729 - ic#code)
SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 34440) (Version: - Firaxis)
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis)
Sid Meier's Civilization IV: Colonization (HKLM-x32\...\Steam App 16810) (Version: - Firaxis)
Sid Meier's Civilization IV: Warlords (HKLM-x32\...\Steam App 3990) (Version: - Firaxis)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SUT LR (HKLM\...\{BAE0C801-D7F7-4E63-A392-1179254DF665}) (Version: 1.8.2 - Mobile)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Ihr Firmenname)
SWAT 4 (x32 Version: 1.0.31763 - Ihr Firmenname) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.4.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
Tomb Raider: Anniversary (HKLM-x32\...\Steam App 8000) (Version: - Crystal Dynamics)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4FC38705-B045-4DAC-A0B0-C573D31B8CD5}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{0F5FFEB6-2F66-4592-8A34-CC85FF318951}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{D533D4E6-5056-487A-8F18-7FA51AF0E283}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB932234) (HKLM-x32\...\KB932234.T369_128ToU411_128) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (x32 Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26654 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26629 - Microsoft) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
XMedia Recode Version 3.1.1.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.1.0 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\$Recycle.Bin ()
==================== Restore Points =========================
28-08-2014 06:52:55 Windows Update
31-08-2014 14:17:41 Windows Update
01-09-2014 16:19:09 G Data AntiVirus wurde entfernt.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {039DE068-6530-4B48-8610-1ADB626D2607} - System32\Tasks\{2C649507-8A95-49EF-A9F3-32115937DD83} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {110F4785-95C2-4090-8587-EF0F3ADC4F31} - System32\Tasks\{2AC4D723-DA6B-4983-9715-BE25B8FF32F2} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {1877105C-36AE-4243-A892-509B2922C188} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MG-PC-MG MG-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {19F3EED6-E4C7-4986-A607-33FBAB3CD395} - System32\Tasks\Screenhero Daemon => C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe [2014-07-25] ()
Task: {200CDE17-CD76-4C50-A89F-5D54DDECCB90} - System32\Tasks\{3BD97449-048D-4A21-8669-327C8E72A384} => C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe
Task: {2384BBBA-9015-4DD4-BDCB-BFDFC8B35E64} - System32\Tasks\{77E07A5C-8BEA-4EC6-96D7-C32F1841A904} => C:\Program Files (x86)\ANNO 1602 Königs-Edition\1602.exe
Task: {2F809952-6CA9-4EDE-B59E-A4B55F100452} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {3511AE0D-761A-4CEE-BE4A-1E1655B6F9C6} - System32\Tasks\{CE0D3C70-FA05-47B7-B2E2-17F135F31F6E} => C:\Team17\Worms World Party\wwp.exe
Task: {379A6695-F1C1-4C7C-8CB7-D20B6041F87B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {4C6ECE85-297B-4848-8E5E-BA86CA4CCAF0} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {646BEAF5-709C-40D1-92FA-113943834CA9} - System32\Tasks\{90457D83-7631-44DB-8748-409B62A00A69} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {6C1838D6-0DE8-48B1-809F-DA1D413E4B49} - System32\Tasks\{101FF193-FF00-43B0-B062-0A4A70AB4725} => C:\Program Files (x86)\Microsoft Games\Midtown Madness 2\Midtown2.exe
Task: {72488996-254C-4F61-A020-BDF324E5307F} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {819D60CA-86AC-4FCC-8922-B0959E24B9F8} - \LaunchApp No Task File <==== ATTENTION
Task: {9D4573DF-2CEA-4557-92CD-EEE070063DF6} - System32\Tasks\{734BEA1A-61C1-41DD-A31B-C3C7E0A52544} => C:\Program Files\LucasArts\Turm von Babel\Jones3D.exe [1999-12-31] ()
Task: {AB41D66E-FDCC-4A3A-9DB7-7A730FDCFF81} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {AEF93253-FA83-436D-89A7-213C5D85297F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {D7C8400C-6173-4A69-A673-DEE1581071A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-15] (Adobe Systems Incorporated)
Task: {E0F427E3-C381-407F-97AA-1E1CDACB3E34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E2DCEB2C-BA02-4D2F-9AC5-741DF12A634D} - System32\Tasks\{1430BD43-67EE-4965-BFFF-25B7497F365C} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {E6FD0152-13D7-4B05-993F-992E5845498B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-06-29 19:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-25 19:01 - 2009-12-18 15:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-07-25 19:01 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-02-22 19:50 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2014-07-25 16:33 - 2014-07-25 16:33 - 00223744 _____ () C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-14 11:28 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2014-06-09 14:32 - 2014-04-11 14:40 - 00736450 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-08-01 01:57 - 2013-07-27 10:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll
2011-08-31 00:07 - 2011-03-26 15:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-25 19:01 - 2011-10-14 11:06 - 00818688 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2013-07-25 19:01 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2013-07-25 19:01 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-06-10 21:17 - 2014-05-20 22:19 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-07-25 19:01 - 2010-12-27 14:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2013-07-25 19:01 - 2011-10-24 13:59 - 03420160 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2013-07-25 19:01 - 2011-04-12 14:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2013-07-25 19:01 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-07-25 19:01 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-09-01 18:45 - 2014-09-01 18:45 - 00043008 _____ () c:\users\mg\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr4cdi1.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\MG\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\MG\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\MG\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\MG\AppData\Roaming:NT
AlternateDataStreams: C:\Users\MG\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\Software\Classes\.exe: exefile => <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NitroReaderDriverReadSpool2 => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: rpcnet => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^Users^MG^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk => C:\Windows\pss\runctf.lnk.Startup
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: MedionReminder => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\Protector Suite\launcher.exe" /startup
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
==================== Faulty Device Manager Devices =============
Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/01/2014 06:44:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/01/2014 06:44:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (09/01/2014 06:44:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/01/2014 06:43:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/01/2014 06:43:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/01/2014 06:43:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/01/2014 06:25:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (09/01/2014 06:25:43 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/01/2014 06:25:41 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/01/2014 06:25:15 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (09/01/2014 06:45:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (09/01/2014 06:44:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/01/2014 06:26:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "WinDefend" wurde mit folgendem Fehler beendet:
%%5
Error: (09/01/2014 06:25:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/01/2014 06:18:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2146869247
Error: (09/01/2014 06:18:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2146869247
Error: (09/01/2014 06:18:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2146869247
Error: (09/01/2014 06:18:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2146869247
Error: (09/01/2014 06:18:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2146869247
Error: (09/01/2014 06:18:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2146869247
Microsoft Office Sessions:
=========================
Error: (09/01/2014 06:44:37 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/01/2014 06:44:27 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.
Error: (09/01/2014 06:44:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/01/2014 06:43:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (09/01/2014 06:43:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (09/01/2014 06:43:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (09/01/2014 06:25:41 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.
Error: (09/01/2014 06:25:43 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/01/2014 06:25:41 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/01/2014 06:25:15 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
CodeIntegrity Errors:
===================================
Date: 2013-03-23 15:55:41.249
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:41.223
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:40.705
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:40.681
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:35.477
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:35.450
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:34.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:34.378
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 43%
Total physical RAM: 8103.05 MB
Available physical RAM: 4576.74 MB
Total Pagefile: 16204.29 MB
Available Pagefile: 12513.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:84.74 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:20.54 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Geändert von MGmotors (01.09.2014 um 21:52 Uhr) Grund: Link-Tag funktioniert nicht |
|
02.09.2014, 06:15
| #2 |
| Ruhe in Frieden † 2019     |  Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Schritt 1 Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Bitte von diesem Rechner keine Onlinegeschäfte mehr, kein Onlinebanking. Alle Passwörter von einem sauberen Rechner aus ändern! Schritt 1 Scan mit Combofix
__________________ |
|
02.09.2014, 13:00
| #3 |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hallo Sandra,
__________________vielen Dank, dass Du dich meinem Problem annimst.  Das mit der Combofix.exe ist ein bisschen verquer gelaufen, ich hoffe es hat dennoch funktioniert. Zunächst habe ich das Problem, dass ich Microsoft Security Essentials mit mir bekannten Mitteln weder abschalten noch deinstallieren kann. Zum Deinstallieren fehlen mir die Rechte (obwohl ich Admin bin) und zum Abschalten müsste ich MSE aufrufen. Das geht wegen der Gruppenrichtlinie nicht... Außerdem habe ich die Combofix.exe zwei mal ausgeführt, beim erstem Mal war ich nach 20 Minuten zu ungeduldig... :/ Die Combofix.txt vom zweiten Mal ausführen: Code:
ATTFilter ComboFix 14-08-31.01 - MG 02.09.2014 8:56.2.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8103.4699 [GMT 2:00]
ausgeführt von:: c:\users\MG\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
----- Datei Replikatoren -----
.
c:\program files (x86)\Git\bin\git.exe
c:\program files (x86)\Git\libexec\git-core\git-add.exe
c:\program files (x86)\Git\libexec\git-core\git-annotate.exe
c:\program files (x86)\Git\libexec\git-core\git-apply.exe
c:\program files (x86)\Git\libexec\git-core\git-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-bisect--helper.exe
c:\program files (x86)\Git\libexec\git-core\git-blame.exe
c:\program files (x86)\Git\libexec\git-core\git-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-bundle.exe
c:\program files (x86)\Git\libexec\git-core\git-cat-file.exe
c:\program files (x86)\Git\libexec\git-core\git-check-attr.exe
c:\program files (x86)\Git\libexec\git-core\git-check-ignore.exe
c:\program files (x86)\Git\libexec\git-core\git-check-mailmap.exe
c:\program files (x86)\Git\libexec\git-core\git-check-ref-format.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout-index.exe
c:\program files (x86)\Git\libexec\git-core\git-checkout.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry-pick.exe
c:\program files (x86)\Git\libexec\git-core\git-cherry.exe
c:\program files (x86)\Git\libexec\git-core\git-clean.exe
c:\program files (x86)\Git\libexec\git-core\git-clone.exe
c:\program files (x86)\Git\libexec\git-core\git-column.exe
c:\program files (x86)\Git\libexec\git-core\git-commit-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-commit.exe
c:\program files (x86)\Git\libexec\git-core\git-config.exe
c:\program files (x86)\Git\libexec\git-core\git-count-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-credential.exe
c:\program files (x86)\Git\libexec\git-core\git-describe.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-files.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-index.exe
c:\program files (x86)\Git\libexec\git-core\git-diff-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-diff.exe
c:\program files (x86)\Git\libexec\git-core\git-fast-export.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-fetch.exe
c:\program files (x86)\Git\libexec\git-core\git-fmt-merge-msg.exe
c:\program files (x86)\Git\libexec\git-core\git-for-each-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-format-patch.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-fsck.exe
c:\program files (x86)\Git\libexec\git-core\git-gc.exe
c:\program files (x86)\Git\libexec\git-core\git-get-tar-commit-id.exe
c:\program files (x86)\Git\libexec\git-core\git-grep.exe
c:\program files (x86)\Git\libexec\git-core\git-hash-object.exe
c:\program files (x86)\Git\libexec\git-core\git-help.exe
c:\program files (x86)\Git\libexec\git-core\git-index-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-init-db.exe
c:\program files (x86)\Git\libexec\git-core\git-init.exe
c:\program files (x86)\Git\libexec\git-core\git-log.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-files.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-ls-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-mailinfo.exe
c:\program files (x86)\Git\libexec\git-core\git-mailsplit.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-base.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-file.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-index.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-ours.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-recursive.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-subtree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-merge.exe
c:\program files (x86)\Git\libexec\git-core\git-mktag.exe
c:\program files (x86)\Git\libexec\git-core\git-mktree.exe
c:\program files (x86)\Git\libexec\git-core\git-mv.exe
c:\program files (x86)\Git\libexec\git-core\git-name-rev.exe
c:\program files (x86)\Git\libexec\git-core\git-notes.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-redundant.exe
c:\program files (x86)\Git\libexec\git-core\git-pack-refs.exe
c:\program files (x86)\Git\libexec\git-core\git-patch-id.exe
c:\program files (x86)\Git\libexec\git-core\git-prune-packed.exe
c:\program files (x86)\Git\libexec\git-core\git-prune.exe
c:\program files (x86)\Git\libexec\git-core\git-push.exe
c:\program files (x86)\Git\libexec\git-core\git-read-tree.exe
c:\program files (x86)\Git\libexec\git-core\git-receive-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-reflog.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-ext.exe
c:\program files (x86)\Git\libexec\git-core\git-remote-fd.exe
c:\program files (x86)\Git\libexec\git-core\git-remote.exe
c:\program files (x86)\Git\libexec\git-core\git-repack.exe
c:\program files (x86)\Git\libexec\git-core\git-replace.exe
c:\program files (x86)\Git\libexec\git-core\git-rerere.exe
c:\program files (x86)\Git\libexec\git-core\git-reset.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-list.exe
c:\program files (x86)\Git\libexec\git-core\git-rev-parse.exe
c:\program files (x86)\Git\libexec\git-core\git-revert.exe
c:\program files (x86)\Git\libexec\git-core\git-rm.exe
c:\program files (x86)\Git\libexec\git-core\git-send-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-shortlog.exe
c:\program files (x86)\Git\libexec\git-core\git-show-branch.exe
c:\program files (x86)\Git\libexec\git-core\git-show-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-show.exe
c:\program files (x86)\Git\libexec\git-core\git-stage.exe
c:\program files (x86)\Git\libexec\git-core\git-status.exe
c:\program files (x86)\Git\libexec\git-core\git-stripspace.exe
c:\program files (x86)\Git\libexec\git-core\git-symbolic-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-file.exe
c:\program files (x86)\Git\libexec\git-core\git-unpack-objects.exe
c:\program files (x86)\Git\libexec\git-core\git-update-index.exe
c:\program files (x86)\Git\libexec\git-core\git-update-ref.exe
c:\program files (x86)\Git\libexec\git-core\git-update-server-info.exe
c:\program files (x86)\Git\libexec\git-core\git-upload-archive.exe
c:\program files (x86)\Git\libexec\git-core\git-var.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-pack.exe
c:\program files (x86)\Git\libexec\git-core\git-verify-tag.exe
c:\program files (x86)\Git\libexec\git-core\git-whatchanged.exe
c:\program files (x86)\Git\libexec\git-core\git-write-tree.exe
c:\program files (x86)\Git\libexec\git-core\git.exe
c:\program files (x86)\Microsoft Visual Studio 8\Common7\IDE\vshost.exe
d:\projects\VB.NET\1und1Messdaten\1und1Messdaten\bin\Debug\1und1Messdaten.vshost.exe
d:\projects\VB.NET\3D 2.0\1Webcam_test\1Webcam_test\bin\Debug\1Webcam_test.vshost.exe
d:\projects\VB.NET\3D 2.0\Capture2\bin\Debug\Capture2.vshost.exe
d:\projects\VB.NET\3D 2.0\DirectShow\DirectShow_Test1\DirectShow_Test1\bin\Debug\DirectShow_Test1.vshost.exe
d:\projects\VB.NET\3D 2.0\DirectShow\Filter_test1\Filter_test1\bin\Debug\Filter_test1.vshost.exe
d:\projects\VB.NET\3D 2.0\Samples\Players\PlayVB\bin\PlayVB.vshost.exe
d:\projects\VB.NET\3DTerminal\3DScanningTerminal\bin\Debug\3DScanningTerminal.vshost.exe
d:\projects\VB.NET\Arbeitszeiterfassung\Arbeitszeitenerfassung_alpha01\bin\Debug\Arbeitszeitenerfassung_alpha01.vshost.exe
d:\projects\VB.NET\Augen_Tracking_test\Augen_Tracking_test\bin\Debug\Augen_Tracking_test.vshost.exe
d:\projects\VB.NET\BildAnalyse1\BildAnalyse1\bin\Debug\BildAnalyse1.vshost.exe
d:\projects\VB.NET\Blog\RTFtoHTML1\RTFtoHTML1\bin\Debug\RTFtoHTML1.vshost.exe
d:\projects\VB.NET\ByteAnzahl_test1\ByteAnzahl_test1\bin\Debug\ByteAnzahl_test1.vshost.exe
d:\projects\VB.NET\camtest\camtest\bin\Debug\camtest.vshost.exe
d:\projects\VB.NET\camtest\camtest\bin\Debug\WindowsApplication1.vshost.exe
d:\projects\VB.NET\Controller\Controller_test2\bin\Debug\Controller_test2.vshost.exe
d:\projects\VB.NET\Controller\Controller_Test3\bin\Debug\Controller_Test3.vshost.exe
d:\projects\VB.NET\ExportFrame\GetingFrame\bin\Debug\GetingFrame.vshost.exe
d:\projects\VB.NET\farbenDatErstellen\Farben\bin\Debug\Farben.vshost.exe
d:\projects\VB.NET\Farberkennung\Farberkennung\bin\Debug\Farberkennung.vshost.exe
d:\projects\VB.NET\Konverter\Konverter_test1\bin\Debug\Konverter_test1.vshost.exe
d:\projects\VB.NET\Mails\FindEvas\FindEvas\bin\Debug\FindEvas.vshost.exe
d:\projects\VB.NET\Mails\Mails_test1\Mails_test1\bin\Debug\Mails_test1.vshost.exe
d:\projects\VB.NET\Mails\Mails_test2\Mails_test2\bin\Debug\Mails_test2.vshost.exe
d:\projects\VB.NET\MouseLimiter1\MouseLimiter1\bin\Debug\MouseLimiter1.vshost.exe
d:\projects\VB.NET\Multithradding Test\Multithradding Test\bin\Debug\Multithradding Test.vshost.exe
d:\projects\VB.NET\Paid4Checked\Paid4Checked\bin\Debug\Paid4Checked.vshost.exe
d:\projects\VB.NET\PDFs\PDF2PlainText_1\PDF2PlainText_1\bin\Debug\PDF2PlainText_1.vshost.exe
d:\projects\VB.NET\PDFs\PdfReader_test\PdfReader_test\bin\Debug\PdfReader_test.vshost.exe
d:\projects\VB.NET\PfeilTest\DrawPfeilTest\DrawPfeilTest\bin\Debug\DrawPfeilTest.vshost.exe
d:\projects\VB.NET\PfeilTest\Gdi+Thrats\Gdi+Thrats\bin\Debug\Gdi+Thrats.vshost.exe
d:\projects\VB.NET\PfeilTest\PfeilTest\bin\Debug\PfeilTest.vshost.exe
d:\projects\VB.NET\PfeilTest\PfeilTest2\PfeilTest2\bin\Debug\PfeilTest2.vshost.exe
d:\projects\VB.NET\PfeilTest\PfeilTest3\PfeilTest3\bin\Debug\PfeilTest3.vshost.exe
d:\projects\VB.NET\Picture Viever\Capture2\bin\Debug\Capture2.vshost.exe
d:\projects\VB.NET\Picture Viever\GDI_Test\GDI_Test\bin\Debug\GDI_Test.vshost.exe
d:\projects\VB.NET\Rechnungen\Rechnungen_Swb_alpha1\bin\Debug\Rechnungen_Swb_alpha1.vshost.exe
d:\projects\VB.NET\RemoteDesktop\Rdp_Presentation\Rdp_Presentation\bin\Debug\Rdp_Presentation.vshost.exe
d:\projects\VB.NET\RemoteDesktop\Rdp_Presentation_UDP\Rdp_Presentation_UDP\bin\Debug\Rdp_Presentation_UDP.vshost.exe
d:\projects\VB.NET\RemoteDesktop\RDP_Test_Class_Dateien\RDP_Test_Class_Dateien\bin\Debug\RDP_Test_Class_Dateien.vshost.exe
d:\projects\VB.NET\RemoteDesktop\RdpEncom_dll_Client_test\RdpEncom_dll_Client_test\bin\Debug\RdpEncom_dll_Client_test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\RdpEncom_dll_Server_test\RdpEncom_dll_Server_test\bin\Debug\RdpEncom_dll_Server_test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\TcpIp_ServerClient_test\TcpIp_ServerClient_test\bin\Debug\TcpIp_ServerClient_test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\test\test\bin\Debug\test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\Trad_Class_Test\Trad_Class_Test\bin\Debug\Trad_Class_Test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\UDP_Reciever_Test\UDP_Reciever_Test\bin\Debug\UDP_Reciever_Test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\UDP_Sender_Test\UDP_Sender_Test\bin\Debug\UDP_Sender_Test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\UDPUDP_Tester\UDPUDP_Tester\bin\Debug\UDPUDP_Tester.vshost.exe
d:\projects\VB.NET\RemoteDesktop\VNC_App_Client_Test\VNC_App_Client_Test\bin\Debug\VNC_App_Client_Test.vshost.exe
d:\projects\VB.NET\RemoteDesktop\VNC_App_Server_Test\VNC_App_Server_Test\bin\Debug\VNC_App_Server_Test.vshost.exe
d:\projects\VB.NET\Sicherung\Sicherung_test1\bin\Debug\Sicherung_test1.vshost.exe
d:\projects\VB.NET\TcpSniffer\HSSniffer\SeniorProject\SnifferUI\bin\Debug\SnifferUI.vshost.exe
d:\projects\VB.NET\TcpSniffer\MJSniffer\MJSniff\bin\Debug\MJSniff.vshost.exe
d:\projects\VB.NET\TcpSniffer\PackMon\Sniffer.NET\bin\Sniffer.NET.vshost.exe
d:\projects\VB.NET\UT2004ModInsaller\UT2004Mods\bin\Debug\UT2004Mods.vshost.exe
d:\projects\VB.NET\warten_test\warten_test\bin\Debug\warten_test.vshost.exe
d:\projects\VB.NET\Wetten\Wetten_0.1\Wetten_0.1\bin\Debug\Wetten_0.1.vshost.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-08-02 bis 2014-09-02 ))))))))))))))))))))))))))))))
.
