Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Echtzeitscanner meldet Problem: services.exe w32/patched.uc (https://www.trojaner-board.de/137093-echtzeitscanner-meldet-problem-services-exe-w32-patched-uc.html)

tha619 24.06.2013 07:47
Echtzeitscanner meldet Problem: services.exe w32/patched.uc
 
Hallo liebe Community,

ich habe seit ein paar Tagen das PRoblem, das mein Avira Echtzeitscanner ein Problem meldet das ein Trojaner gefunden wurde(services.exe w32/patched.uc)

Avira schlägt vor diesen zu entfernen, doch leider sobald ich auf entfernen klicke, kommt sofort wieder die gleiche Meldung.
#
Ich habe die vorbereitungen für den Trojaner bereits getroffen, allerding ein Problem gehabt mit dem Gmer.exe welches eine gewisse Zeit lief und ich dann einen Bluescreen erhalten habe.

extras.txt:[
Code:
OTL Extras logfile created on: 22.06.2013 12:47:06 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Nico\Desktop\Gegen Virus
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,86 Gb Total Physical Memory | 6,12 Gb Available Physical Memory | 77,90% Memory free
15,71 Gb Paging File | 13,65 Gb Available in Paging File | 86,91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,54 Gb Total Space | 541,71 Gb Free Space | 79,84% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 544,40 Gb Free Space | 77,92% Space Free | Partition Type: NTFS
 
Computer Name: NICO-PC | User Name: Nico | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Nico\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- "C:\Users\Nico\AppData\Roaming\File Scout\filescout.exe" /open "%1" ()
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0AFFEA39-60AF-4C4F-BB47-4A1F7CB12129}" = HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6
"{0D432429-C79C-462D-ABD8-4D82B83A954B}" = Microsoft SQL Server System CLR Types (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2A6823CE-23A8-35B3-8342-162A973CDD5B}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{30AD92E0-E077-EA9A-2D30-97C5E6644930}" = ccc-utility64
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53952792-BF16-300E-ADF2-E7E4367E00CF}" = Visual Studio 2010 Prerequisites - English
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5ADA62BD-2FC0-4ECE-93AA-C933E69B2AB5}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6AF73222-EE90-434C-AE7E-B96F70A68D89}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{75C461E9-0D7A-4B55-B9A4-66D6ED878038}" = Ufasoft SocksChain
"{7688DE34-87F5-45D5-AADA-E5501C1E0814}" = Oracle VM VirtualBox 4.1.0
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) de
"{7ACE202B-1B01-4B43-B6AE-03D66D621CDE}" = Microsoft SQL Server 2008 RsFx Driver
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{81455DEB-FC7E-3EE5-85CA-2EBDD9FD61EB}" = Microsoft Visual C++  Compilers 2010 Standard - enu - x64
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{8325FD0C-2FDB-46C3-921A-3A78385EA972}" = Microsoft SQL Server 2008 Native Client
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E16BB50-E49A-3647-BD4D-4D150DCCBFAE}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{8F7F2D9C-2DBE-4F10-9C7C-2724110A3339}" = Windows Live Remote Service Resources
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A2AD24-BD44-3E39-A31F-CE928276577E}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A1F50E06-E514-393D-AAEB-2F989F0B7C68}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A6E0F6BE-30AC-4D36-97B0-1AC20E23CB83}" = Windows Live Remote Client Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B143BE44-8723-315E-9413-011C55873C0E}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{B9E62002-BD74-30EC-9049-93E0E003C736}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C214301F-F5D7-36D9-B3A2-1467C5586495}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB0FD760-C6C6-3AF6-AD18-FE3B3B78727D}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D0CB24F4-084F-40DE-B6B9-A03626E682F0}" = iCloud
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D57519D3-2E37-3E34-94AF-4D59BFAB87E6}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DDDB6BC8-496D-4058-9E68-4B5B08C2F076}" = CD- und DVD-Sharing
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E5748D30-7E6D-3A8E-BFE6-C1D02C6DDABB}" = Microsoft Help Viewer 1.1
"{E7F13A64-2E17-6800-06A9-D898C728A755}" = ATI Catalyst Install Manager
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}" = Microsoft Sync Framework Services v1.0 SP1 (x64) de
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.7
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{003BFBBD-6C67-419E-A24D-0DCAFC3A5249}" = tools-freebsd
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{01501EBA-EC35-4F9F-8889-3BE346E5DA13}" = MSXML4 Parser
"{01994B47-23FB-7678-E11A-ACB21F6EFA08}" = CCC Help Korean
"{0215ADBE-2C36-1651-F537-A37749153A65}" = CCC Help Japanese
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{08DA8E46-ED67-451A-9246-50E0FF6959C9}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0CDBAAE4-BD9F-5DB4-BA6A-58373173FD4E}" = PX Profile Update
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0DAC2E86-97E8-94F6-5BF0-C08043BFF517}" = CCC Help Turkish
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{120C160F-F53D-4A15-A873-E79BF5B98B48}" = Windows Live Photo Common
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2 Deluxe
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{197597A7-AD33-4898-9D8E-73066818B464}" = tools-netware
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1AA5BD63-6614-44B2-88A7-605191EDB835}" = Dotfuscator Software Services - Community Edition
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20381A8A-808E-4A53-B6CD-AD2B85E16365}" = Windows Live UX Platform Language Pack
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{226F0D93-76DE-4F1C-B14D-DE10443ADB60}" = Windows Live Movie Maker
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2BB6EF5D-44A3-5206-BBD5-26ECC066F58F}" = CCC Help English
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2F8B731A-5F2D-3EA8-8B25-C3E5E43F4BDB}" = Microsoft Visual C++  Compilers 2010 Standard - enu - x86
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{304D04C5-C4C7-DF22-E13B-653E48C841EE}" = CCC Help Finnish
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Packard Bell Power Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{41F11B70-481A-76A9-3D4B-2D368F192CF5}" = CCC Help Russian
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{45A5BEBD-2CA0-6B5D-70EC-D0DED8B0A473}" = CCC Help Polish
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{49DC7D87-B9F9-4782-9386-B7F13BC75E48}" = Adobe Creative Suite 5 Design Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D27EAF3-5029-65C1-F240-48B1335F129B}" = CCC Help French
"{4D7BAC8A-51B8-4243-8567-1415C4272D13}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.5
"{4E803843-C363-50D6-6CB2-5F11D667602D}" = CCC Help Danish
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{545C7FEC-BC4C-41DA-D6C1-59513E428CBE}" = CCC Help Norwegian
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{54FCE80F-7ED4-4612-29EA-3CBE66313038}" = CCC Help Czech
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{57CA189D-BAEB-49BC-AE75-CE70E9B775E1}" = Catalyst Control Center - Branding
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{68AFA3A7-9265-4ABD-994A-ACA413E3715C}" = Nero Multimedia Suite 10 Essentials
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6C25E9F7-D3F2-77A7-6C10-C1BD7B6C6280}" = CCC Help Dutch
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E839820-0BBA-4310-9D06-4463BAEA6641}" = Secure Download Manager
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-packardbell" = WildTangent Games App (Packard Bell Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{76454862-992F-4A12-9D61-76E52A1C6922}" = Windows Live Messenger
"{76C064E2-BB99-4453-8FDA-42BC01AD0734}" = Control ActiveX del Windows Live Mesh per a connexions remotes
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BA6DF02-B094-45D7-A3C9-BE3684253922}" = Urruneko konexioetarako Windows Live Mesh ActiveX kontrola
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7D99B933-E29C-4599-92F0-DAED2AF041E3}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Packard Bell Recovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{803910CC-3A39-45E3-A594-0D5512A60A86}" = Microsoft Silverlight 4 SDK - Deutsch
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84402369-AD42-8C41-090F-468BC3B1CEBB}" = CCC Help Chinese Traditional
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{85467CBC-7A39-33C9-8940-D72D9269B84F}" = Microsoft Visual F# 2.0 Runtime
"{85498904-0748-45AA-9482-6DB8EA971B91}" = DJ_AIO_06_F4500_SW_MIN
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{86F444A5-C9B9-41DC-AF28-B5E46F5497C7}" = Windows Live Argazki Galeria
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89CD148A-64A8-18AA-E2E0-AF784B03D14E}" = CCC Help Hungarian
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E285C75-9BE2-4349-972B-DECDDF472656}" = Windows Live Writer Resources
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{919E5477-D20B-4F64-AE8B-8199469F7817}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93C4B7D5-4E00-491F-BA3E-25B7B63EE7F6}" = Windows Live Mail
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AA9248E-C0E7-F51E-5B0E-F9C00D8663C8}" = Catalyst Control Center Localization All
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9E2C5B0E-7A2D-4767-A9B2-77469FB1873A}" = Windows Live Mesh
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Video Web Camera
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = HomeMedia
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AAFDD7EF-1580-E9B2-6723-EBB386DD3253}" = CCC Help Thai
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB1C87CB-1807-4CF0-B4C2-CEE14C18CDB4}" = tools-solaris
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AE0F62A7-A1A2-407F-9F4C-48939BD9AD8D}" = tools-winPre2k
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B001BC87-1A45-3656-AD07-213ED52F13E2}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B22FB9DD-BA6C-CFCF-C31F-C19E611D6B7D}" = CCC Help Spanish
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B5DAF7CF-928B-3A5E-7BF5-8CCE4F5F69A4}" = CCC Help Chinese Standard
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}" = Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CAD6AA29-9CA1-384D-8034-566261CFCC9B}" = Microsoft Visual Studio 2010 Professional - DEU
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0083B85-A6DE-12E3-4AD3-AC4D44854222}" = CCC Help Italian
"{D069BF2F-8648-B4CE-FB72-09B1ABC74288}" = Catalyst Control Center Profiles Mobile
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D102611A-6466-4101-A51D-51069303AC65}" = tools-linux
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D265857F-A9CB-C813-7F98-13A210DEF14C}" = Catalyst Control Center
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D57EE916-8D07-12B9-AEE6-95579E3ED100}" = CCC Help Greek
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}" = WCF RIA Services V1.0 SP1
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{DFB53C63-3092-9EE6-3628-541479E81347}" = CCC Help Portuguese
"{DFF8BA6D-A415-F77C-2AAC-C1413B5D75E4}" = Catalyst Control Center InstallProxy
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E22F5F97-BEFE-9ACB-8410-9DD3AC2C4D8D}" = CCC Help Swedish
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E737A098-F161-4B6F-AF22-86AAE34F6FBD}" = Pro Evolution Soccer 2012
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Packard Bell Updater
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F3080E90-9674-1627-2654-98437E7B31ED}" = CCC Help German
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Mythology 1.0" = Age of Mythology
"Age of Mythology Expansion Pack 1.0" = Age of Mythology - The Titans Expansion
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BitTorrent" = BitTorrent
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysis 3 Repack" = Crysis 3 Repack
"DAEMON Tools Pro" = DAEMON Tools Pro
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"ESN Sonar-0.70.4" = ESN Sonar
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"Identity Card" = Identity Card
"InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}" = Packard Bell Social Networks
"InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Video Web Camera
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"JAP" = JAP
"LManager" = Launch Manager
"Microsoft Visual Studio 2010 Professional - DEU" = Microsoft Visual Studio 2010 Professional - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Origin" = Origin
"Packard Bell Registration" = Packard Bell Registration
"Packard Bell Screensaver" = Packard Bell ScreenSaver
"Packard Bell Welcome Center" = Welcome Center
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"QUICKfind" = QUICKfind server v1.1
"SDR2" = Schlag den Raab - Das 2. Spiel
"SopCast" = SopCast 3.5.0
"TeamViewer 8" = TeamViewer 8
"TmNationsForever_is1" = TmNationsForever
"Veetle TV" = Veetle TV
"VMware_Workstation" = VMware Workstation
"WildTangent packardbell Master Uninstall" = Packard Bell Games
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.6.5
"WTA-097698c1-ac2b-4e3d-a584-f63e3f261045" = Agatha Christie - Death on the Nile
"WTA-120799f0-decd-4f3f-857a-8bc7404ae492" = Wedding Dash
"WTA-18abb06b-0abb-4d88-9c73-de3aadd15103" = Penguins!
"WTA-198068e5-fa33-4f27-b2b8-8e9d7438b83e" = Plants vs. Zombies - Game of the Year
"WTA-44391705-247a-493c-a4dd-88ea6450c175" = John Deere Drive Green
"WTA-474ec203-5ddd-4a75-a64b-056bb519612d" = FATE
"WTA-50a654fd-b1f8-4d05-a6e2-3f04ed31ec0a" = Torchlight
"WTA-544ebf27-7649-426a-9c98-55f573341600" = Virtual Villagers 4 - The Tree of Life
"WTA-74d60564-628e-4dee-98c8-3c381d2669ff" = Chuzzle Deluxe
"WTA-797aedb6-f9fb-45f5-a323-ceab520450f7" = Zuma Deluxe
"WTA-8ea8b43b-6a90-4f9d-937f-188d87e36658" = Crazy Chicken Kart 2
"WTA-b198e30f-f931-4a65-9b2e-eaf7229a5db8" = Jewel Match 3
"WTA-be3d23a3-2793-4792-a873-a0675508f340" = Jewel Quest Solitaire
"WTA-cd76a674-7f8b-4b7b-867e-4143b820cb60" = Mystery of Mortlake Mansion
"WTA-d7d8d478-27c9-4e67-87cc-ada6d6487503" = Bejeweled 2 Deluxe
"WTA-da034eb0-f51a-4b04-bde2-1fe1e0d0111a" = Slingo Deluxe
"WTA-ec963444-8ef3-469c-89bd-b3f7849e1def" = Final Drive: Nitro
"WTA-f5a2092c-8af5-430b-a2d8-c2facd1c8f6c" = Polar Bowler
"WTA-fe57456c-c679-493a-b16a-aaca21193f05" = Insaniquarium Deluxe
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.06.2013 06:54:45 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x164  Startzeit der fehlerhaften Anwendung: 0x01ce6f36e7c8219e  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 25a43149-db2a-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 06:55:46 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x550  Startzeit der fehlerhaften Anwendung: 0x01ce6f370c089992  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 49f5c07d-db2a-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 06:56:46 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x4f8  Startzeit der fehlerhaften Anwendung: 0x01ce6f37305b885a  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 6e3af372-db2a-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 06:57:48 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x1170  Startzeit der fehlerhaften Anwendung: 0x01ce6f3755083133  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 92ee5324-db2a-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 06:58:49 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x10c4  Startzeit der fehlerhaften Anwendung: 0x01ce6f37795357ae  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: b73274a5-db2a-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 06:59:50 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x124c  Startzeit der fehlerhaften Anwendung: 0x01ce6f379dab0179  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: db8d04aa-db2a-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 07:00:51 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x63c  Startzeit der fehlerhaften Anwendung: 0x01ce6f37c248b5f9  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 00233eff-db2b-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 07:01:52 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0xb30  Startzeit der fehlerhaften Anwendung: 0x01ce6f37e68a8d82  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 247172c6-db2b-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 07:02:53 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0x124c  Startzeit der fehlerhaften Anwendung: 0x01ce6f380aeae9fd  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 48c7e40b-db2b-11e2-9400-b870f487d6cf
 