.
2014-09-02 07:05 . 2014-09-02 07:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-02 07:05 . 2014-09-02 07:05 -------- d-----w- c:\users\Arbeit\AppData\Local\temp
2014-09-02 05:51 . 2014-09-02 05:51 -------- d-----r- c:\users\Public
2014-09-01 16:50 . 2014-09-01 16:55 -------- d-----w- C:\FRST
2014-09-01 16:47 . 2014-09-02 05:34 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{150EE588-730C-40F6-833C-9F3CB8615815}\offreg.dll
2014-09-01 16:40 . 2014-09-01 16:40 1169712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{256B83A4-01ED-4414-AD69-05847C54AF49}\gapaengine.dll
2014-09-01 16:40 . 2014-08-20 18:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{150EE588-730C-40F6-833C-9F3CB8615815}\mpengine.dll
2014-09-01 16:31 . 2014-03-11 13:48 186688 ----a-w- c:\program files\Windows Defender\de-DE\EppManifest.dll
2014-09-01 16:31 . 2014-03-11 10:34 8864 ----a-w- c:\program files\Windows Defender\de-DE\setupres.dll
2014-09-01 16:31 . 2014-03-11 10:34 1038848 ----a-w- c:\program files\Windows Defender\de-DE\amd64\setup.exe
2014-09-01 16:31 . 2013-08-20 16:26 241984 ----a-w- c:\program files\Windows Defender\de-DE\amd64\sqmapi.dll
2014-09-01 16:31 . 2014-09-01 16:31 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-09-01 16:25 . 2014-09-02 05:32 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\LogMeIn Hamachi
2014-09-01 16:24 . 2014-09-01 16:24 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\CrashDumps
2014-09-01 16:23 . 2014-09-01 16:23 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Intel
2014-08-28 06:14 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:14 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 06:14 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-24 20:09 . 2014-08-31 20:02 -------- d-----w- c:\users\MG\AppData\Roaming\Bioshock2Steam
2014-08-21 13:48 . 2014-08-21 13:48 -------- d-----w- c:\users\Arbeit\AppData\Local\Skype
2014-08-21 13:48 . 2014-08-21 13:56 -------- d-----w- c:\users\Arbeit\AppData\Roaming\Skype
2014-08-20 07:36 . 2014-09-02 05:31 69792 ----a-w- c:\windows\SysWow64\rpcnet.dll
2014-08-20 07:36 . 2014-08-20 07:35 69792 ------w- c:\windows\SysWow64\rpcnet.exe
2014-08-17 17:26 . 2014-08-17 17:45 -------- d-----w- C:\xampp
2014-08-14 06:08 . 2014-09-02 05:31 17408 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2014-08-14 06:03 . 2014-09-02 05:30 17408 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2014-08-13 20:12 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 20:12 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 20:12 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 20:12 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 20:12 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 20:12 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 20:12 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 20:12 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 18:19 . 2014-08-13 18:19 -------- d-----w- c:\users\MG\AppData\Roaming\NetBeans
2014-08-13 18:19 . 2014-08-13 18:19 -------- d-----w- c:\users\MG\AppData\Local\NetBeans
2014-08-13 17:51 . 2014-08-20 15:27 -------- d-----w- c:\program files\NetBeans 8.0
2014-08-13 17:51 . 2014-08-13 18:00 -------- d-----w- c:\users\MG\.nbi
2014-08-13 08:37 . 2014-08-19 18:47 43008 ----a-w- c:\windows\SysWow64\agremove.exe
2014-08-13 06:58 . 2014-07-31 23:16 812224 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2014-08-13 06:56 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-13 06:56 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-13 06:56 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-13 06:56 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 06:41 . 2014-08-12 06:41 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-12 06:41 . 2014-08-12 06:41 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-09 16:17 . 2014-08-09 16:17 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-08-09 16:16 . 2014-08-09 16:16 -------- d-----w- c:\program files (x86)\GameSpy
2014-08-09 16:13 . 2014-08-09 16:13 -------- d-----w- c:\windows\SysWow64\URTTEMP
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-08-04 15:16 . 2014-06-06 04:38 822384 ----a-w- c:\program files (x86)\Mozilla Firefox\icuuc52.dll
2014-08-04 15:16 . 2014-06-06 04:38 1022576 ----a-w- c:\program files (x86)\Mozilla Firefox\icuin52.dll
2014-08-04 15:16 . 2014-06-06 04:38 10594416 ----a-w- c:\program files (x86)\Mozilla Firefox\icudt52.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-02 05:33 . 2012-06-10 22:05 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2014-09-01 16:18 . 2012-06-10 14:24 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2014-08-13 20:27 . 2011-07-18 20:31 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-30 14:00 . 2013-11-10 15:15 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-30 14:00 . 2013-11-06 18:55 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-22 22:13 . 2014-07-22 22:13 15129 ----a-w- C:\593F.tmp
2014-07-22 22:13 . 2014-07-22 22:13 15129 ----a-w- C:\4705.tmp
2014-07-22 22:12 . 2014-07-22 22:12 15129 ----a-w- C:\FFC8.tmp
2014-07-22 22:12 . 2014-07-22 22:12 15129 ----a-w- C:\A597.tmp
2014-07-22 22:11 . 2014-07-22 22:11 15129 ----a-w- C:\2FFA.tmp
2014-07-22 22:10 . 2014-07-22 22:10 15129 ----a-w- C:\24D2.tmp
2014-07-22 21:53 . 2014-07-22 21:53 15129 ----a-w- C:\B887.tmp
2014-07-15 13:02 . 2012-06-11 18:39 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-15 13:02 . 2011-08-10 19:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-15 13:02 . 2014-07-15 13:02 11204096 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-14 14:22 . 2014-07-14 14:22 42576 ----a-w- c:\windows\system32\drivers\dsnpfd.sys
2014-07-01 00:13 . 2012-12-02 15:57 127680 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-06-18 02:18 . 2014-07-10 04:30 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 04:30 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-10 04:30 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 04:30 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 04:28 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 04:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 04:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:41 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:41 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:41 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0001IDriveSyncExt4]
@="{A30768B3-9C38-4810-AAC3-422B73A0B25C}"
[HKEY_CLASSES_ROOT\CLSID\{A30768B3-9C38-4810-AAC3-422B73A0B25C}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt2]
@="{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}"
[HKEY_CLASSES_ROOT\CLSID\{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt3]
@="{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}"
[HKEY_CLASSES_ROOT\CLSID\{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt4]
@="{906E4756-73EC-4A58-A3B1-461B759D8F7B}"
[HKEY_CLASSES_ROOT\CLSID\{906E4756-73EC-4A58-A3B1-461B759D8F7B}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt5]
@="{5DF1669E-DBBC-4C36-918E-8E470774D7AF}"
[HKEY_CLASSES_ROOT\CLSID\{5DF1669E-DBBC-4C36-918E-8E470774D7AF}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-05-05 109784]
"Spotify Web Helper"="c:\users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-08-01 1178168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-06-10 162856]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
c:\users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-30 36414496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R1 btkvylik;btkvylik;c:\windows\system32\drivers\btkvylik.sys;c:\windows\SYSNATIVE\drivers\btkvylik.sys [x]
R1 cjwmvfwz;cjwmvfwz;c:\windows\system32\drivers\cjwmvfwz.sys;c:\windows\SYSNATIVE\drivers\cjwmvfwz.sys [x]
R1 eaxbjpzu;eaxbjpzu;c:\windows\system32\drivers\eaxbjpzu.sys;c:\windows\SYSNATIVE\drivers\eaxbjpzu.sys [x]
R1 fcngndoe;fcngndoe;c:\windows\system32\drivers\fcngndoe.sys;c:\windows\SYSNATIVE\drivers\fcngndoe.sys [x]
R1 vvrmnlww;vvrmnlww;c:\windows\system32\drivers\vvrmnlww.sys;c:\windows\SYSNATIVE\drivers\vvrmnlww.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ntop;ntop for Win32;c:\program files (x86)\ntop-Win32\ntop.exe;c:\program files (x86)\ntop-Win32\ntop.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]
R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys;c:\windows\SYSNATIVE\DRIVERS\motport.sys [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem;c:\windows\SYSNATIVE\xsherlock.xem [x]
R4 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
R4 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [x]
R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R4 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 12:16 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 13:02]
.
2014-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 20:49]
.
2014-09-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 20:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0001IDriveSyncExt4]
@="{A30768B3-9C38-4810-AAC3-422B73A0B25C}"
[HKEY_CLASSES_ROOT\CLSID\{A30768B3-9C38-4810-AAC3-422B73A0B25C}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt2]
@="{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}"
[HKEY_CLASSES_ROOT\CLSID\{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt3]
@="{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}"
[HKEY_CLASSES_ROOT\CLSID\{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt4]
@="{906E4756-73EC-4A58-A3B1-461B759D8F7B}"
[HKEY_CLASSES_ROOT\CLSID\{906E4756-73EC-4A58-A3B1-461B759D8F7B}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt5]
@="{5DF1669E-DBBC-4C36-918E-8E470774D7AF}"
[HKEY_CLASSES_ROOT\CLSID\{5DF1669E-DBBC-4C36-918E-8E470774D7AF}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2010-12-10 09:59 5267792 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2010-12-10 09:59 5267792 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-04-19 11817576]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-04-18 2209896]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;192.168.*.*
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\MG\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: RF - Formular ausfüllen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RF - Formular speichern - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: RF - Menü anpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF - RoboForm-Leiste ein/aus - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\7hg2naga.default-1397421639698\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe AIR - c:\program files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Juniper_Setup_Client Activex Control - c:\windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe
AddRemove-{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{4B93560B-F33D-4A67-A224-F5E1C329BD22} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{F733F4B8-3EE4-46CB-A9DF-E243AC6A16A0} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-UnityWebPlayer - c:\users\MG\AppData\Local\Unity\WebPlayer\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-02 11:16:32
ComboFix-quarantined-files.txt 2014-09-02 09:16
.
Vor Suchlauf: 13 Verzeichnis(se), 109.086.568.448 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 118.001.373.184 Bytes frei
.
- - End Of File - - E5278029916B3C24F25E625B59890658
34F69C8DDE583A7EA224E5EA68DF00F5
Geändert von MGmotors (02.09.2014 um 13:02 Uhr) Grund: Rechtschreibung ist schwer... |
|
02.09.2014, 22:30
| #4 | |
| Ruhe in Frieden † 2019 | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hallo, Zitat:
Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Combofix hat doch so einiges gelöscht, das müssen wir wieder herstellen Schritt 2 Combofix-Skript
Bitte dann nochmal eine Kontrolle mit FRST Schritt 3 Starte noch einmal FRST.
|
|
03.09.2014, 12:54
| #5 |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2014 02
Ran by MG at 2014-09-03 08:45:58 Run:1
Running from C:\Users\MG\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Program Files (x86)\Common Files\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files (x86)\G DATA <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\G DATA <====== ATTENTION
*****************
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
==== End of Fixlog ====
Code:
ATTFilter ComboFix 14-08-31.01 - MG 03.09.2014 8:51.3.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8103.5910 [GMT 2:00]
ausgeführt von:: c:\users\MG\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\MG\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-08-03 bis 2014-09-03 ))))))))))))))))))))))))))))))
.
.
2014-09-03 07:00 . 2014-09-03 07:00 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-09-03 07:00 . 2014-09-03 07:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-09-03 07:00 . 2014-09-03 07:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-03 07:00 . 2014-09-03 07:00 -------- d-----w- c:\users\Arbeit\AppData\Local\temp
2014-09-02 05:51 . 2014-09-02 09:16 -------- d-----r- c:\users\Public
2014-09-01 16:50 . 2014-09-03 06:45 -------- d-----w- C:\FRST
2014-09-01 16:40 . 2014-09-01 16:40 1169712 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{256B83A4-01ED-4414-AD69-05847C54AF49}\gapaengine.dll
2014-09-01 16:40 . 2014-08-20 18:43 11319192 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{150EE588-730C-40F6-833C-9F3CB8615815}\mpengine.dll
2014-09-01 16:31 . 2014-09-01 16:31 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2014-09-01 16:25 . 2014-09-03 06:18 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\LogMeIn Hamachi
2014-09-01 16:24 . 2014-09-01 16:24 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\CrashDumps
2014-09-01 16:23 . 2014-09-01 16:23 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Intel
2014-08-28 06:14 . 2014-08-23 02:07 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-28 06:14 . 2014-08-23 01:45 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-28 06:14 . 2014-08-23 00:59 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-24 20:09 . 2014-08-31 20:02 -------- d-----w- c:\users\MG\AppData\Roaming\Bioshock2Steam
2014-08-21 13:48 . 2014-08-21 13:48 -------- d-----w- c:\users\Arbeit\AppData\Local\Skype
2014-08-21 13:48 . 2014-08-21 13:56 -------- d-----w- c:\users\Arbeit\AppData\Roaming\Skype
2014-08-20 07:36 . 2014-09-03 05:59 69792 ----a-w- c:\windows\SysWow64\rpcnet.dll
2014-08-20 07:36 . 2014-08-20 07:35 69792 ------w- c:\windows\SysWow64\rpcnet.exe
2014-08-17 17:26 . 2014-08-17 17:45 -------- d-----w- C:\xampp
2014-08-14 06:08 . 2014-09-03 05:59 17408 ----a-w- c:\windows\SysWow64\rpcnetp.dll
2014-08-14 06:03 . 2014-09-03 05:58 17408 ----a-w- c:\windows\SysWow64\rpcnetp.exe
2014-08-13 20:12 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 20:12 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 20:12 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 20:12 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 20:12 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 20:12 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 20:12 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 20:12 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 18:19 . 2014-08-13 18:19 -------- d-----w- c:\users\MG\AppData\Roaming\NetBeans
2014-08-13 18:19 . 2014-08-13 18:19 -------- d-----w- c:\users\MG\AppData\Local\NetBeans
2014-08-13 17:51 . 2014-08-20 15:27 -------- d-----w- c:\program files\NetBeans 8.0
2014-08-13 17:51 . 2014-08-13 18:00 -------- d-----w- c:\users\MG\.nbi
2014-08-13 08:37 . 2014-08-19 18:47 43008 ----a-w- c:\windows\SysWow64\agremove.exe
2014-08-13 06:58 . 2014-07-31 23:16 812224 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2014-08-13 06:56 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-13 06:56 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-13 06:56 . 2014-08-07 02:06 529920 ----a-w- c:\windows\system32\aepdu.dll
2014-08-13 06:56 . 2014-08-07 02:01 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-08-12 06:41 . 2014-08-12 06:41 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-12 06:41 . 2014-08-12 06:41 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-09 16:17 . 2014-08-09 16:17 178800 ----a-w- c:\windows\SysWow64\CmdLineExt_x64.dll
2014-08-09 16:16 . 2014-08-09 16:16 -------- d-----w- c:\program files (x86)\GameSpy
2014-08-09 16:13 . 2014-08-09 16:13 -------- d-----w- c:\windows\SysWow64\URTTEMP
2014-08-05 17:20 . 2014-08-05 17:20 227728 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-08-04 15:16 . 2014-06-06 04:38 822384 ----a-w- c:\program files (x86)\Mozilla Firefox\icuuc52.dll
2014-08-04 15:16 . 2014-06-06 04:38 1022576 ----a-w- c:\program files (x86)\Mozilla Firefox\icuin52.dll
2014-08-04 15:16 . 2014-06-06 04:38 10594416 ----a-w- c:\program files (x86)\Mozilla Firefox\icudt52.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-03 06:00 . 2012-06-10 22:05 17408 ----a-w- c:\windows\system32\rpcnetp.exe
2014-09-01 16:18 . 2012-06-10 14:24 106224 ----a-w- c:\windows\SysWow64\drivers\GRD.sys
2014-08-13 20:27 . 2011-07-18 20:31 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-30 14:00 . 2013-11-10 15:15 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-07-30 14:00 . 2013-11-06 18:55 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-07-22 22:13 . 2014-07-22 22:13 15129 ----a-w- C:\593F.tmp
2014-07-22 22:13 . 2014-07-22 22:13 15129 ----a-w- C:\4705.tmp
2014-07-22 22:12 . 2014-07-22 22:12 15129 ----a-w- C:\FFC8.tmp
2014-07-22 22:12 . 2014-07-22 22:12 15129 ----a-w- C:\A597.tmp
2014-07-22 22:11 . 2014-07-22 22:11 15129 ----a-w- C:\2FFA.tmp
2014-07-22 22:10 . 2014-07-22 22:10 15129 ----a-w- C:\24D2.tmp
2014-07-22 21:53 . 2014-07-22 21:53 15129 ----a-w- C:\B887.tmp
2014-07-15 13:02 . 2012-06-11 18:39 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-15 13:02 . 2011-08-10 19:09 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-15 13:02 . 2014-07-15 13:02 11204096 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-07-14 14:22 . 2014-07-14 14:22 42576 ----a-w- c:\windows\system32\drivers\dsnpfd.sys
2014-07-01 00:13 . 2012-12-02 15:57 127680 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-06-18 02:18 . 2014-07-10 04:30 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-10 04:30 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-10 04:30 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-10 04:30 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-10 04:28 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-10 04:28 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-10 04:28 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:41 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:41 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:41 1730256 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0001IDriveSyncExt4]
@="{A30768B3-9C38-4810-AAC3-422B73A0B25C}"
[HKEY_CLASSES_ROOT\CLSID\{A30768B3-9C38-4810-AAC3-422B73A0B25C}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt2]
@="{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}"
[HKEY_CLASSES_ROOT\CLSID\{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt3]
@="{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}"
[HKEY_CLASSES_ROOT\CLSID\{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt4]
@="{906E4756-73EC-4A58-A3B1-461B759D8F7B}"
[HKEY_CLASSES_ROOT\CLSID\{906E4756-73EC-4A58-A3B1-461B759D8F7B}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt5]
@="{5DF1669E-DBBC-4C36-918E-8E470774D7AF}"
[HKEY_CLASSES_ROOT\CLSID\{5DF1669E-DBBC-4C36-918E-8E470774D7AF}]
2014-01-16 10:12 1102904 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2013-05-05 109784]
"Spotify Web Helper"="c:\users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-09-02 1245752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2013-03-14 373760]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-06-10 162856]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
c:\users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-7-30 36414496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\progra~2\NVIDIA~1\NVSTRE~1\rxinput.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\Protector Suite\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"AntiVirusOverride"=dword:00000001
"FirewallDisableNotify"=dword:00000001
"FirewallOverride"=dword:00000001
"UpdatesDisableNotify"=dword:00000001
.
R1 btkvylik;btkvylik;c:\windows\system32\drivers\btkvylik.sys;c:\windows\SYSNATIVE\drivers\btkvylik.sys [x]
R1 cjwmvfwz;cjwmvfwz;c:\windows\system32\drivers\cjwmvfwz.sys;c:\windows\SYSNATIVE\drivers\cjwmvfwz.sys [x]
R1 eaxbjpzu;eaxbjpzu;c:\windows\system32\drivers\eaxbjpzu.sys;c:\windows\SYSNATIVE\drivers\eaxbjpzu.sys [x]
R1 fcngndoe;fcngndoe;c:\windows\system32\drivers\fcngndoe.sys;c:\windows\SYSNATIVE\drivers\fcngndoe.sys [x]
R1 vvrmnlww;vvrmnlww;c:\windows\system32\drivers\vvrmnlww.sys;c:\windows\SYSNATIVE\drivers\vvrmnlww.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 ntop;ntop for Win32;c:\program files (x86)\ntop-Win32\ntop.exe;c:\program files (x86)\ntop-Win32\ntop.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 fspad_wlh64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_wlh64;c:\windows\system32\drivers\fspad_wlh64.sys;c:\windows\SYSNATIVE\drivers\fspad_wlh64.sys [x]
R3 fspad_xp64;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_xp64;c:\windows\system32\drivers\fspad_xp64.sys;c:\windows\SYSNATIVE\drivers\fspad_xp64.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys;c:\windows\SYSNATIVE\DRIVERS\motodrv.sys [x]
R3 motport;Motorola USB Diagnostic Port;c:\windows\system32\DRIVERS\motport.sys;c:\windows\SYSNATIVE\DRIVERS\motport.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys;c:\windows\SYSNATIVE\pwdrvio.sys [x]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys;c:\windows\SYSNATIVE\pwdspio.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 xsherlock;xsherlock;c:\windows\system32\xsherlock.xem;c:\windows\SYSNATIVE\xsherlock.xem [x]
R4 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
R4 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
R4 msvsmon80;Visual Studio 2005 Remote Debugger;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe;c:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [x]
R4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R4 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R4 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Webcam C510(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-14 12:16 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-11 13:02]
.
2014-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 20:49]
.