Error - 22.06.2013 07:03:55 | Computer Name = Nico-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x74ddc9f1  ID des fehlerhaften
 Prozesses: 0xc64  Startzeit der fehlerhaften Anwendung: 0x01ce6f3830057172  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\svchost.exe  Pfad des fehlerhaften Moduls:
 unknown  Berichtskennung: 6dee046b-db2b-11e2-9400-b870f487d6cf
 
[ System Events ]
Error - 22.06.2013 06:58:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 06:59:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:00:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:01:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:02:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:03:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:04:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:05:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:06:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
 
Error - 22.06.2013 07:07:00 | Computer Name = Nico-PC | Source = Service Control Manager | ID = 7023
Description =
defogger_disable folgendes:
Anhang 56868


und gmer.exe nach bluescreen dies :

Anhang 56869




Ich wäre froh wenn mir jemand helfen könnte.

Vielen Dank schonmal im vorraus!

schrauber 24.06.2013 08:43
Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

tha619 24.06.2013 13:39
Erst einmal vielen Dank das du dir mein Problem annimmst :)


Also FRST.txt ist folgende:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by Nico (administrator) on 24-06-2013 14:29:43
Running from C:\Users\Nico\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Windows\system32\services.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
() C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
() C:\Users\Nico\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CD- und DVD-Sharing] "C:\Program Files\CD- und DVD-Sharing\ODSAgent.exe" [582256 2010-04-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKCU\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKCU\...\Run: [AdobeBridge]  [x]
HKCU\...\Run: [Google Update] "C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-08-26] (Google Inc.)
HKCU\...\Run: [Facebook Update] "C:\Users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2013-01-04] (Facebook Inc.)
MountPoints2: {ba655669-f6a7-11e1-8ea2-b870f487d6cf} - G:\Autorun.exe
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [129648 2011-09-23] (VMware, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll  [2521552 2013-06-03] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
URLSearchHook: (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} -  No File
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=031012_ccp_4012_8&babsrc=SP_ss&mntrId=2cba4256000000000000d0df9a96774e
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=23B62FAA28623C9359D0A45077CD7277&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 C:\Windows\System32\socketspy.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\System32\socketspy.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog9 12 mswsock.dll File Not found ()
Winsock: Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 14 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 15 C:\Windows\System32\socketspy.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Winsock: Catalog9-x64 02 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Winsock: Catalog9-x64 11 mswsock.dll File Not found ()
Winsock: Catalog9-x64 12 mswsock.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 14 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Lavasoft Search Plugin - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF Extension: DVDVideoSoftTB DE  - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
FF Extension: Yahoo! Toolbar - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: No Name - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm\10.14.250.13_0
CHR Extension: () - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.19.11_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (StumbleUpon) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg\3.97.1_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-28] (Avira Operations GmbH & Co. KG)
R2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264 2013-06-03] ()
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-03-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 StumbleUponUpdater; C:\Users\Nico\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-04] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-07-19] (Oracle Corporation)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-24 14:20 - 2013-06-24 14:20 - 00000000 ____D C:\FRST
2013-06-24 14:19 - 2013-06-24 14:19 - 01931364 ____A (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2013-06-23 13:01 - 2013-06-23 13:31 - 89977796 ____A C:\Users\Nico\Downloads\D.DX.12.13.part8.rar
2013-06-23 12:17 - 2013-06-23 21:54 - 93616457 ____A C:\Users\Nico\Downloads\D.DX.12.13.part7.rar.part
2013-06-23 11:21 - 2013-06-23 11:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{1D2962E8-3E0C-42C5-A949-111D92C99983}
2013-06-22 17:29 - 2013-06-22 17:29 - 00262144 ____A C:\Windows\Minidump\062213-26738-01.dmp
2013-06-22 13:45 - 2013-06-22 17:29 - 580052725 ____A C:\Windows\MEMORY.DMP
2013-06-22 13:45 - 2013-06-22 17:29 - 00000000 ____D C:\Windows\Minidump
2013-06-22 13:45 - 2013-06-22 13:45 - 00262144 ____A C:\Windows\Minidump\062213-29936-01.dmp
2013-06-22 12:41 - 2013-06-22 12:41 - 00000392 ____A C:\Users\Nico\defogger_reenable
2013-06-22 12:29 - 2013-06-22 13:50 - 00000000 ____D C:\Users\Nico\Desktop\Gegen Virus
2013-06-22 12:21 - 2013-06-23 12:16 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part4.rar
2013-06-21 14:21 - 2013-06-21 14:21 - 00000000 ____D C:\Users\Nico\Downloads\SpybotPortable
2013-06-21 14:19 - 2013-06-21 14:20 - 57524944 ____A (PortableApps.com) C:\Users\Nico\Downloads\SpybotPortable_2.1.paf.exe
2013-06-21 14:14 - 2013-06-21 14:14 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nico\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-21 13:57 - 2013-06-24 14:16 - 00000616 ____A C:\Windows\setupact.log
2013-06-21 13:57 - 2013-06-21 13:57 - 00000000 ____A C:\Windows\setuperr.log
2013-06-21 13:56 - 2013-06-21 13:56 - 00000824 ____A C:\Windows\PFRO.log
2013-06-20 22:39 - 2013-06-20 22:39 - 00000019 ____A C:\Users\Nico\Desktop\in 1,5 aus.cmd
2013-06-20 22:28 - 2013-06-20 22:28 - 00000000 ____D C:\Windows\Profiles\Nico
2013-06-20 22:16 - 2013-06-20 22:30 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-20 22:15 - 2013-06-22 11:30 - 00000000 ____D C:\Users\Nico\AppData\Roaming\vlc
2013-06-20 22:15 - 2013-06-20 22:15 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 22:12 - 2013-06-20 22:12 - 23229256 ____A C:\Users\Nico\Downloads\vlc-2.0.7-win64.exe
2013-06-20 22:07 - 2013-06-20 22:42 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part3.rar
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Nico\AppData\Roaming\File Scout
2013-06-20 20:02 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-20 19:41 - 2013-06-20 19:41 - 01125456 ____A (BitTorrent Inc.) C:\Users\Nico\Downloads\BitTorrent.exe
2013-06-20 19:21 - 2013-06-20 19:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{F9859730-4A8B-4935-96F9-B5159219BD09}
2013-06-18 16:39 - 2013-06-18 16:39 - 00000000 ____D C:\Users\Nico\AppData\Local\{A3B9C5E6-D87F-4DB1-AA34-8258F0A6D317}
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2013-06-17 21:27 - 2013-06-17 21:27 - 00000000 ____D C:\ProgramData\VS
2013-06-17 21:25 - 2013-06-17 21:25 - 00000000 ____D C:\fbabd28d772111eec99e8982
2013-06-17 18:08 - 2013-06-17 18:08 - 00001795 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-17 18:07 - 2013-06-17 18:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 18:07 - 2013-06-17 18:08 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 18:07 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iPod
2013-06-14 14:31 - 2013-06-12 21:15 - 00000101 ____A C:\Users\Nico\Downloads\ind-scary.nfo
2013-06-14 14:30 - 2013-06-14 14:30 - 00000466 ____A C:\Users\Nico\Desktop\DATA (D) - Verknüpfung.lnk
2013-06-13 17:22 - 2013-06-13 21:27 - 731594045 ____A C:\Users\Nico\Downloads\342fdsfssmo5.rar
2013-06-12 15:53 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 15:53 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 15:53 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 15:53 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 15:53 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 15:53 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 15:53 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 15:53 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 15:53 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 15:53 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 15:53 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 15:53 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 15:53 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 15:53 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 15:53 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 15:53 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 15:53 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 15:53 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 15:53 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 15:53 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 15:53 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 15:53 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 15:53 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 15:53 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 15:53 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 15:53 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 15:53 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 15:53 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 15:53 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 15:53 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 15:53 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 15:53 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:50 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:50 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:50 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:50 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:50 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:50 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:50 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:50 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:50 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 13:55 - 2013-06-11 13:55 - 00000000 ____D C:\Users\Nico\AppData\Local\{4FC71047-D567-49F4-BF1A-EE9BEC968BA8}
2013-06-08 18:41 - 2013-06-08 18:41 - 00000000 ____D C:\Users\Nico\AppData\Local\{D8BDBDB0-6714-480D-91FC-2F101077576A}
2013-06-05 15:41 - 2013-06-05 15:41 - 00001036 ____A C:\Users\Nico\Desktop\ILS-SimV4.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2013-06-24 14:30 - 2012-08-29 20:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-24 14:30 - 2012-08-26 15:03 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
2013-06-24 14:29 - 2012-04-21 12:08 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Skype
2013-06-24 14:24 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-24 14:24 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-24 14:20 - 2013-06-24 14:20 - 00000000 ____D C:\FRST
2013-06-24 14:20 - 2011-08-18 13:46 - 00765954 ____A C:\Windows\System32\perfh007.dat
2013-06-24 14:20 - 2011-08-18 13:46 - 00174834 ____A C:\Windows\System32\perfc007.dat
2013-06-24 14:20 - 2009-07-14 07:13 - 01808082 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-24 14:19 - 2013-06-24 14:19 - 01931364 ____A (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2013-06-24 14:16 - 2013-06-21 13:57 - 00000616 ____A C:\Windows\setupact.log
2013-06-24 14:16 - 2012-01-13 17:01 - 00000000 ____D C:\ProgramData\VMware
2013-06-24 14:16 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-23 21:54 - 2013-06-23 12:17 - 93616457 ____A C:\Users\Nico\Downloads\D.DX.12.13.part7.rar.part
2013-06-23 21:00 - 2012-08-26 15:03 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
2013-06-23 20:51 - 2013-01-04 00:04 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
2013-06-23 13:31 - 2013-06-23 13:01 - 89977796 ____A C:\Users\Nico\Downloads\D.DX.12.13.part8.rar
2013-06-23 13:24 - 2012-06-06 21:16 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Spotify
2013-06-23 12:16 - 2013-06-22 12:21 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part4.rar
2013-06-23 11:48 - 2011-12-19 17:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-23 11:21 - 2013-06-23 11:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{1D2962E8-3E0C-42C5-A949-111D92C99983}
2013-06-22 17:29 - 2013-06-22 17:29 - 00262144 ____A C:\Windows\Minidump\062213-26738-01.dmp
2013-06-22 17:29 - 2013-06-22 13:45 - 580052725 ____A C:\Windows\MEMORY.DMP
2013-06-22 17:29 - 2013-06-22 13:45 - 00000000 ____D C:\Windows\Minidump
2013-06-22 13:50 - 2013-06-22 12:29 - 00000000 ____D C:\Users\Nico\Desktop\Gegen Virus
2013-06-22 13:45 - 2013-06-22 13:45 - 00262144 ____A C:\Windows\Minidump\062213-29936-01.dmp
2013-06-22 13:33 - 2011-12-14 09:59 - 00000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2013-06-22 12:41 - 2013-06-22 12:41 - 00000392 ____A C:\Users\Nico\defogger_reenable
2013-06-22 12:41 - 2011-12-08 15:43 - 00000000 ____D C:\users\Nico
2013-06-22 11:30 - 2013-06-20 22:15 - 00000000 ____D C:\Users\Nico\AppData\Roaming\vlc
2013-06-22 11:18 - 2013-03-19 22:58 - 00629248 __ASH C:\Users\Nico\Desktop\Thumbs.db
2013-06-21 23:08 - 2013-01-04 00:03 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
2013-06-21 14:21 - 2013-06-21 14:21 - 00000000 ____D C:\Users\Nico\Downloads\SpybotPortable
2013-06-21 14:20 - 2013-06-21 14:19 - 57524944 ____A (PortableApps.com) C:\Users\Nico\Downloads\SpybotPortable_2.1.paf.exe
2013-06-21 14:14 - 2013-06-21 14:14 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nico\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-21 13:57 - 2013-06-21 13:57 - 00000000 ____A C:\Windows\setuperr.log
2013-06-21 13:56 - 2013-06-21 13:56 - 00000824 ____A C:\Windows\PFRO.log
2013-06-20 22:42 - 2013-06-20 22:07 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part3.rar
2013-06-20 22:39 - 2013-06-20 22:39 - 00000019 ____A C:\Users\Nico\Desktop\in 1,5 aus.cmd
2013-06-20 22:30 - 2013-06-20 22:16 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-20 22:28 - 2013-06-20 22:28 - 00000000 ____D C:\Windows\Profiles\Nico
2013-06-20 22:15 - 2013-06-20 22:15 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 22:12 - 2013-06-20 22:12 - 23229256 ____A C:\Users\Nico\Downloads\vlc-2.0.7-win64.exe
2013-06-20 22:08 - 2012-01-12 19:08 - 00000000 ____D C:\Users\Nico\AppData\Roaming\BitTorrent
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Nico\AppData\Roaming\File Scout
2013-06-20 19:44 - 2012-01-12 19:09 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2013-06-20 19:41 - 2013-06-20 19:41 - 01125456 ____A (BitTorrent Inc.) C:\Users\Nico\Downloads\BitTorrent.exe
2013-06-20 19:21 - 2013-06-20 19:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{F9859730-4A8B-4935-96F9-B5159219BD09}
2013-06-19 18:38 - 2012-06-06 21:17 - 00000000 ____D C:\Users\Nico\AppData\Local\Spotify
2013-06-19 15:31 - 2012-08-26 15:05 - 00002374 ____A C:\Users\Nico\Desktop\Google Chrome.lnk
2013-06-18 16:39 - 2013-06-18 16:39 - 00000000 ____D C:\Users\Nico\AppData\Local\{A3B9C5E6-D87F-4DB1-AA34-8258F0A6D317}
2013-06-18 15:50 - 2011-12-09 15:06 - 01786150 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 15:32 - 2012-03-26 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-18 15:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\MSBuild
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2013-06-17 21:28 - 2012-03-26 20:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-17 21:27 - 2013-06-17 21:27 - 00000000 ____D C:\ProgramData\VS
2013-06-17 21:25 - 2013-06-17 21:25 - 00000000 ____D C:\fbabd28d772111eec99e8982
2013-06-17 18:08 - 2013-06-17 18:08 - 00001795 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-17 18:08 - 2013-06-17 18:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 18:08 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 18:08 - 2012-10-13 14:19 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-17 18:07 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iPod
2013-06-14 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 14:30 - 2013-06-14 14:30 - 00000466 ____A C:\Users\Nico\Desktop\DATA (D) - Verknüpfung.lnk
2013-06-13 21:27 - 2013-06-13 17:22 - 731594045 ____A C:\Users\Nico\Downloads\342fdsfssmo5.rar
2013-06-12 21:15 - 2013-06-14 14:31 - 00000101 ____A C:\Users\Nico\Downloads\ind-scary.nfo
2013-06-12 21:15 - 2013-02-06 22:32 - 00000341 ____A C:\Users\Nico\Downloads\www.goldesel.to - www.charts.to .txt
2013-06-12 21:15 - 2013-02-06 22:32 - 00000291 ____A C:\Users\Nico\Downloads\Charts.to - Die ultimative Seite fuer Charts als Direkt-Download.url
2013-06-12 21:15 - 2013-02-06 22:32 - 00000220 ____A C:\Users\Nico\Downloads\Goldesel.to - Die Seite fuer Direkt-Downloads aller Art.url
2013-06-12 18:30 - 2012-04-14 15:21 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:30 - 2011-07-25 12:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 15:51 - 2011-12-17 14:27 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 15:07 - 2013-01-24 18:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-12 15:07 - 2011-07-25 11:54 - 00000000 ____D C:\ProgramData\Skype
2013-06-11 13:55 - 2013-06-11 13:55 - 00000000 ____D C:\Users\Nico\AppData\Local\{4FC71047-D567-49F4-BF1A-EE9BEC968BA8}
2013-06-10 16:40 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-08 18:41 - 2013-06-08 18:41 - 00000000 ____D C:\Users\Nico\AppData\Local\{D8BDBDB0-6714-480D-91FC-2F101077576A}
2013-06-08 17:43 - 2011-12-15 23:13 - 00000616 ____A C:\Users\Nico\Documents\ax_files.xml
2013-06-07 13:44 - 2012-11-05 18:14 - 00000000 ____D C:\Users\Nico\AppData\Local\Origin
2013-06-07 13:44 - 2012-11-05 18:07 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-05 15:46 - 2013-04-13 19:06 - 00000000 __SHD C:\Users\Nico\wc
2013-06-05 15:41 - 2013-06-05 15:41 - 00001036 ____A C:\Users\Nico\Desktop\ILS-SimV4.exe - Verknüpfung.lnk
2013-06-05 09:21 - 2012-10-06 16:46 - 00000000 ____D C:\ProgramData\Browser Manager
2013-06-03 17:21 - 2013-04-07 11:47 - 01130496 ____A C:\Users\Nico\Desktop\Schuppenat_Noel_09A (2).lpo
2013-05-28 15:05 - 2013-06-20 20:02 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