2014-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07 20:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-07-27 09:45 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-07-27 09:45 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-07-27 09:45 2335960 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\0001IDriveSyncExt4]
@="{A30768B3-9C38-4810-AAC3-422B73A0B25C}"
[HKEY_CLASSES_ROOT\CLSID\{A30768B3-9C38-4810-AAC3-422B73A0B25C}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt2]
@="{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}"
[HKEY_CLASSES_ROOT\CLSID\{AE0642D6-F6D4-4443-9654-FE7252EDBC0C}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt3]
@="{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}"
[HKEY_CLASSES_ROOT\CLSID\{B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt4]
@="{906E4756-73EC-4A58-A3B1-461B759D8F7B}"
[HKEY_CLASSES_ROOT\CLSID\{906E4756-73EC-4A58-A3B1-461B759D8F7B}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\001IDriveSyncExt5]
@="{5DF1669E-DBBC-4C36-918E-8E470774D7AF}"
[HKEY_CLASSES_ROOT\CLSID\{5DF1669E-DBBC-4C36-918E-8E470774D7AF}]
2014-01-16 10:12 1197624 ----a-w- c:\programdata\Application Data\IDriveSync\IDSyncIcon64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2010-12-10 09:59 5267792 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2010-12-10 09:59 5267792 ----a-w- c:\program files\Protector Suite\farchns.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-04-19 11817576]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-04-18 2209896]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-07-27 1028896]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-29 171992]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-29 399832]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-29 442328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\progra~1\NVIDIA~1\NVSTRE~1\rxinput.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;192.168.*.*
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\MG\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: RF - Formular ausfüllen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: RF - Formular speichern - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: RF - Menü anpassen - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: RF - RoboForm-Leiste ein/aus - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\7hg2naga.default-1397421639698\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Adobe AIR - c:\program files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-Juniper_Setup_Client Activex Control - c:\windows\Downloaded Program Files\JuniperSetupClientCtrlUninstaller.exe
AddRemove-{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{4B93560B-F33D-4A67-A224-F5E1C329BD22} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{97099817-53F1-4CA1-ACEA-DA6D74371689} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{3B0FF7FF-0E85-4907-A511-3F8C27349FA4} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{996096F8-956B-41C9-A7E3-9BA1E801014F} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{D505EC85-885F-4BE3-8A89-3EFE4F855692} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{F733F4B8-3EE4-46CB-A9DF-E243AC6A16A0} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
AddRemove-{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{6B42CFAF-AA3D-478E-9B2F-A03225709EE3} - c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\xsherlock]
"ImagePath"="c:\windows\system32\xsherlock.xem"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-09-03 09:02:59
ComboFix-quarantined-files.txt 2014-09-03 07:02
.
Vor Suchlauf: 17 Verzeichnis(se), 117.838.327.808 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 117.370.617.856 Bytes frei
.
- - End Of File - - 53A6E11771B31FDD41885A3C25E079F9
34F69C8DDE583A7EA224E5EA68DF00F5
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by MG (administrator) on MG-PC on 03-09-2014 13:48:14
Running from C:\Users\MG\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
() C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11817576 2011-04-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2209896 2011-04-18] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-05-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-06-10] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-05-05] (Siber Systems)
HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\...\Run: [Spotify Web Helper] => C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-02] (Spotify Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 0001IDriveSyncExt4 -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt2 -> {AE0642D6-F6D4-4443-9654-FE7252EDBC0C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt3 -> {B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt4 -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt5 -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: UEAFOverlay -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers: UEAFOverlayOpen -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers-x32: 0001IDriveSyncExt4 -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt2 -> {AE0642D6-F6D4-4443-9654-FE7252EDBC0C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt3 -> {B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt4 -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt5 -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\7hg2naga.default-1397421639698
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\MG\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MG\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=204C4C809319505F&affID=119557&tsp=4950
CHR StartupUrls: Profile 1 -> "https://facebook.com/", "hxxp://youtube.de/"
CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Click to activate/deactivate ProxTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-12-29]
CHR Extension: (Google Drive) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29]
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\benlfgghkipjaikggdpgbilmbajgaian [2013-06-09]
CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29]
CHR Extension: (Google-Suche) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29]
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje [2013-02-25]
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgffgocalgagnbaledkcmmbffkjfilil [2013-06-09]
CHR Extension: (Google Mail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29]
CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2013-05-05]
CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Duolingo) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-03-25]
CHR Extension: (Google Drive) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-30]
CHR Extension: (WOT) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-08-17]
CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-30]
CHR Extension: (GeoGebra) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2013-03-01]
CHR Extension: (Google-Suche) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-30]
CHR Extension: (GFACE Experience Plugin) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2013-02-14]
CHR Extension: (Sea Quail Database Diagram Tool) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elkpialiknkiaebieojbgnhindepnlkg [2013-12-14]
CHR Extension: (Page Ruler) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2014-08-13]
CHR Extension: (Grid Ruler) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\joadogiaiabhmggdifljlpkclnpfncmj [2014-08-13]
CHR Extension: (ShiftEdit) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-06-15]
CHR Extension: (Codeanywhere) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-04-18]
CHR Extension: (Google Wallet) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Google Mail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-30]
CHR Extension: (SteamHelper) - D:\Projects\chrome\SteamHelper [2014-01-30]
CHR Extension: (__MSG_extName__) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extentions_own\ytUnblocker0.5.6_0 [2014-05-29]
CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2013-05-05]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\MG\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-12-09] (Microsoft Corporation)
S4 msvsmon90; c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-20] ()
S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
R2 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [143360 2012-07-26] (Sony DADC Austria AG.) [File not signed]
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-11-23] (Wellbia.com Co., Ltd.) [File not signed]
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 ntop; C:\Program Files (x86)\ntop-Win32\ntop.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-03-23] ()
S3 fspad_wlh64; C:\Windows\system32\drivers\fspad_wlh64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed]
S3 fspad_xp64; C:\Windows\system32\drivers\fspad_xp64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-03-23] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-20] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S1 btkvylik; \??\C:\Windows\system32\drivers\btkvylik.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 cjwmvfwz; \??\C:\Windows\system32\drivers\cjwmvfwz.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S1 eaxbjpzu; \??\C:\Windows\system32\drivers\eaxbjpzu.sys [X]
S1 fcngndoe; \??\C:\Windows\system32\drivers\fcngndoe.sys [X]
S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X]
S1 vvrmnlww; \??\C:\Windows\system32\drivers\vvrmnlww.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 13:48 - 2014-09-03 13:48 - 00031549 _____ () C:\Users\MG\Desktop\FRST.txt
2014-09-03 09:03 - 2014-09-03 09:03 - 00044305 _____ () C:\Users\MG\Desktop\ComboFix.txt
2014-09-03 08:51 - 2014-09-03 13:17 - 00427241 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 3.csv
2014-09-03 08:47 - 2014-09-03 08:47 - 05576326 ____R (Swearware) C:\Users\MG\Desktop\ComboFix.exe
2014-09-03 08:46 - 2014-09-03 08:47 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix (1).exe
2014-09-02 08:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-02 08:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-02 08:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 08:01 - 2014-09-02 22:03 - 00937395 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 2.csv
2014-09-02 07:51 - 2014-09-03 09:03 - 00000000 ____D () C:\Qoobox
2014-09-02 07:50 - 2014-09-02 11:14 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 07:49 - 2014-09-02 07:50 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix.exe
2014-09-01 22:50 - 2014-09-01 22:50 - 00008065 _____ () C:\Users\MG\Desktop\gmer.zip
2014-09-01 20:36 - 2014-09-01 22:10 - 00149519 _____ () C:\Users\MG\Desktop\gmer.log
2014-09-01 20:13 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Desktop\knuuuftl.exe
2014-09-01 18:50 - 2014-09-03 13:48 - 00000000 ____D () C:\FRST
2014-09-01 18:49 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Downloads\knuuuftl.exe
2014-09-01 18:49 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Desktop\FRST64.exe
2014-09-01 18:48 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe
2014-09-01 18:42 - 2014-09-01 18:42 - 00000576 _____ () C:\Users\MG\Desktop\defogger_disable.log
2014-09-01 18:42 - 2014-09-01 18:42 - 00000020 _____ () C:\Users\MG\defogger_reenable
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Downloads\Defogger.exe
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Desktop\Defogger.exe
2014-09-01 18:31 - 2014-09-01 18:31 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\NisDrv
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\mpfilter
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\amd64
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-01 18:31 - 2014-03-11 15:48 - 00186688 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll
2014-09-01 18:31 - 2014-03-11 12:34 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll
2014-09-01 18:10 - 2014-09-01 18:11 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall.exe
2014-09-01 08:47 - 2014-09-01 21:47 - 00706658 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 1.csv
2014-08-31 17:04 - 2014-08-31 21:21 - 00073062 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_31.csv
2014-08-30 12:56 - 2014-08-30 13:28 - 00035673 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_30.csv
2014-08-29 14:36 - 2014-08-29 14:37 - 00032918 _____ () C:\Users\MG\Downloads\auswanderung-ksp.-scharrel.csv
2014-08-29 09:13 - 2014-08-29 18:45 - 00169764 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_29.csv
2014-08-28 08:28 - 2014-08-28 20:14 - 00036386 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_28.csv
2014-08-28 08:14 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:14 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 08:14 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:26 - 2014-08-27 22:20 - 00308025 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_27.csv
2014-08-26 17:22 - 2014-08-26 17:23 - 00681663 _____ () C:\Users\MG\Downloads\desksoft.bwmeter.v6.5.2-patch- team irec.zip
2014-08-26 09:47 - 2014-08-26 21:20 - 00501251 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_26.csv
2014-08-25 08:17 - 2014-08-25 21:43 - 00173689 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_25.csv
2014-08-24 22:09 - 2014-08-31 22:02 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Bioshock2Steam
2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\Documents\Bioshock2
2014-08-24 11:11 - 2014-08-24 22:28 - 00085755 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_24.csv
2014-08-23 22:14 - 2014-08-23 22:14 - 00016415 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_23.csv
2014-08-22 13:17 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-22 13:17 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-22 13:17 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-22 13:17 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-22 13:17 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-22 13:17 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-22 13:17 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-22 13:17 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-22 13:17 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 09:40 - 2014-08-22 14:57 - 00116817 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_22.csv
2014-08-21 15:48 - 2014-08-21 15:56 - 00000000 ____D () C:\Users\Arbeit\AppData\Roaming\Skype
2014-08-21 15:48 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\Skype
2014-08-21 09:24 - 2014-08-21 22:37 - 00122797 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_21.csv
2014-08-20 11:02 - 2014-08-20 19:43 - 00107284 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_20.csv
2014-08-20 10:59 - 2014-08-20 11:00 - 06052529 _____ (Tim Kosse) C:\Users\MG\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-20 09:36 - 2014-09-03 07:59 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2014-08-20 09:36 - 2014-08-20 09:35 - 00069792 ____N (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
2014-08-19 15:05 - 2014-09-02 17:47 - 00067595 _____ () C:\Users\Arbeit\Desktop\Datenliste_Godea_SolarTelef.xlsx
2014-08-19 11:14 - 2014-08-19 21:23 - 00275045 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_19.csv
2014-08-18 11:30 - 2014-08-18 22:29 - 00129103 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_18.csv
2014-08-17 19:32 - 2014-08-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-08-17 19:26 - 2014-08-17 19:45 - 00000000 ____D () C:\xampp
2014-08-17 19:11 - 2014-08-17 19:17 - 131758072 _____ (Bitnami) C:\Users\MG\Downloads\xampp-win32-1.8.3-3-VC11-installer.exe
2014-08-17 18:50 - 2014-08-17 20:19 - 00133663 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_17.csv
2014-08-14 11:31 - 2014-08-14 21:59 - 00224285 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_14.csv
2014-08-14 08:08 - 2014-09-03 07:59 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-08-14 08:03 - 2014-09-03 07:58 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-08-13 22:12 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:12 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:12 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:12 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 22:12 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:12 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:12 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:12 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\NetBeans
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Local\NetBeans
2014-08-13 19:54 - 2014-08-13 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-13 19:51 - 2014-08-20 17:27 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-13 19:51 - 2014-08-13 20:00 - 00000000 ____D () C:\Users\MG\.nbi
2014-08-13 19:46 - 2014-08-13 19:50 - 65562384 _____ () C:\Users\MG\Downloads\netbeans-8.0-php-windows.exe
2014-08-13 10:37 - 2014-08-19 20:47 - 00043008 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2014-08-13 09:46 - 2014-08-13 21:35 - 00124221 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_13.csv
2014-08-13 08:59 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 08:59 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 08:59 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 08:59 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 08:59 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 08:59 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 08:59 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 08:59 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 08:59 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 08:59 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 08:59 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 08:59 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 08:59 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 08:59 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 08:59 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 08:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 08:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 08:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 08:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 08:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 08:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 08:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 08:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 08:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 08:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 08:58 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 08:58 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 08:58 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 08:58 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 08:58 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 08:58 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 08:58 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 08:58 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 08:58 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 08:58 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 08:58 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 08:58 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 08:58 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 08:58 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 08:58 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 08:58 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 08:58 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 08:58 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 08:58 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 08:58 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 08:58 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 08:58 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 08:58 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 08:58 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 08:58 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 08:58 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 08:58 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 08:58 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 08:58 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 08:58 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 08:58 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 08:58 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 08:58 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 08:58 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 08:58 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 08:58 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 08:58 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 08:58 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 08:58 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 08:58 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 08:58 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 08:58 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 08:58 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 08:58 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 08:58 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 08:56 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 08:56 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 08:56 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 08:56 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 08:41 - 2014-08-12 08:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 08:15 - 2014-08-12 20:20 - 00074768 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_12.csv
2014-08-11 08:53 - 2014-08-11 21:44 - 00213041 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_11.csv
2014-08-10 22:50 - 2014-08-10 22:50 - 00001118 _____ () C:\Settings.ini
2014-08-10 13:50 - 2014-08-10 21:53 - 00068535 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_10.csv
2014-08-09 18:17 - 2014-08-09 18:17 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\Program Files (x86)\GameSpy
2014-08-09 18:13 - 2014-08-09 18:13 - 00000000 ____D () C:\Windows\SysWOW64\URTTEMP
2014-08-09 13:14 - 2014-08-09 19:55 - 00069223 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 9.csv
2014-08-07 10:03 - 2014-08-07 20:23 - 00406903 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 7.csv
2014-08-06 10:38 - 2014-08-06 14:57 - 00051537 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 6.csv
2014-08-05 13:57 - 2014-08-05 13:57 - 00016413 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 5.csv
2014-08-04 01:10 - 2014-08-04 23:55 - 00215089 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 4.csv
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 13:48 - 2014-09-03 13:48 - 00031549 _____ () C:\Users\MG\Desktop\FRST.txt
2014-09-03 13:48 - 2014-09-01 18:50 - 00000000 ____D () C:\FRST
2014-09-03 13:19 - 2012-06-10 15:10 - 01430494 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 13:17 - 2014-09-03 08:51 - 00427241 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 3.csv
2014-09-03 13:15 - 2013-02-07 07:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 13:02 - 2012-07-17 21:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 09:03 - 2014-09-03 09:03 - 00044305 _____ () C:\Users\MG\Desktop\ComboFix.txt
2014-09-03 09:03 - 2014-09-02 07:51 - 00000000 ____D () C:\Qoobox
2014-09-03 09:00 - 2013-06-24 23:16 - 00000000 ____D () C:\Users\MG\AppData\Local\LogMeIn Hamachi
2014-09-03 09:00 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-03 08:47 - 2014-09-03 08:47 - 05576326 ____R (Swearware) C:\Users\MG\Desktop\ComboFix.exe
2014-09-03 08:47 - 2014-09-03 08:46 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix (1).exe
2014-09-03 08:39 - 2014-02-16 09:56 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MG-PC-MG MG-PC
2014-09-03 08:19 - 2012-06-13 12:21 - 00000000 ___RD () C:\Users\MG\Dropbox
2014-09-03 08:19 - 2012-06-13 12:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Dropbox
2014-09-03 08:18 - 2014-02-22 20:16 - 00000000 ____D () C:\Users\MG\AppData\Local\FreePDF_XP
2014-09-03 08:18 - 2013-02-07 07:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 08:06 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 08:06 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 08:00 - 2012-06-11 00:05 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe
2014-09-03 07:59 - 2014-08-20 09:36 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2014-09-03 07:59 - 2014-08-14 08:08 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-09-03 07:59 - 2014-01-30 16:20 - 00070709 _____ () C:\Windows\setupact.log
2014-09-03 07:59 - 2012-08-07 22:00 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-03 07:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 07:58 - 2014-08-14 08:03 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-09-03 07:58 - 2011-10-11 14:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-03 07:58 - 2010-11-21 05:47 - 00249826 _____ () C:\Windows\PFRO.log
2014-09-02 22:03 - 2014-09-02 08:01 - 00937395 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 2.csv
2014-09-02 21:44 - 2013-04-21 17:35 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Spotify
2014-09-02 17:50 - 2012-07-21 21:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-02 17:47 - 2014-08-19 15:05 - 00067595 _____ () C:\Users\Arbeit\Desktop\Datenliste_Godea_SolarTelef.xlsx
2014-09-02 17:09 - 2012-06-12 13:42 - 00000000 ____D () C:\Users\MG\Documents\Visual Studio 2005
2014-09-02 15:42 - 2013-04-21 17:36 - 00000000 ____D () C:\Users\MG\AppData\Local\Spotify
2014-09-02 11:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-02 11:14 - 2014-09-02 07:50 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 07:50 - 2014-09-02 07:49 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix.exe
2014-09-01 22:50 - 2014-09-01 22:50 - 00008065 _____ () C:\Users\MG\Desktop\gmer.zip
2014-09-01 22:10 - 2014-09-01 20:36 - 00149519 _____ () C:\Users\MG\Desktop\gmer.log
2014-09-01 21:47 - 2014-09-01 08:47 - 00706658 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 1.csv
2014-09-01 18:49 - 2014-09-01 20:13 - 00380416 _____ () C:\Users\MG\Desktop\knuuuftl.exe
2014-09-01 18:49 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Downloads\knuuuftl.exe
2014-09-01 18:48 - 2014-09-01 18:49 - 02104832 _____ (Farbar) C:\Users\MG\Desktop\FRST64.exe
2014-09-01 18:48 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe
2014-09-01 18:42 - 2014-09-01 18:42 - 00000576 _____ () C:\Users\MG\Desktop\defogger_disable.log
2014-09-01 18:42 - 2014-09-01 18:42 - 00000020 _____ () C:\Users\MG\defogger_reenable
2014-09-01 18:42 - 2012-06-10 15:15 - 00000000 ____D () C:\Users\MG
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Downloads\Defogger.exe
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Desktop\Defogger.exe
2014-09-01 18:32 - 2012-12-22 14:38 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-01 18:31 - 2014-09-01 18:31 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\NisDrv
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\mpfilter
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\amd64
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-01 18:31 - 2012-12-22 14:38 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-01 18:23 - 2012-06-10 16:05 - 00000000 ____D () C:\ProgramData\G DATA
2014-09-01 18:18 - 2012-06-10 16:24 - 00106224 _____ (G Data Software) C:\Windows\SysWOW64\Drivers\GRD.sys
2014-09-01 18:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 18:11 - 2014-09-01 18:10 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall.exe
2014-08-31 22:02 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Bioshock2Steam
2014-08-31 21:21 - 2014-08-31 17:04 - 00073062 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_31.csv
2014-08-31 19:50 - 2014-06-13 02:44 - 00000000 ____D () C:\Users\MG\AppData\Local\CrashDumps
2014-08-30 13:28 - 2014-08-30 12:56 - 00035673 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_30.csv
2014-08-30 11:46 - 2011-05-16 16:04 - 00713972 _____ () C:\Windows\system32\perfh007.dat
2014-08-30 11:46 - 2011-05-16 16:04 - 00155820 _____ () C:\Windows\system32\perfc007.dat
2014-08-30 11:46 - 2009-07-14 07:13 - 01659108 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 22:31 - 2012-06-10 16:36 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Skype
2014-08-29 18:45 - 2014-08-29 09:13 - 00169764 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_29.csv
2014-08-29 14:37 - 2014-08-29 14:36 - 00032918 _____ () C:\Users\MG\Downloads\auswanderung-ksp.-scharrel.csv
2014-08-28 20:14 - 2014-08-28 08:28 - 00036386 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_28.csv
2014-08-28 14:16 - 2009-07-14 06:45 - 00500536 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 22:20 - 2014-08-27 10:26 - 00308025 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_27.csv
2014-08-26 21:20 - 2014-08-26 09:47 - 00501251 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_26.csv
2014-08-26 17:26 - 2014-07-14 16:22 - 00000000 ____D () C:\Program Files (x86)\BWMeter
2014-08-26 17:25 - 2014-07-14 16:22 - 00000000 ____D () C:\Users\MG\AppData\Roaming\DeskSoft
2014-08-26 17:23 - 2014-08-26 17:22 - 00681663 _____ () C:\Users\MG\Downloads\desksoft.bwmeter.v6.5.2-patch- team irec.zip
2014-08-25 21:43 - 2014-08-25 08:17 - 00173689 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_25.csv
2014-08-24 22:28 - 2014-08-24 11:11 - 00085755 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_24.csv
2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\Documents\Bioshock2
2014-08-24 10:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-23 22:14 - 2014-08-23 22:14 - 00016415 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_23.csv
2014-08-23 04:07 - 2014-08-28 08:14 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 08:14 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 08:14 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 14:57 - 2014-08-22 09:40 - 00116817 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_22.csv
2014-08-22 14:57 - 2014-04-28 11:35 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\FreePDF_XP
2014-08-22 14:57 - 2014-04-17 12:59 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\LogMeIn Hamachi
2014-08-21 22:37 - 2014-08-21 09:24 - 00122797 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_21.csv
2014-08-21 15:56 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Roaming\Skype
2014-08-21 15:48 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\Skype
2014-08-21 15:48 - 2012-06-12 13:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-20 19:43 - 2014-08-20 11:02 - 00107284 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_20.csv
2014-08-20 17:33 - 2012-06-29 23:29 - 00000000 ____D () C:\Users\MG\AppData\Roaming\FileZilla
2014-08-20 17:27 - 2014-08-13 19:51 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-20 11:00 - 2014-08-20 10:59 - 06052529 _____ (Tim Kosse) C:\Users\MG\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-20 11:00 - 2013-03-14 18:52 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-20 11:00 - 2013-03-14 18:52 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-20 09:35 - 2014-08-20 09:36 - 00069792 ____N (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
2014-08-19 21:23 - 2014-08-19 11:14 - 00275045 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_19.csv
2014-08-19 20:47 - 2014-08-13 10:37 - 00043008 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2014-08-18 22:29 - 2014-08-18 11:30 - 00129103 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_18.csv
2014-08-18 22:28 - 2014-02-16 01:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-17 20:19 - 2014-08-17 18:50 - 00133663 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_17.csv
2014-08-17 19:45 - 2014-08-17 19:26 - 00000000 ____D () C:\xampp
2014-08-17 19:32 - 2014-08-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-08-17 19:17 - 2014-08-17 19:11 - 131758072 _____ (Bitnami) C:\Users\MG\Downloads\xampp-win32-1.8.3-3-VC11-installer.exe
2014-08-14 21:59 - 2014-08-14 11:31 - 00224285 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_14.csv
2014-08-14 08:27 - 2012-06-13 12:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:41 - 2013-08-18 03:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:27 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 22:19 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-08-13 22:12 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 21:35 - 2014-08-13 09:46 - 00124221 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_13.csv
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\NetBeans
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Local\NetBeans
2014-08-13 20:00 - 2014-08-13 19:51 - 00000000 ____D () C:\Users\MG\.nbi
2014-08-13 19:54 - 2014-08-13 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-13 19:50 - 2014-08-13 19:46 - 65562384 _____ () C:\Users\MG\Downloads\netbeans-8.0-php-windows.exe
2014-08-13 19:47 - 2013-03-25 13:28 - 00000000 ____D () C:\Users\MG\AppData\Local\Aptana Studio 3
2014-08-13 19:47 - 2012-11-06 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana
2014-08-12 20:20 - 2014-08-12 08:15 - 00074768 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_12.csv
2014-08-12 08:41 - 2014-08-12 08:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 08:41 - 2013-11-10 14:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-12 08:41 - 2013-06-24 22:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-11 21:44 - 2014-08-11 08:53 - 00213041 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_11.csv
2014-08-10 22:50 - 2014-08-10 22:50 - 00001118 _____ () C:\Settings.ini
2014-08-10 21:53 - 2014-08-10 13:50 - 00068535 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_10.csv
2014-08-09 19:55 - 2014-08-09 13:14 - 00069223 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 9.csv
2014-08-09 18:23 - 2013-02-26 17:21 - 00140688 _____ () C:\Users\MG\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-09 18:17 - 2014-08-09 18:17 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-08-09 18:17 - 2012-06-10 21:51 - 00000000 ____D () C:\Users\MG\Documents\My Games
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\Program Files (x86)\GameSpy
2014-08-09 18:14 - 2012-07-01 21:38 - 01686406 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-09 18:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-09 18:13 - 2014-08-09 18:13 - 00000000 ____D () C:\Windows\SysWOW64\URTTEMP
2014-08-09 18:12 - 2011-07-18 22:49 - 00606273 _____ () C:\Windows\DirectX.log
2014-08-07 20:23 - 2014-08-07 10:03 - 00406903 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 7.csv
2014-08-07 04:06 - 2014-08-13 08:56 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 08:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 14:57 - 2014-08-06 10:38 - 00051537 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 6.csv
2014-08-05 13:57 - 2014-08-05 13:57 - 00016413 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 5.csv
2014-08-05 10:34 - 2013-12-28 17:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-05 10:34 - 2012-06-10 15:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 23:55 - 2014-08-04 01:10 - 00215089 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 4.csv
2014-08-04 15:19 - 2014-04-17 13:08 - 00000000 ____D () C:\Users\Arbeit\Documents\Outlook-Dateien
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
LastRegBack: 2014-08-27 09:41
==================== End Of Log ============================
|
|
03.09.2014, 12:56
| #6 |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02
Ran by MG at 2014-09-03 13:49:04
Running from C:\Users\MG\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Android Studio (HKLM-x32\...\Android Studio) (Version: 1.0 - Google Inc.)
ANNO 1602 Königs-Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
Borderlands (HKLM-x32\...\Borderlands-u-GOTY_is1) (Version: 1.4.1 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
capella-scan 8.0 (HKLM-x32\...\{B8EBE87E-78E4-45A5-A2AB-93F8F8DBD301}) (Version: 8.0.12 - capella-software AG)
Citrix Authentication Manager (x32 Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver (USB) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{0B79C91F-978F-4C2E-9FE4-D4B567808858}) (Version: - Microsoft)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.9.0.3 (HKCU\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Hotfix für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2938803) (HKLM-x32\...\KB2938803.T369_128ToU880_128) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (KB944899) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB944899) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (KB946344) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB946344) (Version: 1 - Microsoft Corporation)
Huawei USB Driver (HKLM-x32\...\{84F167F3-B5FD-400D-B883-EB2A232413D7}) (Version: 1.6.0 - Huawei Incorporated)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}) (Version: 1.0.0.0135 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.362 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.362 - LogMeIn, Inc.) Hidden
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Device Emulator Version 1.0 - DEU (HKLM-x32\...\{88F93A2E-A2F3-4C36-B3D3-EEB274AA2C1C}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2005 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2005 Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 Language Pack - DEU (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visual Web Developer 2007 (x32 Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [DEU] Developer Tools (HKLM-x32\...\{A6F6725C-12C3-42B5-9647-8668E1BEE2D2}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - DEU (HKLM\...\{0592AC66-BE45-4EC3-8A45-DDE0E7CE1873}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - DEU (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - DEU (x32 Version: 8.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Professional Edition - DEU Service Pack 1 (KB926606) (HKLM-x32\...\KB926606.T2_128ToU265_128) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50701 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio ProjectAggregator2 (HKLM-x32\...\{3D6F415D-BCD5-437A-8683-0169B7228F19}) (Version: 1.01.61205.56 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.6 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.3 - )
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF24 Creator 5.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Phone F USB Driver (HKLM-x32\...\{D03DCDA1-F92A-4BC3-9941-DD80CB2B7009}) (Version: 2.2.0 - Mobile)
Phone INQ USB Driver (HKLM-x32\...\{59647C35-19D3-48B5-999F-4903CBB86F9A}) (Version: 2.0.0 - INQ)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0045 - Pegatron Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Protector Suite 2011 (HKLM\...\{BF30D9F5-23B6-4E1C-B580-C9CDBA2CD894}) (Version: 5.9.4.6894 - UPEK Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12952.91 - raidcall.com)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RoboForm 7-8-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-8-8-5 - Siber Systems)
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Rome Total War - patch 1.3 (HKLM-x32\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
RSDLite (HKLM-x32\...\{EAC93E1D-4807-43E2-B39A-8170B731B7D0}) (Version: 5.6 - Motorola)
Ruby 2.0.0-p481 (HKCU\...\{ABAA9781-845A-43CC-BABA-76CB580FE35D}_is1) (Version: 2.0.0-p481 - RubyInstaller Team)
Screenhero (HKLM-x32\...\{3F6FC6AB-D7CA-492D-903B-5346E3B081F9}) (Version: 0.14.4010 - Screenhero, Inc.)
SDK Debuggers (x32 Version: 8.100.26629 - Microsoft Corporation) Hidden
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2251481) (HKLM-x32\...\KB2251481.T369_128ToU865_128) (Version: 3 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2538218) (HKLM-x32\...\KB2538218.T369_128ToU866_128) (Version: 2 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2548826) (HKLM-x32\...\KB2548826.T369_128ToU869_128) (Version: 4 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB937061) (HKLM-x32\...\KB937061.T369_128ToU594_128) (Version: 1 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB973673) (HKLM-x32\...\KB973673.T369_128ToU841_128) (Version: 1 - Microsoft Corporation)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SharpDevelop 4.4 (HKLM-x32\...\{814E4191-A98A-4CDF-99AE-E6D6BACEA22F}) (Version: 4.4.9729 - ic#code)
SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 34440) (Version: - Firaxis)
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis)
Sid Meier's Civilization IV: Colonization (HKLM-x32\...\Steam App 16810) (Version: - Firaxis)
Sid Meier's Civilization IV: Warlords (HKLM-x32\...\Steam App 3990) (Version: - Firaxis)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SUT LR (HKLM\...\{BAE0C801-D7F7-4E63-A392-1179254DF665}) (Version: 1.8.2 - Mobile)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Ihr Firmenname)
SWAT 4 (x32 Version: 1.0.31763 - Ihr Firmenname) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.4.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
Tomb Raider: Anniversary (HKLM-x32\...\Steam App 8000) (Version: - Crystal Dynamics)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4FC38705-B045-4DAC-A0B0-C573D31B8CD5}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{0F5FFEB6-2F66-4592-8A34-CC85FF318951}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{D533D4E6-5056-487A-8F18-7FA51AF0E283}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB932234) (HKLM-x32\...\KB932234.T369_128ToU411_128) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (x32 Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26654 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26629 - Microsoft) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
XMedia Recode Version 3.1.1.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.1.0 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
31-08-2014 14:17:41 Windows Update
01-09-2014 16:19:09 G Data AntiVirus wurde entfernt.
01-09-2014 20:59:24 Windows Update
02-09-2014 20:03:51 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {039DE068-6530-4B48-8610-1ADB626D2607} - System32\Tasks\{2C649507-8A95-49EF-A9F3-32115937DD83} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {110F4785-95C2-4090-8587-EF0F3ADC4F31} - System32\Tasks\{2AC4D723-DA6B-4983-9715-BE25B8FF32F2} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {1877105C-36AE-4243-A892-509B2922C188} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MG-PC-MG MG-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {19F3EED6-E4C7-4986-A607-33FBAB3CD395} - System32\Tasks\Screenhero Daemon => C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe [2014-07-25] ()
Task: {200CDE17-CD76-4C50-A89F-5D54DDECCB90} - System32\Tasks\{3BD97449-048D-4A21-8669-327C8E72A384} => C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe
Task: {2384BBBA-9015-4DD4-BDCB-BFDFC8B35E64} - System32\Tasks\{77E07A5C-8BEA-4EC6-96D7-C32F1841A904} => C:\Program Files (x86)\ANNO 1602 Königs-Edition\1602.exe
Task: {2F809952-6CA9-4EDE-B59E-A4B55F100452} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {3511AE0D-761A-4CEE-BE4A-1E1655B6F9C6} - System32\Tasks\{CE0D3C70-FA05-47B7-B2E2-17F135F31F6E} => C:\Team17\Worms World Party\wwp.exe
Task: {379A6695-F1C1-4C7C-8CB7-D20B6041F87B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {4C6ECE85-297B-4848-8E5E-BA86CA4CCAF0} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {646BEAF5-709C-40D1-92FA-113943834CA9} - System32\Tasks\{90457D83-7631-44DB-8748-409B62A00A69} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {6C1838D6-0DE8-48B1-809F-DA1D413E4B49} - System32\Tasks\{101FF193-FF00-43B0-B062-0A4A70AB4725} => C:\Program Files (x86)\Microsoft Games\Midtown Madness 2\Midtown2.exe
Task: {72488996-254C-4F61-A020-BDF324E5307F} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {819D60CA-86AC-4FCC-8922-B0959E24B9F8} - \LaunchApp No Task File <==== ATTENTION
Task: {9D4573DF-2CEA-4557-92CD-EEE070063DF6} - System32\Tasks\{734BEA1A-61C1-41DD-A31B-C3C7E0A52544} => C:\Program Files\LucasArts\Turm von Babel\Jones3D.exe [1999-12-31] ()
Task: {AB41D66E-FDCC-4A3A-9DB7-7A730FDCFF81} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {AEF93253-FA83-436D-89A7-213C5D85297F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {D7C8400C-6173-4A69-A673-DEE1581071A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-15] (Adobe Systems Incorporated)
Task: {E0F427E3-C381-407F-97AA-1E1CDACB3E34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E2DCEB2C-BA02-4D2F-9AC5-741DF12A634D} - System32\Tasks\{1430BD43-67EE-4965-BFFF-25B7497F365C} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {E6FD0152-13D7-4B05-993F-992E5845498B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-06-29 19:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-07-25 19:01 - 2009-12-18 15:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-07-25 19:01 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-02-22 19:50 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-08-01 01:57 - 2013-07-27 10:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll
2012-06-10 21:17 - 2014-05-20 22:19 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-25 16:33 - 2014-07-25 16:33 - 00223744 _____ () C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-08-31 00:07 - 2011-03-26 15:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-25 19:01 - 2011-10-14 11:06 - 00818688 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2013-07-25 19:01 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2013-07-25 19:01 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2013-07-25 19:01 - 2010-12-27 14:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2013-07-25 19:01 - 2011-04-12 14:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2013-07-25 19:01 - 2011-10-24 13:59 - 03420160 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-06-09 14:32 - 2014-04-11 14:40 - 00736450 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2012-06-14 11:28 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2013-07-25 19:01 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-07-25 19:01 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-14 14:18 - 2014-08-07 05:20 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\MG\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\MG\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\MG\AppData\Roaming:NT
AlternateDataStreams: C:\Users\MG\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NitroReaderDriverReadSpool2 => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: rpcnet => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^Users^MG^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk => C:\Windows\pss\runctf.lnk.Startup
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: MedionReminder => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\Protector Suite\launcher.exe" /startup
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2014 07:59:18 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/03/2014 07:59:16 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (09/03/2014 07:59:16 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/03/2014 07:59:06 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/03/2014 07:59:06 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/03/2014 07:59:06 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/02/2014 07:31:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/02/2014 07:31:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (09/02/2014 07:31:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/02/2014 07:31:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
System errors:
=============
Error: (09/03/2014 09:00:23 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (09/03/2014 08:57:37 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (09/03/2014 08:18:43 AM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
Error: (09/03/2014 08:09:18 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.183.1267.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.5.0216.00
Quellpfad: 4.5.0216.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/03/2014 07:59:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/02/2014 05:07:11 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (09/02/2014 05:07:10 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (09/02/2014 05:07:10 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (09/02/2014 05:07:09 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.
Error: (09/02/2014 11:13:19 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Microsoft Office Sessions:
=========================
Error: (09/03/2014 07:59:18 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/03/2014 07:59:16 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.
Error: (09/03/2014 07:59:16 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/03/2014 07:59:06 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (09/03/2014 07:59:06 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (09/03/2014 07:59:06 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (09/02/2014 07:31:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/02/2014 07:31:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.
Error: (09/02/2014 07:31:46 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/02/2014 07:31:27 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
CodeIntegrity Errors:
===================================
Date: 2014-09-02 08:30:25.327
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-02 08:30:25.280
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:41.249
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:41.223
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:40.705
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:40.681
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:35.477
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:35.450
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:34.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:34.378
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 46%
Total physical RAM: 8103.05 MB
Available physical RAM: 4353.65 MB
Total Pagefile: 16204.29 MB
Available Pagefile: 12651.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:107.89 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:20.85 GB) NTFS
Drive e: (shootings) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
|
|
03.09.2014, 22:05
| #7 |
| Ruhe in Frieden † 2019 | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hallo, das sieht wesentlich besser aus. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje [2013-02-25]
Task: {819D60CA-86AC-4FCC-8922-B0959E24B9F8} - \LaunchApp No Task File <==== ATTENTION
DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Schritt 3 Bitte poste mir noch folgende .txt Datei C:\QooBox\Quarantine\Replicators\Replicator_1.txt Schritt 3 Starte noch einmal FRST.
Geändert von Bootsektor (03.09.2014 um 22:47 Uhr) |
|
07.09.2014, 11:46
| #8 | |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hi Sandra, jetzt komme ich endlich dazu die genannten Schritte auszuführen. Fixlog.txt Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-08-2014 02
Ran by MG at 2014-09-07 12:21:01 Run:2
Running from C:\Users\MG\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje [2013-02-25]
Task: {819D60CA-86AC-4FCC-8922-B0959E24B9F8} - \LaunchApp No Task File <==== ATTENTION
DeleteJunctionsIndirectory: C:\Program Files\Microsoft Security Client
*****************
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{819D60CA-86AC-4FCC-8922-B0959E24B9F8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{819D60CA-86AC-4FCC-8922-B0959E24B9F8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchApp" => Key deleted successfully.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking started.
"C:\Program Files\Microsoft Security Client\Backup" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\de-de" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\Drivers" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client\en-us" => Deleting reparse point and unlocking done.
"C:\Program Files\Microsoft Security Client" => Deleting reparse point and unlocking completed.
The system needed a reboot.
==== End of Fixlog ====
 FSS.txt Code:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by MG (administrator) on 07-09-2014 at 12:35:47
Running from "C:\Users\MG\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
Checking FirewallRules of SharedAccess: ATTENTION!=====> Unable to open "SharedAccess\Defaults\FirewallPolicy\FirewallRules" registry key. The key does not exist.
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
Zitat:
"D9086AAB959707DD1A8643F3DF70DB9D" und "D76F6860148F4DAABD5D2F929BB1A7B3". FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by MG (administrator) on MG-PC on 07-09-2014 12:47:10
Running from C:\Users\MG\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe
(Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Spotify Ltd) C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11817576 2011-04-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2209896 2011-04-18] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-05-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-06-10] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-05-05] (Siber Systems)
HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\...\Run: [Spotify Web Helper] => C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-02] (Spotify Ltd)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation)
AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll
Startup: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 0001IDriveSyncExt4 -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt2 -> {AE0642D6-F6D4-4443-9654-FE7252EDBC0C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt3 -> {B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt4 -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: 001IDriveSyncExt5 -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers: UEAFOverlay -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers: UEAFOverlayOpen -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.)
ShellIconOverlayIdentifiers-x32: 0001IDriveSyncExt4 -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt2 -> {AE0642D6-F6D4-4443-9654-FE7252EDBC0C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt3 -> {B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt4 -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt5 -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\7hg2naga.default-1397421639698
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\MG\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MG\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage: Profile 1 -> hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=204C4C809319505F&affID=119557&tsp=4950
CHR StartupUrls: Profile 1 -> "https://facebook.com/", "hxxp://youtube.de/"
CHR DefaultSearchKeyword: Profile 1 -> 6363C9324ECFB0D28911240FCD84FF69A6AC63E24E66FA327D7912F86B2F8283
CHR DefaultSearchURL: Profile 1 -> A13AF5FC1490155467AAA7005371B5DEE6D075C9038318DD71B23A984AFC729B
CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Click to activate/deactivate ProxTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-12-29]
CHR Extension: (Google Drive) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29]
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\benlfgghkipjaikggdpgbilmbajgaian [2013-06-09]
CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29]
CHR Extension: (Google-Suche) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29]
CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgffgocalgagnbaledkcmmbffkjfilil [2013-06-09]
CHR Extension: (Google Mail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29]
CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2013-05-05]
CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Duolingo) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-03-25]
CHR Extension: (Google Drive) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (WOT) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-08-17]
CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-30]
CHR Extension: (GeoGebra) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2013-03-01]
CHR Extension: (Google-Suche) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-30]
CHR Extension: (GFACE Experience Plugin) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2013-02-14]
CHR Extension: (Sea Quail Database Diagram Tool) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elkpialiknkiaebieojbgnhindepnlkg [2013-12-14]
CHR Extension: (Page Ruler) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2014-08-13]
CHR Extension: (Grid Ruler) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\joadogiaiabhmggdifljlpkclnpfncmj [2014-08-13]
CHR Extension: (ShiftEdit) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-06-15]
CHR Extension: (Codeanywhere) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-04-18]
CHR Extension: (Google Wallet) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]
CHR Extension: (Google Mail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-30]
CHR Extension: (SteamHelper) - D:\Projects\chrome\SteamHelper [2014-01-30]
CHR Extension: (__MSG_extName__) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extentions_own\ytUnblocker0.5.6_0 [2014-05-29]
CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2013-05-05]
CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\MG\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-12-09] (Microsoft Corporation)
S4 msvsmon90; c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-20] ()
S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
R2 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [143360 2012-07-26] (Sony DADC Austria AG.) [File not signed]
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-11-23] (Wellbia.com Co., Ltd.) [File not signed]
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
S2 ntop; C:\Program Files (x86)\ntop-Win32\ntop.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-03-23] ()
S3 fspad_wlh64; C:\Windows\system32\drivers\fspad_wlh64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed]
S3 fspad_xp64; C:\Windows\system32\drivers\fspad_xp64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-03-23] ()
S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-20] (Duplex Secure Ltd.)