ZeroAccess:
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\00000004.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\76603ac3
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000004.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000008.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\000000cb.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000000.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000032.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-07-14 01:19] - [2009-07-14 03:39] - 0329216 ____N () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\services.exe IS INFECTED. <===== ATTENTION!

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Program Files\Windows Defender\mpsvc.dll => ATTENTION: ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender


LastRegBack: 2013-06-14 22:11

==================== End Of Log ============================
--- --- ---


und in der Addition.txt steht:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2013
Ran by Nico at 2013-06-24 14:31:16
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? (x32 Version: 15.4.5722.2)
???? ??? Windows Live (x32 Version: 15.4.3502.0922)
???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? (x32 Version: 15.4.5722.2)
???? Windows Live (x32 Version: 15.4.3502.0922)
?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922)
??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? (x32 Version: 15.4.5722.2)
??????? Windows Live Mesh ActiveX ??? (x32 Version: 15.4.5722.2)
???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922)
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) (x32 Version: 15.4.5722.2)
?????????? Windows Live (x32 Version: 15.4.3502.0922)
??????????? ?? Windows Live (x32 Version: 15.4.3502.0922)
64 Bit HP CIO Components Installer (Version: 6.2.2)
ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? (x32 Version: 15.4.5722.2)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2)
Adobe AIR (x32 Version: 1.5.3.9120)
Adobe Community Help (x32 Version: 3.0.0)
Adobe Community Help (x32 Version: 3.0.0.400)
Adobe Creative Suite 5 Design Standard (x32 Version: 5.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Media Player (x32 Version: 1.8)
Adobe Reader X (10.1.7) MUI (x32 Version: 10.1.7)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Age of Mythology - The Titans Expansion (x32)
Age of Mythology (x32)
AMD APP SDK Runtime (Version: 2.4.650.9)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.36)
ATI Catalyst Install Manager (Version: 3.0.829.0)
Avira Free Antivirus (x32 Version: 13.0.0.3640)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlelog Web Plugins (x32 Version: 2.1.3)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95)
BitTorrent (x32 Version: 7.8.0.29676)
Bonjour (Version: 3.0.0.10)
Browser Manager (x32)
Call of Duty Modern Warfare 3 (c) Activision version 1 (x32 Version: 1)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2011.0524.2352.41027)
Catalyst Control Center InstallProxy (x32 Version: 2011.0524.2352.41027)
Catalyst Control Center Localization All (x32 Version: 2011.0524.2352.41027)
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0524.2352.41027)
CCC Help Chinese Standard (x32 Version: 2011.0524.2351.41027)
CCC Help Chinese Traditional (x32 Version: 2011.0524.2351.41027)
CCC Help Czech (x32 Version: 2011.0524.2351.41027)
CCC Help Danish (x32 Version: 2011.0524.2351.41027)
CCC Help Dutch (x32 Version: 2011.0524.2351.41027)
CCC Help English (x32 Version: 2011.0524.2351.41027)
CCC Help Finnish (x32 Version: 2011.0524.2351.41027)
CCC Help French (x32 Version: 2011.0524.2351.41027)
CCC Help German (x32 Version: 2011.0524.2351.41027)
CCC Help Greek (x32 Version: 2011.0524.2351.41027)
CCC Help Hungarian (x32 Version: 2011.0524.2351.41027)
CCC Help Italian (x32 Version: 2011.0524.2351.41027)
CCC Help Japanese (x32 Version: 2011.0524.2351.41027)
CCC Help Korean (x32 Version: 2011.0524.2351.41027)
CCC Help Norwegian (x32 Version: 2011.0524.2351.41027)
CCC Help Polish (x32 Version: 2011.0524.2351.41027)
CCC Help Portuguese (x32 Version: 2011.0524.2351.41027)
CCC Help Russian (x32 Version: 2011.0524.2351.41027)
CCC Help Spanish (x32 Version: 2011.0524.2351.41027)
CCC Help Swedish (x32 Version: 2011.0524.2351.41027)
CCC Help Thai (x32 Version: 2011.0524.2351.41027)
CCC Help Turkish (x32 Version: 2011.0524.2351.41027)
ccc-utility64 (Version: 2011.0524.2352.41027)
CCleaner (Version: 4.01)
CD- und DVD-Sharing (Version: 1.4.1.3)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Control ActiveX del Windows Live Mesh per a connexions remotes (x32 Version: 15.4.5722.2)
Control ActiveX Windows Live Mesh pentru conexiuni la distan?a (x32 Version: 15.4.5722.2)
Controle ActiveX do Windows Live Mesh para Conexões Remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2)
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97)
Crysis 3 Repack (x32)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240)
CyberLink MediaEspresso (x32 Version: 6.5.2113_41116)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Pro (x32 Version: 5.1.0.0333)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DJ_AIO_06_F4500_SW_MIN (x32 Version: 140.0.690.000)
Dotfuscator Software Services - Community Edition - DEU (x32 Version: 5.0.2300.0)
Dotfuscator Software Services - Community Edition (x32 Version: 5.0.2500.0)
DVDVideoSoftTB DE Toolbar (x32 Version: 6.9.0.16)
ESN Sonar (x32 Version: 0.70.4)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FATE (x32 Version: 2.2.0.97)
Final Drive: Nitro (x32 Version: 2.2.0.95)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polaczen zdalnych (x32 Version: 15.4.5722.2)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
FUSSBALL MANAGER 13 (x32 Version: 1.0.1.0)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922)
Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Galerie foto Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (HKCU Version: 27.0.1453.116)
HomeMedia (x32 Version: 2.0.8920)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2813041) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (x32 Version: 1)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2813041) (x32 Version: 1)
HP Deskjet F4500 All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
iCloud (Version: 2.1.1.3)
ICQ7.7 (x32 Version: 7.7)
Identity Card (x32 Version: 1.00.3501)
Insaniquarium Deluxe (x32 Version: 2.2.0.97)
Intel(R) Display Audio Driver (x32 Version: 6.14.00.3074)
Intel(R) Management Engine Components (x32 Version: 7.0.0.1144)
Intel(R) Rapid Storage Technology (x32 Version: 10.1.2.1004)
iTunes (Version: 11.0.4.4)
JAP (x32 Version: 00.16.006)
Java Auto Updater (x32 Version: 2.0.6.1)
Java(TM) 6 Update 31 (x32 Version: 6.0.310)
JDownloader 0.9 (x32 Version: 0.9)
Jewel Match 3 (x32 Version: 2.2.0.97)
Jewel Quest Solitaire (x32 Version: 2.2.0.95)
John Deere Drive Green (x32 Version: 2.2.0.95)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Kontrola Windows Live Mesh ActiveX za daljinske veze (x32 Version: 15.4.5722.2)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (x32 Version: 15.4.5722.2)
Launch Manager (x32 Version: 5.1.7)
Medal of Honor (TM) (x32 Version: 1.0.0.0)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (x32 Version: 2.0.50331.0)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (x32 Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (x32 Version: 2.0.50217.0)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Business 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Silverlight 3 SDK - Deutsch (x32 Version: 3.0.40818.0)
Microsoft Silverlight 4 SDK - Deutsch (x32 Version: 4.0.50826.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft SQL Server 2008 (64-bit)
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22)
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0)
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Management Objects (x64) (Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (x32 Version: 10.50.1752.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (x32 Version: 10.50.1750.9)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0)
Microsoft SQL Server Compact 3.5 SP2 DEU (x32 Version: 3.5.8080.0)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (x32 Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1750.9)
Microsoft SQL Server System CLR Types (x64) (Version: 10.50.1750.9)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 de (x32 Version: 1.0.3010.0)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219)
Microsoft Team Foundation Server 2010-Objektmodell - DEU (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime (x32 Version: 10.0.40219)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219)
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.30319)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.31010)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.31007)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.31007)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML4 Parser (x32 Version: 1.0.0)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Nero BackItUp 10 (x32 Version: 5.8.11000.8.100)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700)
Nero Control Center 10 (x32 Version: 10.6.12700.0.7)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10700)
Nero Core Components 10 (x32 Version: 2.0.19900.9.11)
Nero DiscSpeed 10 (x32 Version: 6.2.10500.2.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.6.10700.5.100)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10300)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.6.10300)
Nero RescueAgent 10 (x32 Version: 3.6.10500.3.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10700)
Nero StartSmart 10 (x32 Version: 10.2.11600.14.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 1.0.10900.31.0)
Network64 (Version: 140.0.215.000)
Norton Online Backup (x32 Version: 2.1.17869)
NVIDIA PhysX (x32 Version: 9.09.0203)
Oracle VM VirtualBox 4.1.0 (Version: 4.1.0)
Origin (x32 Version: 9.1.10.2728)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení (x32 Version: 15.4.5722.2)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2)
Packard Bell Games (x32 Version: 1.0.2.5)
Packard Bell Power Management (x32 Version: 6.00.3007)
Packard Bell Recovery Management (x32 Version: 5.00.3502)
Packard Bell Registration (x32 Version: 1.04.3502)
Packard Bell ScreenSaver (x32 Version: 1.1.1025.2010)
Packard Bell Social Networks (x32 Version: 3.0.3106)
Packard Bell Updater (x32 Version: 1.02.3502)
PDF Settings CS5 (x32 Version: 10.0)
Penguins! (x32 Version: 2.2.0.95)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95)
Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922)
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922)
Polar Bowler (x32 Version: 2.2.0.97)
Pošta Windows Live (x32 Version: 15.4.3502.0922)
Pro Evolution Soccer 2012 (x32 Version: 1.00.0000)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
PunkBuster Services (x32 Version: 0.991)
PX Profile Update (x32 Version: 1.00.1.)
PxMergeModule (x32 Version: 1.00.0000)
QUICKfind server v1.1 (x32)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6329)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30123)
S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922)
Scan (x32 Version: 140.0.80.000)
Schlag den Raab - Das 2. Spiel (x32 Version: 1.0)
Secure Download Manager (x32 Version: 3.1.01)
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (Version: 10.1.2531.0)
Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (x32 Version: 1)
SimCity™ (x32 Version: 1.0.0.0)
Skype™ 6.5 (x32 Version: 6.5.158)
Slingo Deluxe (x32 Version: 2.2.0.95)
SopCast 3.5.0 (x32 Version: 3.5.0)
Spotify (HKCU Version: 0.9.1.53.g876fa9df)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0)
St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? (x32 Version: 15.4.5722.2)
Stronghold 2 Deluxe (x32 Version: 1.40.100)
Synaptics Pointing Device Driver (Version: 15.1.6.0)
TeamViewer 8 (x32 Version: 8.0.16642)
TmNationsForever (x32)
Toolbox (x32 Version: 140.0.428.000)
tools-freebsd (x32 Version: 8.4.8.19539)
tools-linux (x32 Version: 8.4.8.19539)
tools-netware (x32 Version: 8.4.8.19539)
tools-solaris (x32 Version: 8.4.8.19539)
tools-windows (x32 Version: 8.4.8.19539)
tools-winPre2k (x32 Version: 8.4.8.19539)
Torchlight (x32 Version: 2.2.0.97)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (Version: 2.1.23.0)
Ufasoft SocksChain (Version: 4.214)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (Version: 10.1.2731.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
Urruneko konexioetarako Windows Live Mesh ActiveX kontrola (x32 Version: 15.4.5722.2)
Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2)
Veetle TV (x32 Version: 0.9.19)
Video Web Camera (x32 Version: 1.5.2904.00)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97)
Visual Studio 2010 Prerequisites - English (Version: 10.0.40219)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (x32 Version: 4.0.8080.0)
VLC media player 2.0.7 (Version: 2.0.7)
VMware Workstation (x32 Version: 7.1.5.19539)
WCF RIA Services V1.0 SP1 (x32 Version: 4.1.60114.0)
Web Deployment Tool (Version: 1.1.0618)
Wedding Dash (x32 Version: 2.2.0.95)
Welcome Center (x32 Version: 1.02.3503)
WildTangent Games App (Packard Bell Games) (x32 Version: 4.0.5.14)
Windows Live ??? (x32 Version: 15.4.3502.0922)
Windows Live ???? (x32 Version: 15.4.3502.0922)
Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3555.0308)
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922)
Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922)
Windows Live Fotótár (x32 Version: 15.4.3502.0922)
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922)
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz (x32 Version: 15.4.5722.2)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922)
Windows Liven sähköposti (x32 Version: 15.4.3502.0922)
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
Wireshark 1.6.5 (x32 Version: 1.6.5)
Zuma Deluxe (x32 Version: 2.2.0.95)