S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S1 btkvylik; \??\C:\Windows\system32\drivers\btkvylik.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 cjwmvfwz; \??\C:\Windows\system32\drivers\cjwmvfwz.sys [X]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S1 eaxbjpzu; \??\C:\Windows\system32\drivers\eaxbjpzu.sys [X]
S1 fcngndoe; \??\C:\Windows\system32\drivers\fcngndoe.sys [X]
S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X]
S1 vvrmnlww; \??\C:\Windows\system32\drivers\vvrmnlww.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-07 12:47 - 2014-09-07 12:47 - 00000000 _____ () C:\Users\MG\Desktop\FRST.txt
2014-09-07 12:35 - 2014-09-07 12:35 - 00002915 _____ () C:\Users\MG\Desktop\FSS.txt
2014-09-07 12:35 - 2014-09-07 12:34 - 00415232 _____ (Farbar) C:\Users\MG\Desktop\FSS.exe
2014-09-07 12:34 - 2014-09-07 12:34 - 00415232 _____ (Farbar) C:\Users\MG\Downloads\FSS.exe
2014-09-07 11:42 - 2014-09-07 11:42 - 00016686 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 7.csv
2014-09-03 08:51 - 2014-09-03 22:21 - 00637283 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 3.csv
2014-09-03 08:47 - 2014-09-03 08:47 - 05576326 ____R (Swearware) C:\Users\MG\Desktop\ComboFix.exe
2014-09-03 08:46 - 2014-09-03 08:47 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix (1).exe
2014-09-02 08:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-02 08:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-02 08:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-02 08:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 08:01 - 2014-09-02 22:03 - 00937395 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 2.csv
2014-09-02 07:51 - 2014-09-03 09:03 - 00000000 ____D () C:\Qoobox
2014-09-02 07:50 - 2014-09-02 11:14 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 07:49 - 2014-09-02 07:50 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix.exe
2014-09-01 20:13 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Desktop\knuuuftl.exe
2014-09-01 18:50 - 2014-09-07 12:47 - 00000000 ____D () C:\FRST
2014-09-01 18:49 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Downloads\knuuuftl.exe
2014-09-01 18:49 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Desktop\FRST64.exe
2014-09-01 18:48 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe
2014-09-01 18:42 - 2014-09-01 18:42 - 00000020 _____ () C:\Users\MG\defogger_reenable
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Downloads\Defogger.exe
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Desktop\Defogger.exe
2014-09-01 18:31 - 2014-09-01 18:31 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\NisDrv
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\mpfilter
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\amd64
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-01 18:31 - 2014-03-11 15:48 - 00186688 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll
2014-09-01 18:31 - 2014-03-11 12:34 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll
2014-09-01 18:10 - 2014-09-01 18:11 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall.exe
2014-09-01 08:47 - 2014-09-01 21:47 - 00706658 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 1.csv
2014-08-31 17:04 - 2014-08-31 21:21 - 00073062 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_31.csv
2014-08-30 12:56 - 2014-08-30 13:28 - 00035673 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_30.csv
2014-08-29 14:36 - 2014-08-29 14:37 - 00032918 _____ () C:\Users\MG\Downloads\auswanderung-ksp.-scharrel.csv
2014-08-29 09:13 - 2014-08-29 18:45 - 00169764 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_29.csv
2014-08-28 08:28 - 2014-08-28 20:14 - 00036386 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_28.csv
2014-08-28 08:14 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 08:14 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 08:14 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 10:26 - 2014-08-27 22:20 - 00308025 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_27.csv
2014-08-26 17:22 - 2014-08-26 17:23 - 00681663 _____ () C:\Users\MG\Downloads\desksoft.bwmeter.v6.5.2-patch- team irec.zip
2014-08-26 09:47 - 2014-08-26 21:20 - 00501251 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_26.csv
2014-08-25 08:17 - 2014-08-25 21:43 - 00173689 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_25.csv
2014-08-24 22:09 - 2014-08-31 22:02 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Bioshock2Steam
2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\Documents\Bioshock2
2014-08-24 11:11 - 2014-08-24 22:28 - 00085755 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_24.csv
2014-08-23 22:14 - 2014-08-23 22:14 - 00016415 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_23.csv
2014-08-22 13:17 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-22 13:17 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-22 13:17 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-22 13:17 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-22 13:17 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-22 13:17 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-22 13:17 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-22 13:17 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-22 13:17 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-22 13:17 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 09:40 - 2014-08-22 14:57 - 00116817 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_22.csv
2014-08-21 15:48 - 2014-08-21 15:56 - 00000000 ____D () C:\Users\Arbeit\AppData\Roaming\Skype
2014-08-21 15:48 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\Skype
2014-08-21 09:24 - 2014-08-21 22:37 - 00122797 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_21.csv
2014-08-20 11:02 - 2014-08-20 19:43 - 00107284 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_20.csv
2014-08-20 10:59 - 2014-08-20 11:00 - 06052529 _____ (Tim Kosse) C:\Users\MG\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-20 09:36 - 2014-09-07 12:22 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2014-08-20 09:36 - 2014-08-20 09:35 - 00069792 ____N (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
2014-08-19 15:05 - 2014-09-02 17:47 - 00067595 _____ () C:\Users\Arbeit\Desktop\Datenliste_Godea_SolarTelef.xlsx
2014-08-19 11:14 - 2014-08-19 21:23 - 00275045 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_19.csv
2014-08-18 11:30 - 2014-08-18 22:29 - 00129103 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_18.csv
2014-08-17 19:32 - 2014-08-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-08-17 19:26 - 2014-08-17 19:45 - 00000000 ____D () C:\xampp
2014-08-17 19:11 - 2014-08-17 19:17 - 131758072 _____ (Bitnami) C:\Users\MG\Downloads\xampp-win32-1.8.3-3-VC11-installer.exe
2014-08-17 18:50 - 2014-08-17 20:19 - 00133663 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_17.csv
2014-08-14 11:31 - 2014-08-14 21:59 - 00224285 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_14.csv
2014-08-14 08:08 - 2014-09-07 12:22 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-08-14 08:03 - 2014-09-07 12:22 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-08-13 22:12 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 22:12 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 22:12 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 22:12 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 22:12 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 22:12 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 22:12 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 22:12 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\NetBeans
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Local\NetBeans
2014-08-13 19:54 - 2014-08-13 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-13 19:51 - 2014-08-20 17:27 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-13 19:51 - 2014-08-13 20:00 - 00000000 ____D () C:\Users\MG\.nbi
2014-08-13 19:46 - 2014-08-13 19:50 - 65562384 _____ () C:\Users\MG\Downloads\netbeans-8.0-php-windows.exe
2014-08-13 10:37 - 2014-08-19 20:47 - 00043008 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2014-08-13 09:46 - 2014-08-13 21:35 - 00124221 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_13.csv
2014-08-13 08:59 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 08:59 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 08:59 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 08:59 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 08:59 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 08:59 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 08:59 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 08:59 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 08:59 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 08:59 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 08:59 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 08:59 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 08:59 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 08:59 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 08:59 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 08:59 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 08:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 08:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 08:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 08:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 08:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 08:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 08:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 08:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 08:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 08:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 08:58 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 08:58 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 08:58 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 08:58 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 08:58 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 08:58 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 08:58 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 08:58 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 08:58 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 08:58 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 08:58 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 08:58 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 08:58 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 08:58 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 08:58 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 08:58 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 08:58 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 08:58 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 08:58 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 08:58 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 08:58 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 08:58 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 08:58 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 08:58 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 08:58 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 08:58 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 08:58 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 08:58 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 08:58 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 08:58 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 08:58 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 08:58 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 08:58 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 08:58 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 08:58 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 08:58 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 08:58 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 08:58 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 08:58 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 08:58 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 08:58 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 08:58 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 08:58 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 08:58 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 08:58 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 08:56 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 08:56 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 08:56 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 08:56 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-12 08:41 - 2014-08-12 08:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 08:15 - 2014-08-12 20:20 - 00074768 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_12.csv
2014-08-11 08:53 - 2014-08-11 21:44 - 00213041 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_11.csv
2014-08-10 22:50 - 2014-08-10 22:50 - 00001118 _____ () C:\Settings.ini
2014-08-10 13:50 - 2014-08-10 21:53 - 00068535 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_10.csv
2014-08-09 18:17 - 2014-08-09 18:17 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\Program Files (x86)\GameSpy
2014-08-09 18:13 - 2014-08-09 18:13 - 00000000 ____D () C:\Windows\SysWOW64\URTTEMP
2014-08-09 13:14 - 2014-08-09 19:55 - 00069223 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 9.csv
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-07 12:47 - 2014-09-07 12:47 - 00000000 _____ () C:\Users\MG\Desktop\FRST.txt
2014-09-07 12:47 - 2014-09-01 18:50 - 00000000 ____D () C:\FRST
2014-09-07 12:46 - 2014-02-16 09:56 - 00005106 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MG-PC-MG MG-PC
2014-09-07 12:38 - 2014-01-30 16:20 - 00071437 _____ () C:\Windows\setupact.log
2014-09-07 12:35 - 2014-09-07 12:35 - 00002915 _____ () C:\Users\MG\Desktop\FSS.txt
2014-09-07 12:34 - 2014-09-07 12:35 - 00415232 _____ (Farbar) C:\Users\MG\Desktop\FSS.exe
2014-09-07 12:34 - 2014-09-07 12:34 - 00415232 _____ (Farbar) C:\Users\MG\Downloads\FSS.exe
2014-09-07 12:33 - 2012-06-29 23:29 - 00000000 ____D () C:\Users\MG\AppData\Roaming\FileZilla
2014-09-07 12:31 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-07 12:31 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-07 12:27 - 2012-06-10 15:10 - 01457684 _____ () C:\Windows\WindowsUpdate.log
2014-09-07 12:24 - 2012-06-13 12:21 - 00000000 ___RD () C:\Users\MG\Dropbox
2014-09-07 12:24 - 2012-06-13 12:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Dropbox
2014-09-07 12:23 - 2014-02-22 20:16 - 00000000 ____D () C:\Users\MG\AppData\Local\FreePDF_XP
2014-09-07 12:23 - 2013-06-24 23:16 - 00000000 ____D () C:\Users\MG\AppData\Local\LogMeIn Hamachi
2014-09-07 12:23 - 2012-08-07 22:00 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-07 12:22 - 2014-08-20 09:36 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll
2014-09-07 12:22 - 2014-08-14 08:08 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll
2014-09-07 12:22 - 2014-08-14 08:03 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe
2014-09-07 12:22 - 2013-02-07 07:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-07 12:22 - 2012-06-11 00:05 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe
2014-09-07 12:22 - 2011-10-11 14:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-07 12:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-07 12:15 - 2013-02-07 07:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-07 12:02 - 2012-07-17 21:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-07 11:42 - 2014-09-07 11:42 - 00016686 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 7.csv
2014-09-03 22:21 - 2014-09-03 08:51 - 00637283 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 3.csv
2014-09-03 18:17 - 2010-11-21 05:47 - 00250372 _____ () C:\Windows\PFRO.log
2014-09-03 09:03 - 2014-09-02 07:51 - 00000000 ____D () C:\Qoobox
2014-09-03 09:00 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-03 08:47 - 2014-09-03 08:47 - 05576326 ____R (Swearware) C:\Users\MG\Desktop\ComboFix.exe
2014-09-03 08:47 - 2014-09-03 08:46 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix (1).exe
2014-09-02 22:03 - 2014-09-02 08:01 - 00937395 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 2.csv
2014-09-02 21:44 - 2013-04-21 17:35 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Spotify
2014-09-02 17:50 - 2012-07-21 21:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-02 17:47 - 2014-08-19 15:05 - 00067595 _____ () C:\Users\Arbeit\Desktop\Datenliste_Godea_SolarTelef.xlsx
2014-09-02 17:09 - 2012-06-12 13:42 - 00000000 ____D () C:\Users\MG\Documents\Visual Studio 2005
2014-09-02 15:42 - 2013-04-21 17:36 - 00000000 ____D () C:\Users\MG\AppData\Local\Spotify
2014-09-02 11:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-09-02 11:14 - 2014-09-02 07:50 - 00000000 ____D () C:\Windows\erdnt
2014-09-02 07:50 - 2014-09-02 07:49 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix.exe
2014-09-01 21:47 - 2014-09-01 08:47 - 00706658 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 1.csv
2014-09-01 18:49 - 2014-09-01 20:13 - 00380416 _____ () C:\Users\MG\Desktop\knuuuftl.exe
2014-09-01 18:49 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Downloads\knuuuftl.exe
2014-09-01 18:48 - 2014-09-01 18:49 - 02104832 _____ (Farbar) C:\Users\MG\Desktop\FRST64.exe
2014-09-01 18:48 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe
2014-09-01 18:42 - 2014-09-01 18:42 - 00000020 _____ () C:\Users\MG\defogger_reenable
2014-09-01 18:42 - 2012-06-10 15:15 - 00000000 ____D () C:\Users\MG
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Downloads\Defogger.exe
2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Desktop\Defogger.exe
2014-09-01 18:32 - 2012-12-22 14:38 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-09-01 18:31 - 2014-09-01 18:31 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\NisDrv
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\mpfilter
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\amd64
2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-01 18:31 - 2012-12-22 14:38 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-01 18:23 - 2012-06-10 16:05 - 00000000 ____D () C:\ProgramData\G DATA
2014-09-01 18:18 - 2012-06-10 16:24 - 00106224 _____ (G Data Software) C:\Windows\SysWOW64\Drivers\GRD.sys
2014-09-01 18:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-01 18:11 - 2014-09-01 18:10 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall.exe
2014-08-31 22:02 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Bioshock2Steam
2014-08-31 21:21 - 2014-08-31 17:04 - 00073062 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_31.csv
2014-08-31 19:50 - 2014-06-13 02:44 - 00000000 ____D () C:\Users\MG\AppData\Local\CrashDumps
2014-08-30 13:28 - 2014-08-30 12:56 - 00035673 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_30.csv
2014-08-30 11:46 - 2011-05-16 16:04 - 00713972 _____ () C:\Windows\system32\perfh007.dat
2014-08-30 11:46 - 2011-05-16 16:04 - 00155820 _____ () C:\Windows\system32\perfc007.dat
2014-08-30 11:46 - 2009-07-14 07:13 - 01659108 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-29 22:31 - 2012-06-10 16:36 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Skype
2014-08-29 18:45 - 2014-08-29 09:13 - 00169764 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_29.csv
2014-08-29 14:37 - 2014-08-29 14:36 - 00032918 _____ () C:\Users\MG\Downloads\auswanderung-ksp.-scharrel.csv
2014-08-28 20:14 - 2014-08-28 08:28 - 00036386 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_28.csv
2014-08-28 14:16 - 2009-07-14 06:45 - 00500536 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 22:20 - 2014-08-27 10:26 - 00308025 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_27.csv
2014-08-26 21:20 - 2014-08-26 09:47 - 00501251 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_26.csv
2014-08-26 17:26 - 2014-07-14 16:22 - 00000000 ____D () C:\Program Files (x86)\BWMeter
2014-08-26 17:25 - 2014-07-14 16:22 - 00000000 ____D () C:\Users\MG\AppData\Roaming\DeskSoft
2014-08-26 17:23 - 2014-08-26 17:22 - 00681663 _____ () C:\Users\MG\Downloads\desksoft.bwmeter.v6.5.2-patch- team irec.zip
2014-08-25 21:43 - 2014-08-25 08:17 - 00173689 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_25.csv
2014-08-24 22:28 - 2014-08-24 11:11 - 00085755 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_24.csv
2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\Documents\Bioshock2
2014-08-24 10:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-23 22:14 - 2014-08-23 22:14 - 00016415 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_23.csv
2014-08-23 04:07 - 2014-08-28 08:14 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 08:14 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 08:14 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 14:57 - 2014-08-22 09:40 - 00116817 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_22.csv
2014-08-22 14:57 - 2014-04-28 11:35 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\FreePDF_XP
2014-08-22 14:57 - 2014-04-17 12:59 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\LogMeIn Hamachi
2014-08-21 22:37 - 2014-08-21 09:24 - 00122797 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_21.csv
2014-08-21 15:56 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Roaming\Skype
2014-08-21 15:48 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\Skype
2014-08-21 15:48 - 2012-06-12 13:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-20 19:43 - 2014-08-20 11:02 - 00107284 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_20.csv
2014-08-20 17:27 - 2014-08-13 19:51 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-08-20 11:00 - 2014-08-20 10:59 - 06052529 _____ (Tim Kosse) C:\Users\MG\Downloads\FileZilla_3.9.0.3_win32-setup.exe
2014-08-20 11:00 - 2013-03-14 18:52 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-08-20 11:00 - 2013-03-14 18:52 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-08-20 09:35 - 2014-08-20 09:36 - 00069792 ____N (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe
2014-08-19 21:23 - 2014-08-19 11:14 - 00275045 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_19.csv
2014-08-19 20:47 - 2014-08-13 10:37 - 00043008 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe
2014-08-18 22:29 - 2014-08-18 11:30 - 00129103 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_18.csv
2014-08-18 22:28 - 2014-02-16 01:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-08-17 20:19 - 2014-08-17 18:50 - 00133663 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_17.csv
2014-08-17 19:45 - 2014-08-17 19:26 - 00000000 ____D () C:\xampp
2014-08-17 19:32 - 2014-08-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-08-17 19:17 - 2014-08-17 19:11 - 131758072 _____ (Bitnami) C:\Users\MG\Downloads\xampp-win32-1.8.3-3-VC11-installer.exe
2014-08-14 21:59 - 2014-08-14 11:31 - 00224285 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_14.csv
2014-08-14 08:27 - 2012-06-13 12:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 22:41 - 2013-08-18 03:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 22:27 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 22:19 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini
2014-08-13 22:12 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 21:35 - 2014-08-13 09:46 - 00124221 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_13.csv
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\NetBeans
2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Local\NetBeans
2014-08-13 20:00 - 2014-08-13 19:51 - 00000000 ____D () C:\Users\MG\.nbi
2014-08-13 19:54 - 2014-08-13 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-08-13 19:50 - 2014-08-13 19:46 - 65562384 _____ () C:\Users\MG\Downloads\netbeans-8.0-php-windows.exe
2014-08-13 19:47 - 2013-03-25 13:28 - 00000000 ____D () C:\Users\MG\AppData\Local\Aptana Studio 3
2014-08-13 19:47 - 2012-11-06 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana
2014-08-12 20:20 - 2014-08-12 08:15 - 00074768 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_12.csv
2014-08-12 08:41 - 2014-08-12 08:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-12 08:41 - 2014-08-12 08:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-12 08:41 - 2013-11-10 14:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-12 08:41 - 2013-06-24 22:53 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-11 21:44 - 2014-08-11 08:53 - 00213041 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_11.csv
2014-08-10 22:50 - 2014-08-10 22:50 - 00001118 _____ () C:\Settings.ini
2014-08-10 21:53 - 2014-08-10 13:50 - 00068535 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_10.csv
2014-08-09 19:55 - 2014-08-09 13:14 - 00069223 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_ 9.csv
2014-08-09 18:23 - 2013-02-26 17:21 - 00140688 _____ () C:\Users\MG\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-09 18:17 - 2014-08-09 18:17 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-08-09 18:17 - 2012-06-10 21:51 - 00000000 ____D () C:\Users\MG\Documents\My Games
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameSpy
2014-08-09 18:16 - 2014-08-09 18:16 - 00000000 ____D () C:\Program Files (x86)\GameSpy
2014-08-09 18:14 - 2012-07-01 21:38 - 01686406 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-09 18:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-09 18:13 - 2014-08-09 18:13 - 00000000 ____D () C:\Windows\SysWOW64\URTTEMP
2014-08-09 18:12 - 2011-07-18 22:49 - 00606273 _____ () C:\Windows\DirectX.log
Some content of TEMP:
====================
C:\Users\MG\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplhpjnj.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-27 09:41
==================== End Of Log ============================
|
|
08.09.2014, 01:12
| #9 |
| Ruhe in Frieden † 2019 | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hallo, dann machen wir jetzt so weiter. Schritt 1 Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter @echo off
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\bin\git.exe" > copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-add.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-annotate.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-apply.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-archive.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-bisect--helper.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-blame.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-branch.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-bundle.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-cat-file.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-check-attr.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-check-ignore.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-check-mailmap.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-check-ref-format.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-checkout-index.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-checkout.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-cherry-pick.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-cherry.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-clean.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-clone.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-column.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-commit-tree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-commit.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-config.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-count-objects.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-credential.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-describe.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-diff-files.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-diff-index.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-diff-tree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-diff.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-fast-export.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-fetch-pack.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-fetch.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-fmt-merge-msg.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-for-each-ref.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-format-patch.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-fsck-objects.exe" >> copy.txt 2>&1 >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-fsck.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-gc.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-get-tar-commit-id.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-grep.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-hash-object.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-help.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-index-pack.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-init-db.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-init.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-log.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-ls-files.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-ls-remote.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-ls-tree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-mailinfo.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-mailsplit.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-base.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-file.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-index.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-ours.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-recursive.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-subtree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge-tree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-merge.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-mktag.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-mktree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-mv.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-name-rev.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-notes.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-pack-objects.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-pack-redundant.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-pack-refs.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-patch-id.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-prune-packed.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-prune.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-push.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-read-tree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-receive-pack.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-reflog.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-remote-ext.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-remote-fd.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-remote.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-repack.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-replace.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-rerere.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-reset.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-rev-list.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-rev-parse.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-revert.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-rm.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-send-pack.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-shortlog.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-show-branch.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-show-ref.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-show.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-stage.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-status.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-stripspace.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-symbolic-ref.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-tag.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-unpack-file.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-unpack-objects.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-update-index.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-update-ref.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-update-server-info.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-upload-archive.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-var.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-verify-pack.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-verify-tag.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-whatchanged.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git-write-tree.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D76F6860148F4DAABD5D2F929BB1A7B3 "c:\program files (x86)\Git\libexec\git-core\git.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\1und1Messdaten\1und1Messdaten\bin\Debug\1und1Messdaten.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\3D 2.0\1Webcam_test\1Webcam_test\bin\Debug\1Webcam_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\3D 2.0\Capture2\bin\Debug\Capture2.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\3D 2.0\DirectShow\DirectShow_Test1\DirectShow_Test1\bin\Debug\DirectShow_Test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\32.0\DirectShow\DirectShow_Test1\DirectShow_Test1\bin\Debug\DirectShow_Test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\32.0\DirectShow\DirectShow_Test1\DirectShow_Test1\bin\Debug\DirectShow_Test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\3D 2.0\DirectShow\Filter_test1\Filter_test1\bin\Debug\Filter_test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\3D 2.0\Samples\Players\PlayVB\bin\PlayVB.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\3DTerminal\3DScanningTerminal\bin\Debug\3DScanningTerminal.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Arbeitszeiterfassung\Arbeitszeitenerfassung_alpha01\bin\Debug\Arbeitszeitenerfassung_alpha01.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Augen_Tracking_test\Augen_Tracking_test\bin\Debug\Augen_Tracking_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\BildAnalyse1\BildAnalyse1\bin\Debug\BildAnalyse1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Blog\RTFtoHTML1\RTFtoHTML1\bin\Debug\RTFtoHTML1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\ByteAnzahl_test1\ByteAnzahl_test1\bin\Debug\ByteAnzahl_test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\camtest\camtest\bin\Debug\camtest.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\camtest\camtest\bin\Debug\WindowsApplication1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Controller\Controller_test2\bin\Debug\Controller_test2.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Controller\Controller_Test3\bin\Debug\Controller_Test3.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\ExportFrame\GetingFrame\bin\Debug\GetingFrame.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\farbenDatErstellen\Farben\bin\Debug\Farben.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Farberkennung\Farberkennung\bin\Debug\Farberkennung.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Konverter\Konverter_test1\bin\Debug\Konverter_test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Mails\FindEvas\FindEvas\bin\Debug\FindEvas.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Mails\Mails_test1\Mails_test1\bin\Debug\Mails_test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Mails\Mails_test2\Mails_test2\bin\Debug\Mails_test2.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\MouseLimiter1\MouseLimiter1\bin\Debug\MouseLimiter1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Multithradding Test\Multithradding Test\bin\Debug\Multithradding Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Paid4Checked\Paid4Checked\bin\Debug\Paid4Checked.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PDFs\PDF2PlainText_1\PDF2PlainText_1\bin\Debug\PDF2PlainText_1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PDFs\PdfReader_test\PdfReader_test\bin\Debug\PdfReader_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PfeilTest\DrawPfeilTest\DrawPfeilTest\bin\Debug\DrawPfeilTest.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PfeilTest\Gdi+Thrats\Gdi+Thrats\bin\Debug\Gdi+Thrats.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PfeilTest\PfeilTest\bin\Debug\PfeilTest.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PfeilTest\PfeilTest2\PfeilTest2\bin\Debug\PfeilTest2.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\PfeilTest\PfeilTest3\PfeilTest3\bin\Debug\PfeilTest3.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Picture Viever\Capture2\bin\Debug\Capture2.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Picture Viever\GDI_Test\GDI_Test\bin\Debug\GDI_Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Rechnungen\Rechnungen_Swb_alpha1\bin\Debug\Rechnungen_Swb_alpha1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\Rdp_Presentation\Rdp_Presentation\bin\Debug\Rdp_Presentation.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\Rdp_Presentation_UDP\Rdp_Presentation_UDP\bin\Debug\Rdp_Presentation_UDP.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\RDP_Test_Class_Dateien\RDP_Test_Class_Dateien\bin\Debug\RDP_Test_Class_Dateien.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\RdpEncom_dll_Client_test\RdpEncom_dll_Client_test\bin\Debug\RdpEncom_dll_Client_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\RdpEncom_dll_Server_test\RdpEncom_dll_Server_test\bin\Debug\RdpEncom_dll_Server_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\TcpIp_ServerClient_test\TcpIp_ServerClient_test\bin\Debug\TcpIp_ServerClient_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\test\test\bin\Debug\test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\Trad_Class_Test\Trad_Class_Test\bin\Debug\Trad_Class_Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\UDP_Reciever_Test\UDP_Reciever_Test\bin\Debug\UDP_Reciever_Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\UDP_Sender_Test\UDP_Sender_Test\bin\Debug\UDP_Sender_Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\UDPUDP_Tester\UDPUDP_Tester\bin\Debug\UDPUDP_Tester.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\VNC_App_Client_Test\VNC_App_Client_Test\bin\Debug\VNC_App_Client_Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\RemoteDesktop\VNC_App_Server_Test\VNC_App_Server_Test\bin\Debug\VNC_App_Server_Test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Sicherung\Sicherung_test1\bin\Debug\Sicherung_test1.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\TcpSniffer\MJSniffer\MJSniff\bin\Debug\MJSniff.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\TcpSniffer\PackMon\Sniffer.NET\bin\Sniffer.NET.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\UT2004ModInsaller\UT2004Mods\bin\Debug\UT2004Mods.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\warten_test\warten_test\bin\Debug\warten_test.vshost.exe" >> copy.txt 2>&1
copy C:\QooBox\Quarantine\Replicators\D9086AAB959707DD1A8643F3DF70DB9D "d:\projects\VB.NET\Wetten\Wetten_0.1\Wetten_0.1\bin\Debug\Wetten_0.1.vshost.exe" >> copy.txt 2>&1
notepad copy.txt
Im Anschluss öffnet sich dein Texteditor mit der copy.txt, poste mir bitte diese. Schritt 2 Bitte lade Dir von hier die SharedAccess.reg Datei herunter, führe sie aus und starte deinen Rechner neu. Schritt 3 Deinstalliere bitte Microsoft Security Essentials und installiere es dir erneut, tritt die Fehlermeldung noch auf? Schritt 4 Mache nochmal einen neuen Scan mit Farbars Service Scanner, du brauchst ihn dir nicht nochmals downloaden. Downloade dir bitte Farbar Service Scanner
Poste bitte den Inhalt hier. Schritt 5 In deinem Chrome Browser ist deltasearch als Startseite eingetragen Stelle nach dieser Anleitung deine Startseite neu ein. |
|
08.09.2014, 11:17
| #10 |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Hallo Sandra, copy.txt Code:
ATTFilter 1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
Das System kann den angegebenen Pfad nicht finden.