==================== Restore Points  =========================

17-06-2013 19:16:35 Windows Update
18-06-2013 12:55:21 Windows Update
19-06-2013 12:46:32 Windows Update
19-06-2013 17:45:09 Windows Update
20-06-2013 20:31:50 Avira Free Antivirus - 20.06.2013 22:31
21-06-2013 12:06:01 Avira Free Antivirus - 21.06.2013 14:05

==================== Hosts content: ==========================
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97    rhino.acme.com          # source server
#      38.25.63.10    x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#        #       
#        127.0.0.1      localhost
#        127.0.0.1 adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 hl2rcv.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com

There are more than 18 lines starting with "127.0.0.1"


==================== Scheduled Tasks (whitelisted) =============

Task: {0320B9DC-1004-423C-B96C-A22A55467142} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-09-13] (CyberLink)
Task: {0E47BA5F-4A50-47B2-8705-6EEABE026B9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {25D65487-8DFE-4383-98FB-A8DDD9629869} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)
Task: {2F29E746-6E94-4F7E-912D-389E4422908C} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {3996923F-9B0B-4727-875D-FC7B9C7C8E69} - System32\Tasks\{61E8812A-EB1C-4F10-95B4-4FB407A6F338} => C:\program files (x86)\mozilla firefox\firefox.exe [2013-05-17] (Mozilla Corporation)
Task: {3D1B8FA9-B468-4A8F-9D88-3F58670A827B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA => C:\Users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-04] (Facebook Inc.)
Task: {4013BD20-98CD-41B0-AA1A-2BAF129AE5A6} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {4559DF9B-0740-436E-9DE8-E5D82D3A133E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {46A1E049-7849-4E5C-8993-7F41C2253F2C} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe No File
Task: {4CBCFB91-1206-4F84-B46E-DE391327D07E} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [2011-07-06] (Nero AG)
Task: {5C090EA1-7DD6-47C5-AFE2-39CD5F741710} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {6F053358-D023-4DF9-8659-8DE8CFBFCBAC} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-21] (Microsoft Corporation)
Task: {93016C2D-1FBA-44A9-8CE7-DF1927D87375} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {A2E159C4-B334-433F-BF7C-33287588921E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core => C:\Users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-04] (Facebook Inc.)
Task: {A8C947F3-6654-4E67-87E8-E6059A991CB7} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2013-05-10] (Adobe Systems Incorporated)
Task: {A94A3A7A-254A-4182-8DE9-B085414417E9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-28] (Adobe Systems Incorporated)
Task: {BEFFE672-36B3-4B9F-A66B-A377AE80D2CE} - System32\Tasks\{4FEE1FBB-A870-4ACC-9858-44AAF5FDBE45} => C:\Users\Nico\Downloads\Emergency4_Patch1.3DE.exe No File
Task: {BFC9EEFF-9CA4-44C5-8E48-A3E4CEE57E95} - System32\Tasks\AdobeAAMUpdater-1.0-Nico-PC-Nico => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {C0B63EBA-BB74-4053-AECD-5F436FED351B} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {DE4761EE-E400-467B-9A5A-0B33CD7C84B9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA => C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)

==================== Faulty Device Manager Devices =============

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: SBRE
Description: SBRE
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SBRE
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Deskjet F4500 series
Description: Deskjet F4500 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2013 02:31:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x14b0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:30:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x7f8
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:30:00 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerUpdateService.exe, Version: 11.6.602.180, Zeitstempel: 0x51a4ab8c
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec49b8f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002e243
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerUpdateService.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerUpdateService.exe1
Pfad des fehlerhaften Moduls: FlashPlayerUpdateService.exe2
Berichtskennung: FlashPlayerUpdateService.exe3

Error: (06/24/2013 02:29:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0xd94
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:28:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x1310
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:27:14 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0xc10
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:26:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x15d0
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:25:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x17ec
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:24:11 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x113c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (06/24/2013 02:23:10 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x74f5c9f1
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3


System errors:
=============
Error: (06/24/2013 02:31:30 PM) (Source: Ntfs) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "Packard Bell" den Befehl "chkdsk" aus.

Error: (06/24/2013 02:17:09 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/24/2013 02:16:55 PM) (Source: Service Control Manager) (User: )
Description: Heimnetzgruppen-AnbieterFunktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (06/24/2013 02:16:55 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (06/24/2013 02:16:49 PM) (Source: Service Control Manager) (User: )
Description: SBRE

Error: (06/24/2013 02:16:24 PM) (Source: Service Control Manager) (User: )
Description: IPsec-Richtlinien-AgentBFE

Error: (06/24/2013 02:16:15 PM) (Source: Service Control Manager) (User: )
Description: Funktionssuche-Ressourcenveröffentlichung%%-2147024891

Error: (06/24/2013 02:16:15 PM) (Source: Service Control Manager) (User: )
Description: IKE- und AuthIP IPsec-SchlüsselerstellungsmoduleBFE

Error: (06/24/2013 02:16:09 PM) (Source: Service Control Manager) (User: )
Description: Computerbrowser%%1060

Error: (06/23/2013 09:56:16 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}


Microsoft Office Sessions:
=========================
Error: (06/24/2013 02:31:18 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f114b001ce70d6b96d1b80C:\Windows\SysWOW64\svchost.exeunknownf752a12e-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:30:17 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f17f801ce70d69520203dC:\Windows\SysWOW64\svchost.exeunknownd2fa3411-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:30:00 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.6.602.18051a4ab8cntdll.dll6.1.7601.177254ec49b8fc00000050002e243115c01ce70d68b42a6e3C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\ntdll.dllc92853a2-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:29:16 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f1d9401ce70d670c73defC:\Windows\SysWOW64\svchost.exeunknownaeb35366-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:28:15 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f1131001ce70d64c705777C:\Windows\SysWOW64\svchost.exeunknown8a4d2a75-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:27:14 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f1c1001ce70d62812ba27C:\Windows\SysWOW64\svchost.exeunknown65fe5a6c-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:26:12 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f115d001ce70d603973426C:\Windows\SysWOW64\svchost.exeunknown417a48cb-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:25:12 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f117ec01ce70d5df59a26dC:\Windows\SysWOW64\svchost.exeunknown1d40127f-dcc9-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:24:11 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f1113c01ce70d5bb170792C:\Windows\SysWOW64\svchost.exeunknownf8f16987-dcc8-11e2-89c3-b870f487d6cf

Error: (06/24/2013 02:23:10 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c000000574f5c9f1160401ce70d596aee2caC:\Windows\SysWOW64\svchost.exeunknownd4a83ee3-dcc8-11e2-89c3-b870f487d6cf


==================== Memory info ===========================

Percentage of memory in use: 23%
Total physical RAM: 8043.86 MB
Available physical RAM: 6141.28 MB
Total Pagefile: 16085.9 MB
Available Pagefile: 13847.31 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:678.54 GB) (Free:540.37 GB) NTFS (Disk=0 Partition=3)
Drive d: (DATA) (Fixed) (Total:698.63 GB) (Free:544.4 GB) NTFS (Disk=1 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 21A9ECAA)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=679 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 21A9EC9C)
Partition 1: (Not Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 24.06.2013 14:00
Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ZeroAccess:
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\00000004.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\76603ac3
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000004.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000008.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\000000cb.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000000.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000032.@
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000064.@

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
C:\Windows\System32\services.exe IS INFECTED. <===== ATTENTION!
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Und ein frisches FRST Log bitte.

tha619 24.06.2013 14:28
Das geht ya schnell :)

hier die FIXLOG

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2013
Ran by Nico at 2013-06-24 15:16:52 Run:1
Running from C:\Users\Nico\Downloads
Boot Mode: Normal
==============================================


"C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}" directory move:

C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000004.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000008.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\000000cb.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000000.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000032.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000064.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\00000004.@ => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\76603ac3 => Moved successfully.
Could not move "C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}" directory. => Scheduled to move on reboot.

C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U => Moved successfully.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\00000004.@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\L\76603ac3 => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000004.@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\00000008.@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\000000cb.@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000000.@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000032.@ => File/Directory not found.
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c}\U\80000064.@ => File/Directory not found.
C:\Windows\assembly\GAC_32\Desktop.ini => Moved successfully.
Could not move C:\Windows\assembly\GAC_64\Desktop.ini. => Scheduled to move on reboot.
C:\Windows\System32\services.exe IS INFECTED. <===== ATTENTION! => File/Directory not found.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\de-DE" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking completed.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.

=========== Result of Scheduled Files to move ===========
C:\Windows\Installer\{20a6a2c4-2d41-8ac0-88c9-738412720d8c} => Moved successfully.
C:\Windows\assembly\GAC_64\Desktop.ini => File moved successfully.