0 Datei(en) kopiert.
Das System kann den angegebenen Pfad nicht finden.
0 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
1 Datei(en) kopiert.
FSS.txt: Code:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by MG (administrator) on 08-09-2014 at 12:09:09
Running from "C:\Users\MG\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
|
|
08.09.2014, 22:21
| #11 | |
| Ruhe in Frieden † 2019 | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Sehr gut, das sieht sehr schön aus copy konnte zwei Dateien nicht kopieren, weil sie die gleiche Bezeichnung hatten: Zitat:
müsstest du sonst einfach duplizieren, falls es Probleme gibt. Dann kontrollieren wir jetzt: Schritt 1 Downloade Dir bitte Malwarebytes Anti-Malware
Schritt 2 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
Schritt 3 Starte noch einmal FRST.
|
|
09.09.2014, 20:09
| #12 |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Wir machen also Fortschritte? Das ist sehr gut mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.09.2014 Suchlauf-Zeit: 08:36:45 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.09.01 Rootkit Datenbank: v2014.08.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: MG Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 432569 Verstrichene Zeit: 26 Min, 25 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 3 PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|AntiVirusDisableNotify, 1, Gut: (0), Schlecht: (1),Ersetzt,[375e4ba05b2089ad252635bad72daf51] PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|FirewallDisableNotify, 1, Gut: (0), Schlecht: (1),Ersetzt,[3560678443381e18a3a948a7d52fc040] PUM.Disabled.SecurityCenter, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SECURITY CENTER|UpdatesDisableNotify, 1, Gut: (0), Schlecht: (1),Ersetzt,[4c4975767803082e6be21bd40bf9bf41] Ordner: 0 (No malicious items detected) Dateien: 8 PUP.Optional.Amonetize, C:\Users\MG\Downloads\mcedit mob spawner schematics__3516_i637367952_il718715.exe, In Quarantäne, [50455794df9ceb4b96f12e7ef50cca36], PUP.BitCoinMiner, C:\Users\MG\Downloads\50Miner.zip, In Quarantäne, [474e96556c0fdd59d1554dfea45e5da3], PUP.Optional.Somoto, C:\Users\MG\Downloads\VLCMediaPlayerSetup-718hQA5.exe, In Quarantäne, [d2c3f9f296e596a0af6536e3c342ad53], PUP.Hacktool.Patcher, C:\Users\MG\Downloads\desksoft.bwmeter.v6.5.2-patch- team irec.zip, In Quarantäne, [d6bf75761c5f57df8b3dec1931cfb14f], PUP.Optional.InstallMonetizer, C:\Users\MG\Downloads\FlashPlayersetup__3873_i324805779_il30.exe, In Quarantäne, [eaabfcef5724f3432d776ec9728f7888], PUP.Optional.Solimba, C:\Users\MG\Downloads\Foxonic.exe, In Quarantäne, [9cf956956d0e3df99bcf3cd8d42d2bd5], PUP.Optional.InstallIQ.A, C:\Users\MG\Downloads\freeopener2.0.1.0.exe, In Quarantäne, [dabbe00ba4d74ee8d63980a502ff857b], PUP.Optional.InstallMonetizer, C:\Users\MG\Downloads\FlashPlayersetup__3873_i324796728_il30.exe, In Quarantäne, [93029a515625a294cada82b58879a55b], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1df267c63387dd4c9648630584c4c243
# engine=20070
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-09 06:47:38
# local_time=2014-09-09 08:47:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 119549 33272452 0 0
# scanned=543112
# found=22
# cleaned=0
# scan_time=22223
sh=3145A00B9C81BC2804F4EC9EAD4B903951310B98 ft=1 fh=f86414fe597e16bb vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\conTiinuetoSavee\51b4629f70b5d.dll.vir"
sh=3145A00B9C81BC2804F4EC9EAD4B903951310B98 ft=1 fh=f86414fe597e16bb vn="Variante von Win32/Adware.MultiPlug.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\SearchNewTab\51b462e4799f8.dll.vir"
sh=444329E675A61AB752AAC433DFEC3DAAA0A26C6A ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.0.7.2\background.html.vir"
sh=F39F196A7007F9E2B9A47338B4AE2D74E29EE24C ft=1 fh=2649032fdb8461f0 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\File System\003\t\00\00000000"
sh=5B6BDC157BB2AB72246991E0EBA6E19356E76E5C ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\22\1c52b96-5974339b"
sh=C56B060CF18D442C6BF14635695C3DAA9317E7AE ft=0 fh=0000000000000000 vn="Java/Exploit.Agent.QCZ Trojaner" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\23\14310317-21529455"
sh=74E81CA08E118194A52EFEFBE0A34F6BF6167EF0 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\45847f61-40565bbd"
sh=4DC4BBCA4BBF9D1C5893239D9CB95E055AFDEF74 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\226ef6e3-3aef3429"
sh=5313261471E6CB816B8ECEA284FE4CDEDB5B6ED3 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\39\4cf17f27-65cf7233"
sh=CF5FF332AF377A3EAADB58638D98DF4903026CE0 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\213b2a45-370ffbc8"
sh=C30074E297434489DBCC05C0F05D20544DEF4909 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4fe8de73-714f7a3e"
sh=91414FC78D9E91CC9F1AAA7C2B8C8D9D53D1BC75 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\590b7db3-274f04c2"
sh=4DC4BBCA4BBF9D1C5893239D9CB95E055AFDEF74 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\53\5ccfa775-2b352793"
sh=C30074E297434489DBCC05C0F05D20544DEF4909 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\72d99109-5f61c411"
sh=ECDB2C429B66AC05CC068EEBB95FABCB7D4E066D ft=1 fh=c71c00114e233f57 vn="Variante von Win32/InstallCore.OG evtl. unerwünschte Anwendung" ac=I fn="C:\Users\MG\Downloads\FileZilla_Server-0_9_44.exe"
sh=1A376885858134D257064FD589715094441FB645 ft=1 fh=03df30316233ca53 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\MG\Downloads\FoxitReader605.0618_enu_Setup (1).exe"
sh=1A376885858134D257064FD589715094441FB645 ft=1 fh=03df30316233ca53 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\MG\Downloads\FoxitReader605.0618_enu_Setup.exe"
sh=293A024C3F168A6527217516249D58F7C23280EB ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\MG\Downloads\Root Motorola Fire XT.zip"
sh=D7BA8D11EA89730AC4D2C82106F09EC2C1B140DA ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AK Trojaner" ac=I fn="C:\Users\MG\Downloads\Rooting XT316.zip"
sh=B3954D1E36FECF2928501B5F770E531E9639520C ft=1 fh=7f1bb0d1cefae6b3 vn="Variante von Win32/CompuTrace.A potenziell unsichere Anwendung" ac=I fn="C:\Windows\winsxs\amd64_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_4019f2b8d860ad30\autochk.exe"
sh=CA5FBAEFE7F0923A65CA47B86013D7ED9AEBBF2F ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AK Trojaner" ac=I fn="D:\Handy\Motorola Fire xt311\Root Motorola Fire XT\SuperOneClickv2.3.3-ShortFuse\Exploits\psneuter"
sh=2483ED987A0C85B80495BB0082BC33B03F76D64F ft=0 fh=0000000000000000 vn="Android/Exploit.Lotoor.AN Trojaner" ac=I fn="D:\Handy\Motorola Fire xt311\Root Motorola Fire XT\SuperOneClickv2.3.3-ShortFuse\Exploits\zergRush"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01 Ran by MG (administrator) on MG-PC on 09-09-2014 20:56:22 Running from C:\Users\MG\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Program Files (x86)\PHotkey\AsLdrSrv.exe () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe (UPEK Inc.) C:\Program Files\Protector Suite\upeksvr.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (Sony DADC Austria AG.) C:\Windows\SysWOW64\UAService7.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\PHotkey\PHotkey.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe () C:\Program Files (x86)\PHotkey\Atouch64.exe () C:\Program Files (x86)\PHotkey\PVDesktop.exe () C:\Program Files (x86)\PHotkey\PVDAgent.exe () C:\Program Files (x86)\PHotkey\POsd.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Spotify Ltd) C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Dropbox, Inc.) C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\nacl64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\MG\AppData\Roaming\Spotify\spotify.exe () C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyHelper.exe () C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyHelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11817576 2011-04-19] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2209896 2011-04-18] (Realtek Semiconductor) HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-04-14] (Renesas Electronics Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255184 2013-05-15] (LogMeIn Inc.) HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-06-10] (Geek Software GmbH) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\psfus: C:\Program Files\Protector Suite\psqlpwd.dll (UPEK Inc.) HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2013-05-05] (Siber Systems) HKU\S-1-5-21-3932211059-3778462078-1339551666-1002\...\Run: [Spotify Web Helper] => C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-02] (Spotify Ltd) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [168616 2013-10-27] (NVIDIA Corporation) AppInit_DLLs: C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\PROGRA~2\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\rxinput.dll [593696 2013-07-27] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-10-27] (NVIDIA Corporation) Lsa: [Notification Packages] scecli C:\Program Files\Protector Suite\psqlpwd.dll Startup: C:\Users\Arbeit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () Startup: C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: 0001IDriveSyncExt4 -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers: 001IDriveSyncExt2 -> {AE0642D6-F6D4-4443-9654-FE7252EDBC0C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers: 001IDriveSyncExt3 -> {B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers: 001IDriveSyncExt4 -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers: 001IDriveSyncExt5 -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon64.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers: UEAFOverlay -> {F2F31467-B1AC-4df0-AE79-FD5FA085E22B} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.) ShellIconOverlayIdentifiers: UEAFOverlayOpen -> {A3E208F7-0E3A-4182-A7A6-B169D5D691AA} => C:\Program Files\Protector Suite\farchns.dll (UPEK Inc.) ShellIconOverlayIdentifiers-x32: 0001IDriveSyncExt4 -> {A30768B3-9C38-4810-AAC3-422B73A0B25C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt2 -> {AE0642D6-F6D4-4443-9654-FE7252EDBC0C} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt3 -> {B5C11BA5-C82C-4D1F-A0B0-3E161B3F9E47} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt4 -> {906E4756-73EC-4A58-A3B1-461B759D8F7B} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A) ShellIconOverlayIdentifiers-x32: 001IDriveSyncExt5 -> {5DF1669E-DBBC-4C36-918E-8E470774D7AF} => C:\ProgramData\Application Data\IDriveSync\IDSyncIcon.dll (Pro-Softnet Corporation, U.S.A) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=MDNF&bmod=MDNF StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.) DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - No File Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\MG\AppData\Roaming\Mozilla\Firefox\Profiles\7hg2naga.default-1397421639698 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll (Citrix Systems, Inc.) FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\MG\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\MG\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml Chrome: ======= CHR HomePage: Profile 1 -> CHR StartupUrls: Profile 1 -> "https://facebook.com/", "hxxp://youtube.de/" CHR DefaultSearchKeyword: Profile 1 -> 6363C9324ECFB0D28911240FCD84FF69A6AC63E24E66FA327D7912F86B2F8283 CHR DefaultSearchURL: Profile 1 -> A13AF5FC1490155467AAA7005371B5DEE6D075C9038318DD71B23A984AFC729B CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Click to activate/deactivate ProxTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2012-12-29] CHR Extension: (Google Drive) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-29] CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\benlfgghkipjaikggdpgbilmbajgaian [2013-06-09] CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-29] CHR Extension: (Google-Suche) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-29] CHR Extension: (No Name) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgffgocalgagnbaledkcmmbffkjfilil [2013-06-09] CHR Extension: (Google Mail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-29] CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2013-05-05] CHR Profile: C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Duolingo) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2013-03-25] CHR Extension: (Google Drive) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-30] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07] CHR Extension: (WOT) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-08-17] CHR Extension: (YouTube) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-30] CHR Extension: (GeoGebra) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2013-03-01] CHR Extension: (Google-Suche) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-30] CHR Extension: (GFACE Experience Plugin) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2013-02-14] CHR Extension: (Sea Quail Database Diagram Tool) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\elkpialiknkiaebieojbgnhindepnlkg [2013-12-14] CHR Extension: (Page Ruler) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlpkojjdgbllmedoapgfodplfhcbnbpn [2014-08-13] CHR Extension: (Grid Ruler) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\joadogiaiabhmggdifljlpkclnpfncmj [2014-08-13] CHR Extension: (ShiftEdit) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-06-15] CHR Extension: (Codeanywhere) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndcfkjjcjfpmmhdedhnbkknbehiadgjg [2014-04-18] CHR Extension: (Google Wallet) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29] CHR Extension: (Google Mail) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-30] CHR Extension: (SteamHelper) - D:\Projects\chrome\SteamHelper [2014-01-30] CHR Extension: (__MSG_extName__) - C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\Extentions_own\ytUnblocker0.5.6_0 [2014-05-29] CHR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome [2013-05-05] CHR HKLM-x32\...\Chrome\Extension: [aakchaleigkohafkfjfjbblobjifikek] - C:\Users\MG\AppData\LocalLow\proxtube\CHROME\proxtube.crx [2012-04-19] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] () R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [File not signed] R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] () [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4476096 2005-12-09] (Microsoft Corporation) S4 msvsmon90; c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation) S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] () S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-20] () S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed] S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed] R2 UserAccess7; C:\Windows\SysWOW64\UAService7.exe [143360 2012-07-26] (Sony DADC Austria AG.) [File not signed] S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [666720 2012-11-23] (Wellbia.com Co., Ltd.) [File not signed] S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X] S2 ntop; C:\Program Files (x86)\ntop-Win32\ntop.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2013-03-23] () S3 fspad_wlh64; C:\Windows\system32\drivers\fspad_wlh64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed] S3 fspad_xp64; C:\Windows\system32\drivers\fspad_xp64.sys [68608 2010-11-08] (Sentelic Corporation) [File not signed] R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2013-03-23] () S3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-09] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 motport; C:\Windows\System32\DRIVERS\motport.sys [31744 2013-03-19] (Motorola Mobility Inc) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2012-08-20] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12384 2012-08-20] () S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-20] (Duplex Secure Ltd.) S3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation) S1 btkvylik; \??\C:\Windows\system32\drivers\btkvylik.sys [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S1 cjwmvfwz; \??\C:\Windows\system32\drivers\cjwmvfwz.sys [X] S3 clwvd; system32\DRIVERS\clwvd.sys [X] S1 eaxbjpzu; \??\C:\Windows\system32\drivers\eaxbjpzu.sys [X] S1 fcngndoe; \??\C:\Windows\system32\drivers\fcngndoe.sys [X] S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X] S1 vvrmnlww; \??\C:\Windows\system32\drivers\vvrmnlww.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-09 20:56 - 2014-09-09 20:57 - 00033810 _____ () C:\Users\MG\Desktop\FRST.txt 2014-09-09 20:56 - 2014-09-09 20:56 - 00000000 ____D () C:\Users\MG\Desktop\FRST-OlderVersion 2014-09-09 14:31 - 2014-09-09 14:31 - 02347384 _____ (ESET) C:\Users\MG\Downloads\esetsmartinstaller_deu.exe 2014-09-09 14:29 - 2014-09-09 14:29 - 00002689 _____ () C:\Users\MG\Desktop\mbam.txt 2014-09-09 10:09 - 2014-09-09 20:23 - 00282069 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 9.csv 2014-09-09 08:32 - 2014-09-09 19:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-09 08:30 - 2014-09-09 08:30 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-09 08:30 - 2014-09-09 08:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-09 08:30 - 2014-09-09 08:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-09 08:30 - 2014-09-09 08:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-09 08:30 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-09-09 08:30 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-09-09 08:30 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-09-09 08:28 - 2014-09-09 08:29 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MG\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-08 11:35 - 2014-09-08 11:35 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-08 11:35 - 2014-09-08 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-08 11:34 - 2014-09-08 11:35 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-08 11:33 - 2014-09-08 11:33 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall (1).exe 2014-09-08 11:24 - 2014-09-08 11:24 - 00362882 _____ () C:\Users\MG\Downloads\SharedAccess.reg 2014-09-08 11:23 - 2014-09-08 11:23 - 00026996 _____ () C:\Users\MG\Desktop\copy.bat 2014-09-08 10:31 - 2014-09-08 21:16 - 01290569 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 8.csv 2014-09-07 12:35 - 2014-09-07 12:34 - 00415232 _____ (Farbar) C:\Users\MG\Desktop\FSS.exe 2014-09-07 12:34 - 2014-09-07 12:34 - 00415232 _____ (Farbar) C:\Users\MG\Downloads\FSS.exe 2014-09-07 11:42 - 2014-09-07 21:07 - 00370807 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 7.csv 2014-09-03 08:51 - 2014-09-03 22:21 - 00637283 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 3.csv 2014-09-03 08:47 - 2014-09-03 08:47 - 05576326 ____R (Swearware) C:\Users\MG\Desktop\ComboFix.exe 2014-09-03 08:46 - 2014-09-03 08:47 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix (1).exe 2014-09-02 08:11 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-09-02 08:11 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-09-02 08:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-09-02 08:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-09-02 08:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-09-02 08:11 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-09-02 08:11 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-09-02 08:11 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-09-02 08:01 - 2014-09-02 22:03 - 00937395 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 2.csv 2014-09-02 07:51 - 2014-09-03 09:03 - 00000000 ____D () C:\Qoobox 2014-09-02 07:50 - 2014-09-02 11:14 - 00000000 ____D () C:\Windows\erdnt 2014-09-02 07:49 - 2014-09-02 07:50 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix.exe 2014-09-01 20:13 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Desktop\knuuuftl.exe 2014-09-01 18:50 - 2014-09-09 20:56 - 00000000 ____D () C:\FRST 2014-09-01 18:49 - 2014-09-09 20:56 - 02105344 _____ (Farbar) C:\Users\MG\Desktop\FRST64.exe 2014-09-01 18:49 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Downloads\knuuuftl.exe 2014-09-01 18:48 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe 2014-09-01 18:42 - 2014-09-01 18:42 - 00000020 _____ () C:\Users\MG\defogger_reenable 2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Downloads\Defogger.exe 2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Desktop\Defogger.exe 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\NisDrv 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\mpfilter 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\amd64 2014-09-01 18:31 - 2014-03-11 15:48 - 00186688 _____ (Microsoft Corporation) C:\Windows\system32\config\EppManifest.dll 2014-09-01 18:31 - 2014-03-11 12:34 - 00008864 _____ (Microsoft Corporation) C:\Windows\system32\config\setupres.dll 2014-09-01 18:10 - 2014-09-01 18:11 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall.exe 2014-09-01 08:47 - 2014-09-01 21:47 - 00706658 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 1.csv 2014-08-31 17:04 - 2014-08-31 21:21 - 00073062 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_31.csv 2014-08-30 12:56 - 2014-08-30 13:28 - 00035673 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_30.csv 2014-08-29 14:36 - 2014-08-29 14:37 - 00032918 _____ () C:\Users\MG\Downloads\auswanderung-ksp.