==== End of Fixlog ====
und nochmal der neue FRST Scan


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by Nico (administrator) on 24-06-2013 15:20:03
Running from C:\Users\Nico\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Windows\system32\services.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
() C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
() C:\Users\Nico\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CD- und DVD-Sharing] "C:\Program Files\CD- und DVD-Sharing\ODSAgent.exe" [582256 2010-04-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKCU\...\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [x]
HKCU\...\Run: [AdobeBridge]  [x]
HKCU\...\Run: [Google Update] "C:\Users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe" /c [116648 2012-08-26] (Google Inc.)
HKCU\...\Run: [Facebook Update] "C:\Users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2013-01-04] (Facebook Inc.)
MountPoints2: {ba655669-f6a7-11e1-8ea2-b870f487d6cf} - G:\Autorun.exe
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [129648 2011-09-23] (VMware, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-05-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll  [2521552 2013-06-03] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
URLSearchHook: (No Name) - {64ead72b-ffd4-4e01-aa3a-4c71665d73e4} -  No File
URLSearchHook: (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -  No File
HKCU SearchScopes: DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=031012_ccp_4012_8&babsrc=SP_ss&mntrId=2cba4256000000000000d0df9a96774e
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://safesearchr.lavasoft.com/?source=3336ca5f&tbp=rbox&toolbarid=adawaretb&u=23B62FAA28623C9359D0A45077CD7277&q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9 01 C:\Windows\System32\socketspy.dll File Not found ()
Winsock: Catalog9 02 C:\Windows\System32\socketspy.dll File Not found ()
Winsock: Catalog9 03 mswsock.dll File Not found ()
Winsock: Catalog9 04 mswsock.dll File Not found ()
Winsock: Catalog9 05 mswsock.dll File Not found ()
Winsock: Catalog9 06 mswsock.dll File Not found ()
Winsock: Catalog9 07 mswsock.dll File Not found ()
Winsock: Catalog9 08 mswsock.dll File Not found ()
Winsock: Catalog9 09 mswsock.dll File Not found ()
Winsock: Catalog9 10 mswsock.dll File Not found ()
Winsock: Catalog9 11 mswsock.dll File Not found ()
Winsock: Catalog9 12 mswsock.dll File Not found ()
Winsock: Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 14 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 15 C:\Windows\System32\socketspy.dll File Not found ()
Winsock: Catalog5-x64 01 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 05 mswsock.dll File Not found () ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog9-x64 01 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Winsock: Catalog9-x64 02 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Winsock: Catalog9-x64 03 mswsock.dll File Not found ()
Winsock: Catalog9-x64 04 mswsock.dll File Not found ()
Winsock: Catalog9-x64 05 mswsock.dll File Not found ()
Winsock: Catalog9-x64 06 mswsock.dll File Not found ()
Winsock: Catalog9-x64 07 mswsock.dll File Not found ()
Winsock: Catalog9-x64 08 mswsock.dll File Not found ()
Winsock: Catalog9-x64 09 mswsock.dll File Not found ()
Winsock: Catalog9-x64 10 mswsock.dll File Not found ()
Winsock: Catalog9-x64 11 mswsock.dll File Not found ()
Winsock: Catalog9-x64 12 mswsock.dll File Not found ()
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 14 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Lavasoft Search Plugin - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\jid1-yZwVFzbsyfMrqQ@jetpack
FF Extension: DVDVideoSoftTB DE  - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
FF Extension: Yahoo! Toolbar - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: No Name - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm\10.14.250.13_0
CHR Extension: () - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.19.11_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (StumbleUpon) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg\3.97.1_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-03-28] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-03-28] (Avira Operations GmbH & Co. KG)
R2 Browser Manager; C:\ProgramData\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [3085264 2013-06-03] ()
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-03-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
R2 StumbleUponUpdater; C:\Users\Nico\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [18432 2011-11-22] ()
S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-03-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-28] (Avira Operations GmbH & Co. KG)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-04] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-07-19] (Oracle Corporation)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-24 14:20 - 2013-06-24 15:18 - 00000000 ____D C:\FRST
2013-06-24 14:19 - 2013-06-24 14:19 - 01931364 ____A (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2013-06-23 13:01 - 2013-06-23 13:31 - 89977796 ____A C:\Users\Nico\Downloads\D.DX.12.13.part8.rar
2013-06-23 12:17 - 2013-06-24 15:17 - 93616457 ____A C:\Users\Nico\Downloads\D.DX.12.13.part7.rar.part
2013-06-23 11:21 - 2013-06-23 11:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{1D2962E8-3E0C-42C5-A949-111D92C99983}
2013-06-22 17:29 - 2013-06-22 17:29 - 00262144 ____A C:\Windows\Minidump\062213-26738-01.dmp
2013-06-22 13:45 - 2013-06-22 17:29 - 580052725 ____A C:\Windows\MEMORY.DMP
2013-06-22 13:45 - 2013-06-22 17:29 - 00000000 ____D C:\Windows\Minidump
2013-06-22 13:45 - 2013-06-22 13:45 - 00262144 ____A C:\Windows\Minidump\062213-29936-01.dmp
2013-06-22 12:41 - 2013-06-22 12:41 - 00000392 ____A C:\Users\Nico\defogger_reenable
2013-06-22 12:29 - 2013-06-24 14:33 - 00000000 ____D C:\Users\Nico\Desktop\Gegen Virus
2013-06-22 12:21 - 2013-06-23 12:16 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part4.rar
2013-06-21 14:21 - 2013-06-21 14:21 - 00000000 ____D C:\Users\Nico\Downloads\SpybotPortable
2013-06-21 14:19 - 2013-06-21 14:20 - 57524944 ____A (PortableApps.com) C:\Users\Nico\Downloads\SpybotPortable_2.1.paf.exe
2013-06-21 14:14 - 2013-06-21 14:14 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nico\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-21 13:57 - 2013-06-24 15:17 - 00000672 ____A C:\Windows\setupact.log
2013-06-21 13:57 - 2013-06-21 13:57 - 00000000 ____A C:\Windows\setuperr.log
2013-06-21 13:56 - 2013-06-21 13:56 - 00000824 ____A C:\Windows\PFRO.log
2013-06-20 22:39 - 2013-06-20 22:39 - 00000019 ____A C:\Users\Nico\Desktop\in 1,5 aus.cmd
2013-06-20 22:28 - 2013-06-20 22:28 - 00000000 ____D C:\Windows\Profiles\Nico
2013-06-20 22:16 - 2013-06-20 22:30 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-20 22:15 - 2013-06-22 11:30 - 00000000 ____D C:\Users\Nico\AppData\Roaming\vlc
2013-06-20 22:15 - 2013-06-20 22:15 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 22:12 - 2013-06-20 22:12 - 23229256 ____A C:\Users\Nico\Downloads\vlc-2.0.7-win64.exe
2013-06-20 22:07 - 2013-06-20 22:42 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part3.rar
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Nico\AppData\Roaming\File Scout
2013-06-20 20:02 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-20 19:41 - 2013-06-20 19:41 - 01125456 ____A (BitTorrent Inc.) C:\Users\Nico\Downloads\BitTorrent.exe
2013-06-20 19:21 - 2013-06-20 19:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{F9859730-4A8B-4935-96F9-B5159219BD09}
2013-06-18 16:39 - 2013-06-18 16:39 - 00000000 ____D C:\Users\Nico\AppData\Local\{A3B9C5E6-D87F-4DB1-AA34-8258F0A6D317}
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2013-06-17 21:27 - 2013-06-17 21:27 - 00000000 ____D C:\ProgramData\VS
2013-06-17 21:25 - 2013-06-17 21:25 - 00000000 ____D C:\fbabd28d772111eec99e8982
2013-06-17 18:08 - 2013-06-17 18:08 - 00001795 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-17 18:07 - 2013-06-17 18:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 18:07 - 2013-06-17 18:08 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 18:07 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iPod
2013-06-14 14:31 - 2013-06-12 21:15 - 00000101 ____A C:\Users\Nico\Downloads\ind-scary.nfo
2013-06-14 14:30 - 2013-06-14 14:30 - 00000466 ____A C:\Users\Nico\Desktop\DATA (D) - Verknüpfung.lnk
2013-06-13 17:22 - 2013-06-13 21:27 - 731594045 ____A C:\Users\Nico\Downloads\342fdsfssmo5.rar