-scharrel.csv 2014-08-29 09:13 - 2014-08-29 18:45 - 00169764 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_29.csv 2014-08-28 08:28 - 2014-08-28 20:14 - 00036386 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_28.csv 2014-08-28 08:14 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 08:14 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 08:14 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-27 10:26 - 2014-08-27 22:20 - 00308025 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_27.csv 2014-08-26 09:47 - 2014-08-26 21:20 - 00501251 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_26.csv 2014-08-25 08:17 - 2014-08-25 21:43 - 00173689 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_25.csv 2014-08-24 22:09 - 2014-09-08 20:55 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Bioshock2Steam 2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\Documents\Bioshock2 2014-08-24 11:11 - 2014-08-24 22:28 - 00085755 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_24.csv 2014-08-23 22:14 - 2014-08-23 22:14 - 00016415 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_23.csv 2014-08-22 13:17 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 13:17 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 13:17 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 13:17 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 13:17 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 13:17 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 13:17 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 13:17 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 13:17 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 13:17 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 13:17 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 13:17 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 13:17 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 13:17 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-08-22 09:40 - 2014-08-22 14:57 - 00116817 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_22.csv 2014-08-21 15:48 - 2014-08-21 15:56 - 00000000 ____D () C:\Users\Arbeit\AppData\Roaming\Skype 2014-08-21 15:48 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\Skype 2014-08-21 09:24 - 2014-08-21 22:37 - 00122797 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_21.csv 2014-08-20 11:02 - 2014-08-20 19:43 - 00107284 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_20.csv 2014-08-20 10:59 - 2014-08-20 11:00 - 06052529 _____ (Tim Kosse) C:\Users\MG\Downloads\FileZilla_3.9.0.3_win32-setup.exe 2014-08-20 09:36 - 2014-09-09 14:21 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll 2014-08-20 09:36 - 2014-08-20 09:35 - 00069792 ____N (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe 2014-08-19 15:05 - 2014-09-09 18:02 - 00070994 _____ () C:\Users\Arbeit\Desktop\Datenliste_Godea_SolarTelef.xlsx 2014-08-19 11:14 - 2014-08-19 21:23 - 00275045 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_19.csv 2014-08-18 11:30 - 2014-08-18 22:29 - 00129103 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_18.csv 2014-08-17 19:32 - 2014-08-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-08-17 19:26 - 2014-08-17 19:45 - 00000000 ____D () C:\xampp 2014-08-17 19:11 - 2014-08-17 19:17 - 131758072 _____ (Bitnami) C:\Users\MG\Downloads\xampp-win32-1.8.3-3-VC11-installer.exe 2014-08-17 18:50 - 2014-08-17 20:19 - 00133663 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_17.csv 2014-08-14 11:31 - 2014-08-14 21:59 - 00224285 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_14.csv 2014-08-14 08:08 - 2014-09-09 14:21 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll 2014-08-14 08:03 - 2014-09-09 14:20 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe 2014-08-13 22:12 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-13 22:12 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-13 22:12 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-13 22:12 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-13 22:12 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-13 22:12 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-13 22:12 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-13 22:12 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\NetBeans 2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Local\NetBeans 2014-08-13 19:54 - 2014-08-13 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans 2014-08-13 19:51 - 2014-09-08 21:00 - 00000000 ____D () C:\Program Files\NetBeans 8.0 2014-08-13 19:51 - 2014-08-13 20:00 - 00000000 ____D () C:\Users\MG\.nbi 2014-08-13 19:46 - 2014-08-13 19:50 - 65562384 _____ () C:\Users\MG\Downloads\netbeans-8.0-php-windows.exe 2014-08-13 10:37 - 2014-08-19 20:47 - 00043008 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe 2014-08-13 09:46 - 2014-08-13 21:35 - 00124221 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_13.csv 2014-08-13 08:59 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 08:59 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-13 08:59 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-13 08:59 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-13 08:59 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 08:59 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-13 08:59 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 08:59 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 08:59 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 08:59 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 08:59 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 08:59 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 08:59 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 08:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 08:59 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 08:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 08:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 08:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 08:59 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 08:59 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 08:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 08:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 08:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-13 08:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 08:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 08:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 08:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 08:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 08:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 08:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-13 08:58 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 08:58 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 08:58 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 08:58 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 08:58 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-13 08:58 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 08:58 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 08:58 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 08:58 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-13 08:58 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 08:58 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 08:58 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 08:58 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 08:58 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 08:58 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-13 08:58 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-13 08:58 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-13 08:58 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 08:58 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-13 08:58 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 08:58 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-13 08:58 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 08:58 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 08:58 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 08:58 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 08:58 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 08:58 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 08:58 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 08:58 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-13 08:58 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 08:58 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 08:58 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 08:58 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 08:58 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-13 08:58 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 08:58 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 08:58 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 08:58 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 08:58 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-13 08:58 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 08:58 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 08:58 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 08:58 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-13 08:58 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 08:58 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 08:56 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-13 08:56 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-13 08:56 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 08:56 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-12 08:41 - 2014-08-12 08:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-12 08:41 - 2014-08-12 08:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-12 08:15 - 2014-08-12 20:20 - 00074768 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_12.csv 2014-08-11 08:53 - 2014-08-11 21:44 - 00213041 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_11.csv 2014-08-10 22:50 - 2014-08-10 22:50 - 00001118 _____ () C:\Settings.ini 2014-08-10 13:50 - 2014-08-10 21:53 - 00068535 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_10.csv ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-09 20:57 - 2014-09-09 20:56 - 00033810 _____ () C:\Users\MG\Desktop\FRST.txt 2014-09-09 20:56 - 2014-09-09 20:56 - 00000000 ____D () C:\Users\MG\Desktop\FRST-OlderVersion 2014-09-09 20:56 - 2014-09-01 18:50 - 00000000 ____D () C:\FRST 2014-09-09 20:56 - 2014-09-01 18:49 - 02105344 _____ (Farbar) C:\Users\MG\Desktop\FRST64.exe 2014-09-09 20:23 - 2014-09-09 10:09 - 00282069 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 9.csv 2014-09-09 20:15 - 2013-02-07 07:15 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-09-09 20:02 - 2012-07-17 21:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-09 19:54 - 2014-09-09 08:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-09 18:59 - 2013-04-21 17:35 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Spotify 2014-09-09 18:13 - 2012-06-10 15:10 - 01960918 _____ () C:\Windows\WindowsUpdate.log 2014-09-09 18:10 - 2012-06-29 23:29 - 00000000 ____D () C:\Users\MG\AppData\Roaming\FileZilla 2014-09-09 18:08 - 2012-06-12 13:42 - 00000000 ____D () C:\Users\MG\Documents\Visual Studio 2005 2014-09-09 18:04 - 2012-07-21 21:45 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-09 18:02 - 2014-08-19 15:05 - 00070994 _____ () C:\Users\Arbeit\Desktop\Datenliste_Godea_SolarTelef.xlsx 2014-09-09 17:28 - 2014-01-30 16:20 - 00072669 _____ () C:\Windows\setupact.log 2014-09-09 14:38 - 2014-02-16 09:56 - 00005108 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MG-PC-MG MG-PC 2014-09-09 14:31 - 2014-09-09 14:31 - 02347384 _____ (ESET) C:\Users\MG\Downloads\esetsmartinstaller_deu.exe 2014-09-09 14:29 - 2014-09-09 14:29 - 00002689 _____ () C:\Users\MG\Desktop\mbam.txt 2014-09-09 14:28 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-09 14:28 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-09 14:26 - 2014-02-22 20:16 - 00000000 ____D () C:\Users\MG\AppData\Local\FreePDF_XP 2014-09-09 14:26 - 2013-06-24 23:16 - 00000000 ____D () C:\Users\MG\AppData\Local\LogMeIn Hamachi 2014-09-09 14:26 - 2013-02-07 07:15 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-09-09 14:26 - 2012-06-13 12:21 - 00000000 ___RD () C:\Users\MG\Dropbox 2014-09-09 14:26 - 2012-06-13 12:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Dropbox 2014-09-09 14:22 - 2012-06-11 00:05 - 00017408 _____ () C:\Windows\system32\rpcnetp.exe 2014-09-09 14:21 - 2014-08-20 09:36 - 00069792 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.dll 2014-09-09 14:21 - 2014-08-14 08:08 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.dll 2014-09-09 14:20 - 2014-08-14 08:03 - 00017408 _____ () C:\Windows\SysWOW64\rpcnetp.exe 2014-09-09 14:20 - 2011-10-11 14:46 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-09-09 14:20 - 2010-11-21 05:47 - 00252470 _____ () C:\Windows\PFRO.log 2014-09-09 14:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-09 14:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SchCache 2014-09-09 08:30 - 2014-09-09 08:30 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-09-09 08:30 - 2014-09-09 08:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-09-09 08:30 - 2014-09-09 08:30 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-09-09 08:30 - 2014-09-09 08:30 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-09-09 08:29 - 2014-09-09 08:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MG\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-08 21:16 - 2014-09-08 10:31 - 01290569 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 8.csv 2014-09-08 21:00 - 2014-08-13 19:51 - 00000000 ____D () C:\Program Files\NetBeans 8.0 2014-09-08 20:55 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Bioshock2Steam 2014-09-08 12:48 - 2013-04-21 17:36 - 00000000 ____D () C:\Users\MG\AppData\Local\Spotify 2014-09-08 11:35 - 2014-09-08 11:35 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-09-08 11:35 - 2014-09-08 11:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-09-08 11:35 - 2014-09-08 11:34 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-09-08 11:35 - 2012-12-22 14:38 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-09-08 11:33 - 2014-09-08 11:33 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall (1).exe 2014-09-08 11:24 - 2014-09-08 11:24 - 00362882 _____ () C:\Users\MG\Downloads\SharedAccess.reg 2014-09-08 11:23 - 2014-09-08 11:23 - 00026996 _____ () C:\Users\MG\Desktop\copy.bat 2014-09-08 09:01 - 2012-08-07 22:00 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-09-07 21:07 - 2014-09-07 11:42 - 00370807 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 7.csv 2014-09-07 12:34 - 2014-09-07 12:35 - 00415232 _____ (Farbar) C:\Users\MG\Desktop\FSS.exe 2014-09-07 12:34 - 2014-09-07 12:34 - 00415232 _____ (Farbar) C:\Users\MG\Downloads\FSS.exe 2014-09-03 22:21 - 2014-09-03 08:51 - 00637283 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 3.csv 2014-09-03 09:03 - 2014-09-02 07:51 - 00000000 ____D () C:\Qoobox 2014-09-03 09:00 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-09-03 08:47 - 2014-09-03 08:47 - 05576326 ____R (Swearware) C:\Users\MG\Desktop\ComboFix.exe 2014-09-03 08:47 - 2014-09-03 08:46 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix (1).exe 2014-09-02 22:03 - 2014-09-02 08:01 - 00937395 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 2.csv 2014-09-02 11:16 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-09-02 11:14 - 2014-09-02 07:50 - 00000000 ____D () C:\Windows\erdnt 2014-09-02 07:50 - 2014-09-02 07:49 - 05576326 _____ (Swearware) C:\Users\MG\Downloads\ComboFix.exe 2014-09-01 21:47 - 2014-09-01 08:47 - 00706658 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 9_ 1.csv 2014-09-01 18:49 - 2014-09-01 20:13 - 00380416 _____ () C:\Users\MG\Desktop\knuuuftl.exe 2014-09-01 18:49 - 2014-09-01 18:49 - 00380416 _____ () C:\Users\MG\Downloads\knuuuftl.exe 2014-09-01 18:48 - 2014-09-01 18:48 - 02104832 _____ (Farbar) C:\Users\MG\Downloads\FRST64.exe 2014-09-01 18:42 - 2014-09-01 18:42 - 00000020 _____ () C:\Users\MG\defogger_reenable 2014-09-01 18:42 - 2012-06-10 15:15 - 00000000 ____D () C:\Users\MG 2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Downloads\Defogger.exe 2014-09-01 18:41 - 2014-09-01 18:41 - 00050477 _____ () C:\Users\MG\Desktop\Defogger.exe 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\NisDrv 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\mpfilter 2014-09-01 18:31 - 2014-09-01 18:31 - 00000000 ____D () C:\Windows\system32\config\amd64 2014-09-01 18:23 - 2012-06-10 16:05 - 00000000 ____D () C:\ProgramData\G DATA 2014-09-01 18:18 - 2012-06-10 16:24 - 00106224 _____ (G Data Software) C:\Windows\SysWOW64\Drivers\GRD.sys 2014-09-01 18:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-09-01 18:11 - 2014-09-01 18:10 - 13849784 _____ (Microsoft Corporation) C:\Users\MG\Downloads\mseinstall.exe 2014-08-31 21:21 - 2014-08-31 17:04 - 00073062 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_31.csv 2014-08-31 19:50 - 2014-06-13 02:44 - 00000000 ____D () C:\Users\MG\AppData\Local\CrashDumps 2014-08-30 13:28 - 2014-08-30 12:56 - 00035673 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_30.csv 2014-08-30 11:46 - 2011-05-16 16:04 - 00713972 _____ () C:\Windows\system32\perfh007.dat 2014-08-30 11:46 - 2011-05-16 16:04 - 00155820 _____ () C:\Windows\system32\perfc007.dat 2014-08-30 11:46 - 2009-07-14 07:13 - 01659108 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-29 22:31 - 2012-06-10 16:36 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Skype 2014-08-29 18:45 - 2014-08-29 09:13 - 00169764 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_29.csv 2014-08-29 14:37 - 2014-08-29 14:36 - 00032918 _____ () C:\Users\MG\Downloads\auswanderung-ksp.-scharrel.csv 2014-08-28 20:14 - 2014-08-28 08:28 - 00036386 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_28.csv 2014-08-28 14:16 - 2009-07-14 06:45 - 00500536 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-27 22:20 - 2014-08-27 10:26 - 00308025 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_27.csv 2014-08-26 21:20 - 2014-08-26 09:47 - 00501251 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_26.csv 2014-08-26 17:26 - 2014-07-14 16:22 - 00000000 ____D () C:\Program Files (x86)\BWMeter 2014-08-26 17:25 - 2014-07-14 16:22 - 00000000 ____D () C:\Users\MG\AppData\Roaming\DeskSoft 2014-08-25 21:43 - 2014-08-25 08:17 - 00173689 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_25.csv 2014-08-24 22:28 - 2014-08-24 11:11 - 00085755 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_24.csv 2014-08-24 22:09 - 2014-08-24 22:09 - 00000000 ____D () C:\Users\MG\Documents\Bioshock2 2014-08-24 10:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-23 22:14 - 2014-08-23 22:14 - 00016415 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_23.csv 2014-08-23 04:07 - 2014-08-28 08:14 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 08:14 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 08:14 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 14:57 - 2014-08-22 09:40 - 00116817 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_22.csv 2014-08-22 14:57 - 2014-04-28 11:35 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\FreePDF_XP 2014-08-22 14:57 - 2014-04-17 12:59 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\LogMeIn Hamachi 2014-08-21 22:37 - 2014-08-21 09:24 - 00122797 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_21.csv 2014-08-21 15:56 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Roaming\Skype 2014-08-21 15:48 - 2014-08-21 15:48 - 00000000 ____D () C:\Users\Arbeit\AppData\Local\Skype 2014-08-21 15:48 - 2012-06-12 13:42 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-20 19:43 - 2014-08-20 11:02 - 00107284 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_20.csv 2014-08-20 11:00 - 2014-08-20 10:59 - 06052529 _____ (Tim Kosse) C:\Users\MG\Downloads\FileZilla_3.9.0.3_win32-setup.exe 2014-08-20 11:00 - 2013-03-14 18:52 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2014-08-20 11:00 - 2013-03-14 18:52 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2014-08-20 09:35 - 2014-08-20 09:36 - 00069792 ____N (Absolute Software Corp.) C:\Windows\SysWOW64\rpcnet.exe 2014-08-19 21:23 - 2014-08-19 11:14 - 00275045 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_19.csv 2014-08-19 20:47 - 2014-08-13 10:37 - 00043008 _____ (Absolute Software Corp.) C:\Windows\SysWOW64\agremove.exe 2014-08-18 22:29 - 2014-08-18 11:30 - 00129103 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_18.csv 2014-08-18 22:28 - 2014-02-16 01:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-08-17 20:19 - 2014-08-17 18:50 - 00133663 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_17.csv 2014-08-17 19:45 - 2014-08-17 19:26 - 00000000 ____D () C:\xampp 2014-08-17 19:32 - 2014-08-17 19:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-08-17 19:17 - 2014-08-17 19:11 - 131758072 _____ (Bitnami) C:\Users\MG\Downloads\xampp-win32-1.8.3-3-VC11-installer.exe 2014-08-14 21:59 - 2014-08-14 11:31 - 00224285 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_14.csv 2014-08-14 08:27 - 2012-06-13 12:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-14 08:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 22:41 - 2013-08-18 03:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-13 22:27 - 2011-07-18 22:31 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-13 22:19 - 2009-07-14 04:34 - 00000478 _____ () C:\Windows\win.ini 2014-08-13 22:12 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-13 21:35 - 2014-08-13 09:46 - 00124221 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_13.csv 2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Roaming\NetBeans 2014-08-13 20:19 - 2014-08-13 20:19 - 00000000 ____D () C:\Users\MG\AppData\Local\NetBeans 2014-08-13 20:00 - 2014-08-13 19:51 - 00000000 ____D () C:\Users\MG\.nbi 2014-08-13 19:54 - 2014-08-13 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans 2014-08-13 19:50 - 2014-08-13 19:46 - 65562384 _____ () C:\Users\MG\Downloads\netbeans-8.0-php-windows.exe 2014-08-13 19:47 - 2013-03-25 13:28 - 00000000 ____D () C:\Users\MG\AppData\Local\Aptana Studio 3 2014-08-13 19:47 - 2012-11-06 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aptana 2014-08-12 20:20 - 2014-08-12 08:15 - 00074768 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_12.csv 2014-08-12 08:41 - 2014-08-12 08:41 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-12 08:41 - 2014-08-12 08:41 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-12 08:41 - 2014-08-12 08:41 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-12 08:41 - 2013-11-10 14:17 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-12 08:41 - 2013-06-24 22:53 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-11 21:44 - 2014-08-11 08:53 - 00213041 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_11.csv 2014-08-10 22:50 - 2014-08-10 22:50 - 00001118 _____ () C:\Settings.ini 2014-08-10 21:53 - 2014-08-10 13:50 - 00068535 _____ () C:\Users\MG\Documents\MG-PC_MG_2014_ 8_10.csv Some content of TEMP: ==================== C:\Users\MG\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm7ce9w.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-07 18:58 ==================== End Of Log ============================ |
|
09.09.2014, 20:10
| #13 |
| | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by MG at 2014-09-09 20:58:04
Running from C:\Users\MG\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Android Studio (HKLM-x32\...\Android Studio) (Version: 1.0 - Google Inc.)
ANNO 1602 Königs-Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version: - )
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Application Verifier x64 External Package (Version: 8.100.26629 - Microsoft) Hidden
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version: - Ronimo Games)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
Blender (HKLM\...\Blender) (Version: 2.64a-release - Blender Foundation)
Borderlands (HKLM-x32\...\Borderlands-u-GOTY_is1) (Version: 1.4.1 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
capella-scan 8.0 (HKLM-x32\...\{B8EBE87E-78E4-45A5-A2AB-93F8F8DBD301}) (Version: 8.0.12 - capella-software AG)
Citrix Authentication Manager (x32 Version: 5.1.0.62606 - Citrix Systems, Inc.) Hidden
Citrix Receiver (DV) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash-Umleitung) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.1.0.0 - Citrix Systems, Inc.)