2013-06-12 15:53 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 15:53 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 15:53 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 15:53 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 15:53 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 15:53 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 15:53 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 15:53 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 15:53 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 15:53 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 15:53 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 15:53 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 15:53 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 15:53 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 15:53 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 15:53 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 15:53 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 15:53 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 15:53 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 15:53 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 15:53 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 15:53 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 15:53 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 15:53 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 15:53 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 15:53 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 15:53 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 15:53 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 15:53 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 15:53 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 15:53 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 15:53 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:50 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:50 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:50 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:50 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:50 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:50 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:50 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:50 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:50 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-11 13:55 - 2013-06-11 13:55 - 00000000 ____D C:\Users\Nico\AppData\Local\{4FC71047-D567-49F4-BF1A-EE9BEC968BA8}
2013-06-08 18:41 - 2013-06-08 18:41 - 00000000 ____D C:\Users\Nico\AppData\Local\{D8BDBDB0-6714-480D-91FC-2F101077576A}
2013-06-05 15:41 - 2013-06-05 15:41 - 00001036 ____A C:\Users\Nico\Desktop\ILS-SimV4.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2013-06-24 15:18 - 2013-06-24 14:20 - 00000000 ____D C:\FRST
2013-06-24 15:18 - 2012-01-13 17:01 - 00000000 ____D C:\ProgramData\VMware
2013-06-24 15:17 - 2013-06-23 12:17 - 93616457 ____A C:\Users\Nico\Downloads\D.DX.12.13.part7.rar.part
2013-06-24 15:17 - 2013-06-21 13:57 - 00000672 ____A C:\Windows\setupact.log
2013-06-24 15:17 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-24 15:15 - 2012-04-21 12:08 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Skype
2013-06-24 14:33 - 2013-06-22 12:29 - 00000000 ____D C:\Users\Nico\Desktop\Gegen Virus
2013-06-24 14:30 - 2012-08-29 20:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-24 14:30 - 2012-08-26 15:03 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
2013-06-24 14:24 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-24 14:24 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-24 14:20 - 2011-08-18 13:46 - 00765954 ____A C:\Windows\System32\perfh007.dat
2013-06-24 14:20 - 2011-08-18 13:46 - 00174834 ____A C:\Windows\System32\perfc007.dat
2013-06-24 14:20 - 2009-07-14 07:13 - 01808082 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-24 14:19 - 2013-06-24 14:19 - 01931364 ____A (Farbar) C:\Users\Nico\Downloads\FRST64.exe
2013-06-23 21:00 - 2012-08-26 15:03 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
2013-06-23 20:51 - 2013-01-04 00:04 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
2013-06-23 13:31 - 2013-06-23 13:01 - 89977796 ____A C:\Users\Nico\Downloads\D.DX.12.13.part8.rar
2013-06-23 13:24 - 2012-06-06 21:16 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Spotify
2013-06-23 12:16 - 2013-06-22 12:21 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part4.rar
2013-06-23 11:48 - 2011-12-19 17:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-23 11:21 - 2013-06-23 11:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{1D2962E8-3E0C-42C5-A949-111D92C99983}
2013-06-22 17:29 - 2013-06-22 17:29 - 00262144 ____A C:\Windows\Minidump\062213-26738-01.dmp
2013-06-22 17:29 - 2013-06-22 13:45 - 580052725 ____A C:\Windows\MEMORY.DMP
2013-06-22 17:29 - 2013-06-22 13:45 - 00000000 ____D C:\Windows\Minidump
2013-06-22 13:45 - 2013-06-22 13:45 - 00262144 ____A C:\Windows\Minidump\062213-29936-01.dmp
2013-06-22 13:33 - 2011-12-14 09:59 - 00000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2013-06-22 12:41 - 2013-06-22 12:41 - 00000392 ____A C:\Users\Nico\defogger_reenable
2013-06-22 12:41 - 2011-12-08 15:43 - 00000000 ____D C:\users\Nico
2013-06-22 11:30 - 2013-06-20 22:15 - 00000000 ____D C:\Users\Nico\AppData\Roaming\vlc
2013-06-22 11:18 - 2013-03-19 22:58 - 00629248 __ASH C:\Users\Nico\Desktop\Thumbs.db
2013-06-21 23:08 - 2013-01-04 00:03 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
2013-06-21 14:21 - 2013-06-21 14:21 - 00000000 ____D C:\Users\Nico\Downloads\SpybotPortable
2013-06-21 14:20 - 2013-06-21 14:19 - 57524944 ____A (PortableApps.com) C:\Users\Nico\Downloads\SpybotPortable_2.1.paf.exe
2013-06-21 14:14 - 2013-06-21 14:14 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nico\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-21 13:57 - 2013-06-21 13:57 - 00000000 ____A C:\Windows\setuperr.log
2013-06-21 13:56 - 2013-06-21 13:56 - 00000824 ____A C:\Windows\PFRO.log
2013-06-20 22:42 - 2013-06-20 22:07 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part3.rar
2013-06-20 22:39 - 2013-06-20 22:39 - 00000019 ____A C:\Users\Nico\Desktop\in 1,5 aus.cmd
2013-06-20 22:30 - 2013-06-20 22:16 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-20 22:28 - 2013-06-20 22:28 - 00000000 ____D C:\Windows\Profiles\Nico
2013-06-20 22:15 - 2013-06-20 22:15 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 22:12 - 2013-06-20 22:12 - 23229256 ____A C:\Users\Nico\Downloads\vlc-2.0.7-win64.exe
2013-06-20 22:08 - 2012-01-12 19:08 - 00000000 ____D C:\Users\Nico\AppData\Roaming\BitTorrent
2013-06-20 20:02 - 2013-06-20 20:02 - 00000000 ____D C:\Users\Nico\AppData\Roaming\File Scout
2013-06-20 19:44 - 2012-01-12 19:09 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2013-06-20 19:41 - 2013-06-20 19:41 - 01125456 ____A (BitTorrent Inc.) C:\Users\Nico\Downloads\BitTorrent.exe
2013-06-20 19:21 - 2013-06-20 19:21 - 00000000 ____D C:\Users\Nico\AppData\Local\{F9859730-4A8B-4935-96F9-B5159219BD09}
2013-06-19 18:38 - 2012-06-06 21:17 - 00000000 ____D C:\Users\Nico\AppData\Local\Spotify
2013-06-19 15:31 - 2012-08-26 15:05 - 00002374 ____A C:\Users\Nico\Desktop\Google Chrome.lnk
2013-06-18 16:39 - 2013-06-18 16:39 - 00000000 ____D C:\Users\Nico\AppData\Local\{A3B9C5E6-D87F-4DB1-AA34-8258F0A6D317}
2013-06-18 15:50 - 2011-12-09 15:06 - 01786150 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 15:32 - 2012-03-26 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-18 15:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\MSBuild
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2013-06-17 21:28 - 2012-03-26 20:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-17 21:27 - 2013-06-17 21:27 - 00000000 ____D C:\ProgramData\VS
2013-06-17 21:25 - 2013-06-17 21:25 - 00000000 ____D C:\fbabd28d772111eec99e8982
2013-06-17 18:08 - 2013-06-17 18:08 - 00001795 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-17 18:08 - 2013-06-17 18:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 18:08 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 18:08 - 2012-10-13 14:19 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-17 18:07 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iPod
2013-06-14 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 14:30 - 2013-06-14 14:30 - 00000466 ____A C:\Users\Nico\Desktop\DATA (D) - Verknüpfung.lnk
2013-06-13 21:27 - 2013-06-13 17:22 - 731594045 ____A C:\Users\Nico\Downloads\342fdsfssmo5.rar
2013-06-12 21:15 - 2013-06-14 14:31 - 00000101 ____A C:\Users\Nico\Downloads\ind-scary.nfo
2013-06-12 21:15 - 2013-02-06 22:32 - 00000341 ____A C:\Users\Nico\Downloads\www.goldesel.to - www.charts.to .txt
2013-06-12 21:15 - 2013-02-06 22:32 - 00000291 ____A C:\Users\Nico\Downloads\Charts.to - Die ultimative Seite fuer Charts als Direkt-Download.url
2013-06-12 21:15 - 2013-02-06 22:32 - 00000220 ____A C:\Users\Nico\Downloads\Goldesel.to - Die Seite fuer Direkt-Downloads aller Art.url
2013-06-12 18:30 - 2012-04-14 15:21 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:30 - 2011-07-25 12:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 15:51 - 2011-12-17 14:27 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 15:07 - 2013-01-24 18:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-12 15:07 - 2011-07-25 11:54 - 00000000 ____D C:\ProgramData\Skype
2013-06-11 13:55 - 2013-06-11 13:55 - 00000000 ____D C:\Users\Nico\AppData\Local\{4FC71047-D567-49F4-BF1A-EE9BEC968BA8}
2013-06-10 16:40 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-08 18:41 - 2013-06-08 18:41 - 00000000 ____D C:\Users\Nico\AppData\Local\{D8BDBDB0-6714-480D-91FC-2F101077576A}
2013-06-08 17:43 - 2011-12-15 23:13 - 00000616 ____A C:\Users\Nico\Documents\ax_files.xml
2013-06-07 13:44 - 2012-11-05 18:14 - 00000000 ____D C:\Users\Nico\AppData\Local\Origin
2013-06-07 13:44 - 2012-11-05 18:07 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-05 15:46 - 2013-04-13 19:06 - 00000000 __SHD C:\Users\Nico\wc
2013-06-05 15:41 - 2013-06-05 15:41 - 00001036 ____A C:\Users\Nico\Desktop\ILS-SimV4.exe - Verknüpfung.lnk
2013-06-05 09:21 - 2012-10-06 16:46 - 00000000 ____D C:\ProgramData\Browser Manager
2013-06-03 17:21 - 2013-04-07 11:47 - 01130496 ____A C:\Users\Nico\Desktop\Schuppenat_Noel_09A (2).lpo
2013-05-28 15:05 - 2013-06-20 20:02 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2009-07-14 01:19] - [2009-07-14 03:39] - 0329216 ____N () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\services.exe IS INFECTED. <===== ATTENTION!