Citrix Receiver (USB) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Citrix Receiver Inside (x32 Version: 4.1.0.56471 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 4.1.0.56461 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{0B79C91F-978F-4C2E-9FE4-D4B567808858}) (Version: - Microsoft)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FileZilla Client 3.9.0.3 (HKCU\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Hotfix für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2938803) (HKLM-x32\...\KB2938803.T369_128ToU880_128) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (KB944899) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB944899) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (KB946344) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB946344) (Version: 1 - Microsoft Corporation)
Huawei USB Driver (HKLM-x32\...\{84F167F3-B5FD-400D-B883-EB2A232413D7}) (Version: 1.6.0 - Huawei Incorporated)
inSSIDer 3 (HKLM-x32\...\{A80CEA4E-74C1-4F9F-806B-E1D9AFC01768}) (Version: 3.0.7.48 - MetaGeek, LLC)
Intel PROSet Wireless (Version: - ) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{821B4CA1-D404-4CCA-AEA4-C7D3F40841B1}) (Version: 1.0.0.0135 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{C7B40C35-85AE-4303-9EEA-1A1EA779664D}) (Version: 1.0.2.0518 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.1.0.362 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.1.0.362 - LogMeIn, Inc.) Hidden
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Compact Framework 1.0 SP3 Developer (HKLM-x32\...\{6C531060-84FB-4F96-8F33-29DF020632EB}) (Version: 1.0.4292 - Microsoft Corporation)
Microsoft .NET Compact Framework 2.0 (HKLM-x32\...\{625386A4-B6B6-4911-A6E8-23189C3F2D15}) (Version: 2.0.5238 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Device Emulator Version 1.0 - DEU (HKLM-x32\...\{88F93A2E-A2F3-4C36-B3D3-EEB274AA2C1C}) (Version: 1.0.50727.42 - Microsoft Corporation)
Microsoft Document Explorer 2005 (HKLM-x32\...\Microsoft Document Explorer 2005) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2005 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2005 Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Document Explorer 2005 Language Pack - DEU (x32 Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visual Web Developer 2007 (x32 Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Publisher MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Mobile [DEU] Developer Tools (HKLM-x32\...\{A6F6725C-12C3-42B5-9647-8668E1BEE2D2}) (Version: 3.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Language Pack - DEU) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 64bit Prerequisites (x64) - DEU (HKLM\...\{0592AC66-BE45-4EC3-8A45-DDE0E7CE1873}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - DEU (HKLM-x32\...\Microsoft Visual Studio 2005 Professional Edition - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Professional Edition - DEU (x32 Version: 8.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Professional Edition - DEU Service Pack 1 (KB926606) (HKLM-x32\...\KB926606.T2_128ToU265_128) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger (x64) - DEU (Version: 8.0.50727.42 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger - DEU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger SP1 - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{C31A4909-9C18-3121-AAD4-EAD92013B6E5}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50701 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{c93c1c16-fd12-4b07-8926-2a4af46b6597}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio ProjectAggregator2 (HKLM-x32\...\{3D6F415D-BCD5-437A-8683-0169B7228F19}) (Version: 1.01.61205.56 - Microsoft Corporation)
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Web Authoring Component (HKLM-x32\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.6 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Development Tools (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.3 - )
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 7.2.17 (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation)
Online Plug-in (x32 Version: 14.1.0.0 - Citrix Systems, Inc.) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)
Oracle VM VirtualBox 4.2.12 (HKLM\...\{0C1DE303-E41B-44BA-8ABA-B7F09D857001}) (Version: 4.2.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PDF24 Creator 5.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Phone F USB Driver (HKLM-x32\...\{D03DCDA1-F92A-4BC3-9941-DD80CB2B7009}) (Version: 2.2.0 - Mobile)
Phone INQ USB Driver (HKLM-x32\...\{59647C35-19D3-48B5-999F-4903CBB86F9A}) (Version: 2.0.0 - INQ)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0045 - Pegatron Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Protector Suite 2011 (HKLM\...\{BF30D9F5-23B6-4E1C-B580-C9CDBA2CD894}) (Version: 5.9.4.6894 - UPEK Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Python 2.7.6 (64-bit) (HKLM\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E3}) (Version: 2.7.6150 - Python Software Foundation)
Quake Live (HKLM-x32\...\Quake Live) (Version: - id Software)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12952.91 - raidcall.com)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RoboForm 7-8-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-8-8-5 - Siber Systems)
Rome - Total War (HKLM-x32\...\{2E97F7E8-ABDE-4E0D-B0AD-B6B4BAD89E24}) (Version: 1.5 - The Creative Assembly)
Rome Total War - patch 1.3 (HKLM-x32\...\{A5D65411-8E73-4C85-AD80-9FE8B7391CF9}) (Version: 1.3 - )
RSDLite (HKLM-x32\...\{EAC93E1D-4807-43E2-B39A-8170B731B7D0}) (Version: 5.6 - Motorola)
Ruby 2.0.0-p481 (HKCU\...\{ABAA9781-845A-43CC-BABA-76CB580FE35D}_is1) (Version: 2.0.0-p481 - RubyInstaller Team)
Screenhero (HKLM-x32\...\{3F6FC6AB-D7CA-492D-903B-5346E3B081F9}) (Version: 0.14.4010 - Screenhero, Inc.)
SDK Debuggers (x32 Version: 8.100.26629 - Microsoft Corporation) Hidden
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2251481) (HKLM-x32\...\KB2251481.T369_128ToU865_128) (Version: 3 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2538218) (HKLM-x32\...\KB2538218.T369_128ToU866_128) (Version: 2 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB2548826) (HKLM-x32\...\KB2548826.T369_128ToU869_128) (Version: 4 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB937061) (HKLM-x32\...\KB937061.T369_128ToU594_128) (Version: 1 - Microsoft Corporation)
Security Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB973673) (HKLM-x32\...\KB973673.T369_128ToU841_128) (Version: 1 - Microsoft Corporation)
Self-Service Plug-in (x32 Version: 4.1.0.41738 - Citrix Systems, Inc.) Hidden
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version: - Croteam)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SharpDevelop 4.4 (HKLM-x32\...\{814E4191-A98A-4CDF-99AE-E6D6BACEA22F}) (Version: 4.4.9729 - ic#code)
SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 34440) (Version: - Firaxis)
Sid Meier's Civilization IV (HKLM-x32\...\Steam App 3900) (Version: - Firaxis)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis)
Sid Meier's Civilization IV: Colonization (HKLM-x32\...\Steam App 16810) (Version: - Firaxis)
Sid Meier's Civilization IV: Warlords (HKLM-x32\...\Steam App 3990) (Version: - Firaxis)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version: - EA - Maxis)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SUT LR (HKLM\...\{BAE0C801-D7F7-4E63-A392-1179254DF665}) (Version: 1.8.2 - Mobile)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Ihr Firmenname)
SWAT 4 (x32 Version: 1.0.31763 - Ihr Firmenname) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.4.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tom Clancy's Rainbow Six Vegas 2 (HKLM-x32\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
Tomb Raider: Anniversary (HKLM-x32\...\Steam App 8000) (Version: - Crystal Dynamics)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH)
Unreal Tournament 2004 (HKLM-x32\...\UT2004) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2883061) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{4CFCE804-3034-4F3A-84E2-3C97665F80EC}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881070) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{35E5FACD-A5AA-46AD-93C7-F6D7969044E7}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2881083) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{4FC38705-B045-4DAC-A0B0-C573D31B8CD5}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760249) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{8C07AD38-38EB-4332-BCB3-F55A77C927DF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881009) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7A3EF4FF-A9C8-4F7E-8020-A45F7D319387}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883036) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B8E73381-09B1-4895-ACD0-34385B0F526D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883049) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1C6260FD-A280-49FE-89D0-CCEC647FBD8E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883052) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{3F3A95FF-9F40-4B19-8227-53DF683B4CF9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{0F5FFEB6-2F66-4592-8A34-CC85FF318951}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{DA288EB3-648C-433C-88AC-71AEAAFAACF7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{51865C36-97D4-4210-A33E-50BCC8CDDF72}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883060) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0410-0000-0000000FF1CE}_Office15.PROPLUSR_{D533D4E6-5056-487A-8F18-7FA51AF0E283}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2883062) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{EE35EB6C-7768-433F-B9A0-73C97699A08C}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2883066) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{90EEAEDF-CD51-4E8C-B781-7A071EC53C36}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2881011) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{E2362D6B-C590-4698-A990-35B4A77A294D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2883051) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01923A0F-BA34-4A75-8D43-97F536E44D95}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2883058) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{78F4AB20-5992-425F-BCFB-ECCFF3531F55}) (Version: - Microsoft)
Update für Microsoft Visual Studio 2005 Professional Edition - DEU (KB932234) (HKLM-x32\...\KB932234.T369_128ToU411_128) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.100.26629 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit EULA (x32 Version: 8.100.25984 - Microsoft Corporations) Hidden
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{57334b90-51ab-4979-a6e4-ab0f7632479a}) (Version: 8.100.26654 - Microsoft Corporation)
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit Redistributables (x32 Version: 8.100.26654 - Microsoft Corporation) Hidden
WinRAR 4.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26654 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26629 - Microsoft) Hidden
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-3 - Bitnami)
XMedia Recode Version 3.1.1.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.1.0 - XMedia Recode)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3932211059-3778462078-1339551666-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\MG\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
07-09-2014 19:07:16 Windows Update
08-09-2014 19:16:35 Windows Update
08-09-2014 19:55:20 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {039DE068-6530-4B48-8610-1ADB626D2607} - System32\Tasks\{2C649507-8A95-49EF-A9F3-32115937DD83} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {110F4785-95C2-4090-8587-EF0F3ADC4F31} - System32\Tasks\{2AC4D723-DA6B-4983-9715-BE25B8FF32F2} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {1877105C-36AE-4243-A892-509B2922C188} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MG-PC-MG MG-PC => C:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2014-07-27] (Microsoft Corporation)
Task: {19F3EED6-E4C7-4986-A607-33FBAB3CD395} - System32\Tasks\Screenhero Daemon => C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe [2014-07-25] ()
Task: {200CDE17-CD76-4C50-A89F-5D54DDECCB90} - System32\Tasks\{3BD97449-048D-4A21-8669-327C8E72A384} => C:\Program Files (x86)\Ubisoft\Tom Clancy's Rainbow Six Vegas\Binaries\R6Vegas_Game.exe
Task: {2384BBBA-9015-4DD4-BDCB-BFDFC8B35E64} - System32\Tasks\{77E07A5C-8BEA-4EC6-96D7-C32F1841A904} => C:\Program Files (x86)\ANNO 1602 Königs-Edition\1602.exe
Task: {2F809952-6CA9-4EDE-B59E-A4B55F100452} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {3511AE0D-761A-4CEE-BE4A-1E1655B6F9C6} - System32\Tasks\{CE0D3C70-FA05-47B7-B2E2-17F135F31F6E} => C:\Team17\Worms World Party\wwp.exe
Task: {379A6695-F1C1-4C7C-8CB7-D20B6041F87B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-07] (Google Inc.)
Task: {4C6ECE85-297B-4848-8E5E-BA86CA4CCAF0} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {646BEAF5-709C-40D1-92FA-113943834CA9} - System32\Tasks\{90457D83-7631-44DB-8748-409B62A00A69} => C:\Program Files (x86)\Sierra\SWAT 4\Content\System\Swat4.exe [2005-06-21] (Sierra Entertainment, Inc.)
Task: {6C1838D6-0DE8-48B1-809F-DA1D413E4B49} - System32\Tasks\{101FF193-FF00-43B0-B062-0A4A70AB4725} => C:\Program Files (x86)\Microsoft Games\Midtown Madness 2\Midtown2.exe
Task: {72488996-254C-4F61-A020-BDF324E5307F} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9D4573DF-2CEA-4557-92CD-EEE070063DF6} - System32\Tasks\{734BEA1A-61C1-41DD-A31B-C3C7E0A52544} => C:\Program Files\LucasArts\Turm von Babel\Jones3D.exe [1999-12-31] ()
Task: {AB41D66E-FDCC-4A3A-9DB7-7A730FDCFF81} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {AEF93253-FA83-436D-89A7-213C5D85297F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {D7C8400C-6173-4A69-A673-DEE1581071A6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-15] (Adobe Systems Incorporated)
Task: {E0F427E3-C381-407F-97AA-1E1CDACB3E34} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {E2DCEB2C-BA02-4D2F-9AC5-741DF12A634D} - System32\Tasks\{1430BD43-67EE-4965-BFFF-25B7497F365C} => C:\Program Files (x86)\iTunes\iTunes.exe
Task: {E6FD0152-13D7-4B05-993F-992E5845498B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-06-29 19:35 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-07-25 19:01 - 2009-12-18 15:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2013-07-25 19:01 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-02-22 19:50 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-08-01 01:57 - 2013-07-27 10:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll
2012-06-10 21:17 - 2014-05-20 22:19 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-06-09 14:32 - 2014-04-11 14:40 - 00736450 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2012-06-14 11:28 - 2012-02-17 20:55 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2011-07-18 23:04 - 2011-07-18 23:04 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2013-07-25 19:01 - 2011-10-14 11:06 - 00818688 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2013-07-25 19:01 - 2010-01-12 17:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2013-07-25 19:01 - 2010-01-12 17:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2013-07-25 19:01 - 2010-12-17 14:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2013-07-25 19:01 - 2010-12-27 14:14 - 00776200 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2013-07-25 19:01 - 2011-04-12 14:32 - 00483336 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2013-07-25 19:01 - 2011-10-24 13:59 - 03420160 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-07-25 16:33 - 2014-07-25 16:33 - 00223744 _____ () C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe
2011-05-02 22:41 - 2011-05-02 22:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-08-31 00:07 - 2011-03-26 15:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-10-08 12:48 - 2014-09-02 15:42 - 00610872 _____ () C:\Users\MG\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-07-25 19:01 - 2009-12-18 15:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2013-07-25 19:01 - 2009-12-18 15:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2014-09-09 14:26 - 2014-09-09 14:26 - 00043008 _____ () c:\users\mg\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm7ce9w.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\MG\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 18:41 - 2014-05-24 18:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-09-07 09:21 - 2014-08-30 04:49 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-07 09:21 - 2014-08-30 04:49 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-07 09:21 - 2014-08-30 04:49 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-07 09:21 - 2014-08-30 04:49 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-07 09:21 - 2014-08-30 04:49 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-07 09:21 - 2014-08-30 04:49 - 14669128 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
2013-04-21 17:36 - 2014-09-02 15:42 - 36966968 _____ () C:\Users\MG\AppData\Roaming\Spotify\Data\libcef.dll
2014-08-01 13:30 - 2014-09-02 15:42 - 00867896 _____ () C:\Users\MG\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-10-08 12:48 - 2014-09-02 15:42 - 00886840 _____ () C:\Users\MG\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-10-08 12:48 - 2014-09-02 15:42 - 00108600 _____ () C:\Users\MG\AppData\Roaming\Spotify\Data\libegl.dll
2014-08-30 10:24 - 2014-08-21 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 10:24 - 2014-08-21 20:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 10:24 - 2014-08-21 20:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 18:10 - 2014-08-21 00:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-31 20:20 - 2014-08-28 13:48 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 10:24 - 2014-08-21 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 10:24 - 2014-08-21 20:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-07-21 21:46 - 2014-08-28 13:48 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-07-21 21:46 - 2014-08-21 00:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-18 14:05 - 2014-08-21 00:38 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-06-14 13:44 - 2014-06-14 13:44 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-14 13:44 - 2014-06-14 13:44 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-14 13:44 - 2014-06-14 13:44 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\MG\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\MG\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\MG\AppData\Roaming:NT
AlternateDataStreams: C:\Users\MG\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: MemeoBackgroundService => 2
MSCONFIG\Services: Motorola Device Manager => 2
MSCONFIG\Services: MyWiFiDHCPDNS => 3
MSCONFIG\Services: NitroReaderDriverReadSpool2 => 2
MSCONFIG\Services: ose => 3
MSCONFIG\Services: osppsvc => 3
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: rpcnet => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^Users^MG^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^runctf.lnk => C:\Windows\pss\runctf.lnk.Startup
MSCONFIG\startupreg: BingDesktop => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: MedionReminder => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\Protector Suite\launcher.exe" /startup
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
==================== Faulty Device Manager Devices =============
Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: TAP-Win32 Adapter V9 (Tunngle)
Description: TAP-Win32 Adapter V9 (Tunngle)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9 (Tunngle)
Service: tap0901t
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/09/2014 08:54:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/09/2014 02:33:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/09/2014 02:20:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Die Klassenregistrierungsdatei kann nicht geladen werden.
DETAIL - Das System kann die angegebene Datei nicht finden.
Error: (09/09/2014 02:20:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/09/2014 02:20:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/09/2014 02:20:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/09/2014 02:20:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=25, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/09/2014 02:20:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path name Fehler bei der Überprüfung. Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Error: (09/09/2014 08:06:54 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/09/2014 08:06:53 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
System errors:
=============
Error: (09/09/2014 02:20:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/09/2014 08:06:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/08/2014 09:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/08/2014 03:19:57 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (09/08/2014 02:49:04 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (09/08/2014 02:48:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (09/08/2014 02:48:53 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (09/08/2014 01:30:19 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (09/08/2014 00:04:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (09/08/2014 11:27:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ntop for Win32" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (09/09/2014 08:54:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (09/09/2014 02:33:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\MG\Downloads\esetsmartinstaller_deu.exe
Error: (09/09/2014 02:20:58 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT-AUTORITÄT)
Description: Das System kann die angegebene Datei nicht finden.
Error: (09/09/2014 02:20:59 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/09/2014 02:20:58 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
Error: (09/09/2014 02:20:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name43900
Error: (09/09/2014 02:20:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name25900
Error: (09/09/2014 02:20:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Eap method DLL path name17900
Error: (09/09/2014 08:06:54 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
Error: (09/09/2014 08:06:53 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
CodeIntegrity Errors:
===================================
Date: 2014-09-02 08:30:25.327
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-02 08:30:25.280
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:41.249
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:41.223
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:40.705
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 15:55:40.681
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:35.477
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:35.450
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:34.403
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-23 14:59:34.378
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 58%
Total physical RAM: 8103.05 MB
Available physical RAM: 3376.98 MB
Total Pagefile: 16204.29 MB
Available Pagefile: 11395.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:104.33 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:20.85 GB) NTFS
Drive m: () (Removable) (Total:14.81 GB) (Free:14.67 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
========================================================
Disk: 5 (Size: 14.8 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
09.09.2014, 21:54
| #14 |
| Ruhe in Frieden † 2019 | Windows 7: Microsoft Security Essentials durch Gruppenrichtlinie blockiert Natürlich machen wir Fortschritte Bitte passe zukünfig auf, wo du dir was herunterlädst.Nutze die Herstellerseiten, schau, was sich dort mitinstallieren möchte Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\MG\AppData\Local\Google\Chrome\User Data\Profile 1\File System\003\t\00\00000000
C:\Users\MG\Downloads\FileZilla_Server-0_9_44.exe
C:\Users\MG\Downloads\FoxitReader605.0618_enu_Setup (1).exe
C:\Users\MG\Downloads\FoxitReader605.0618_enu_Setup.exe
C:\Users\MG\Downloads\Root Motorola Fire XT.zip
C:\Users\MG\Downloads\Rooting XT316.zip
D:\Handy\Motorola Fire xt311\Root Motorola Fire XT\SuperOneClickv2.3.3-ShortFuse\Exploits\psneuter
D:\Handy\Motorola Fire xt311\Root Motorola Fire XT\SuperOneClickv2.3.3-ShortFuse\Exploits\zergRush
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Java Bitte deinstalliere noch
Schritt 3 Java Cache löschen Gehe auf: Start => Systemsteuerung => Java auswählen=> Reiter: Allgemein => Temporäre Internet-Dateien "Einstellungen" => Dateien löschen => Haken bei "gecachte Anwendungen und Applets" sowie bei "Verfolgungs- und Protokolldateien" (Trace und Logdateien") setzen => OK Ausführliche Anleitung Wie leere ich den Java-Cache? Wenn dir grad keine Probleme mehr auffallen sind wir jetzt durch und du kannst wie folgt weitermachen. OK So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber. Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir. Schritt 1 Bitte starte Defogger noch einmal und klicke auf re-enable. Schritt 2 Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren. Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen. Schritt 3 Bitte vor der folgenden Aktion wieder temporär Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren. Windows-Taste + R drücke. Kopiere nun folgende Zeile in die Kommandozeile und klicke OK. Code:
ATTFilter Combofix /Uninstall
 Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert, damit auch aus dieser die Schädlinge verschwinden. Nun die eben deaktivierten Programme wieder aktivieren. Schritt 4 Downloade dir bitte delfix auf deinen Desktop.
Updates / Programme aktualisieren
Stelle sicher, dass dein FlashPlayer nach Updates sucht. Den FlashPlayer kann man direkt bei der Installation so konfigurieren, dass er nach Updates automatisch sucht, nachträglich kann man das über folgenden Link machen: Adobe - Flash Player: Einstellungsmanager - Globale Benachrichtigungseinstellungen Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems. Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
Aktualität des Systems Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren. Windows XP Gehe auf: Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen Windows Vista Gehe auf: Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen Windows 7 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Windows 8 Dazu drücke auf: Windowstaste und X dann: Programme und Funktionen -->Javaversionen auswählen --> entfernen Falls du Java doch unbedingt benötigst, dann
Dazu:
Hier findest du eine Anleitung dazu. Antivirensoftware
Zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Systemleistung Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows. Windows Vista
Windows 7
Windows 8
Halte dich fern von jeglichen Registry Cleanern. Diese schaden deinem System mehr als dass sie es schneller machen. Verhaltensregeln zum sichereren Surfen
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind. Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun. Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun. |
|
WARNUNG an die MITLESER: 
Linear-Darstellung