C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-14 22:11

==================== End Of Log ============================
--- --- ---

schrauber 24.06.2013 15:10
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

tha619 24.06.2013 18:39
Hier die ComboFix.log:

Code:
ComboFix 13-06-24.01 - Nico 24.06.2013  18:46:16.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8044.6340 [GMT 2:00]
ausgeführt von:: c:\users\Nico\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Infizierte Kopie von c:\windows\system32\Services.exe wurde gefunden und desinfiziert
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe wurde wiederhergestellt
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-24 bis 2013-06-24  ))))))))))))))))))))))))))))))
.
.
2013-06-24 16:57 . 2013-06-24 16:57        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-24 12:20 . 2013-06-24 13:18        --------        d-----w-        C:\FRST
2013-06-21 12:15 . 2013-06-21 12:15        --------        d-----w-        c:\users\Nico\AppData\Local\Programs
2013-06-20 20:28 . 2013-06-20 20:28        --------        d-----w-        c:\windows\Profiles
2013-06-20 20:16 . 2013-06-20 20:16        225280        ----a-w-        c:\programdata\Microsoft\Media Tools\MediaIconsOverlays.dll
2013-06-20 20:16 . 2013-06-20 20:30        --------        d-----w-        c:\program files (x86)\x264 Video Codec
2013-06-20 20:15 . 2013-06-22 09:30        --------        d-----w-        c:\users\Nico\AppData\Roaming\vlc
2013-06-20 20:15 . 2013-06-20 20:15        --------        d-----w-        c:\program files\VideoLAN
2013-06-20 18:02 . 2013-05-28 13:05        163328        ----a-w-        c:\windows\SysWow64\FlashPlayerUpdateService.exe
2013-06-20 18:02 . 2013-06-20 18:02        --------        d-----w-        c:\users\Nico\AppData\Roaming\File Scout
2013-06-17 19:27 . 2013-06-17 19:27        --------        d-----w-        c:\programdata\VS
2013-06-17 19:25 . 2013-06-17 19:25        --------        d-----w-        C:\fbabd28d772111eec99e8982
2013-06-17 16:07 . 2013-06-17 16:07        --------        d-----w-        c:\program files\iPod
2013-06-17 16:07 . 2013-06-17 16:08        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 16:07 . 2013-06-17 16:08        --------        d-----w-        c:\program files\iTunes
2013-06-12 12:50 . 2013-05-08 06:39        1910632        ----a-w-        c:\windows\system32\drivers\tcpip.sys
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-19 18:10 . 2012-03-26 18:52        2391136        ----a-w-        c:\programdata\Microsoft\VisualStudio\10.0\1031\ResourceCache.dll
2013-06-12 16:30 . 2012-04-14 13:21        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 16:30 . 2011-07-25 10:15        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-12 13:51 . 2011-12-17 12:27        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-05-14 18:10 . 2012-01-10 17:39        22240        ----a-w-        c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 05:49 . 2013-05-15 06:40        135168        ----a-w-        c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 06:40        350208        ----a-w-        c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 06:40        308736        ----a-w-        c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 06:40        111104        ----a-w-        c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 06:40        474624        ----a-w-        c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 06:40        2176512        ----a-w-        c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 13:15        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 06:40        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 06:40        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 06:40        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-03-29 11:39 . 2013-03-24 20:28        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-03-29 11:39 . 2013-03-24 08:33        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-03-29 11:33 . 2013-03-24 08:33        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
2011-05-09 09:49        176936        ----a-w-        c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}"= "c:\program files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2013-01-03 138096]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"vmware-tray"="c:\program files (x86)\VMware\VMware Workstation\vmware-tray.exe" [2011-09-23 129648]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll c:\progra~3\browse~1\261339~1.144\{16cdf~1\browsemngr.dll
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys;c:\windows\SYSNATIVE\drivers\SBREdrv.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe;c:\programdata\Browser Manager\2.6.1339.144\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 StumbleUponUpdater;StumbleUpon Updater;c:\users\Nico\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe;c:\users\Nico\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys;c:\windows\SYSNATIVE\drivers\vmci.sys [x]
S2 VMUSBArbService;VMware USB Arbitration Service;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe;c:\program files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 13:05]
.
2013-06-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
- c:\users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-03 22:03]
.
2013-06-23 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
- c:\users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-03 22:03]
.
2013-06-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
- c:\users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 13:03]
.
2013-06-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
- c:\users\Nico\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-26 13:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-15 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-15 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-15 416024]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-05-10 1831528]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"CD- und DVD-Sharing"="c:\program files\CD- und DVD-Sharing\ODSAgent.exe" [2010-04-16 582256]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = google.de
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\Nico\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files (x86)\ICQ7.7\ICQ.exe
LSP: c:\program files (x86)\VMware\VMware Workstation\vsocklib.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{1EC23CFF-4C58-458f-924C-8519AEF61B32} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\schtasks.exe
c:\program files (x86)\Launch Manager\LMworker.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\vmnat.exe
c:\windows\SysWOW64\vmnetdhcp.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-24  19:07:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-24 17:07
.
Vor Suchlauf: 11 Verzeichnis(se), 581.491.396.608 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 580.964.814.848 Bytes frei
.
- - End Of File - - 5FFFBBA9DF4E836694338C7B15F91528
D41D8CD98F00B204E9800998ECF8427E
Nur leider komme ich mit dem befallenden Rechner nicht mehr ins Internet, ist das normal?

schrauber 24.06.2013 18:50
Reboote mal, immer noch?

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST Log bitte.

tha619 24.06.2013 20:01
Ich habe immer noch kein Internet, auch nicht nach mehrmaligen rebooten...


AdwCleaner:
Code:
# AdwCleaner v2.303 - Datei am 24/06/2013 um 20:02:59 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Nico - NICO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Nico\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Browser Manager
Gestoppt & Gelöscht : StumbleUponUpdater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\bprotector_prefs.js
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Uninstall.exe
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\bprotector_prefs.js
Datei Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\searchplugins\Babylon.xml
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Gelöscht mit Neustart : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Nico\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Ordner Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Ordner Gelöscht : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Ordner Gelöscht : C:\Users\Nico\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Nico\AppData\LocalLow\DVDVideoSoftTB_DE
Ordner Gelöscht : C:\Users\Nico\AppData\LocalLow\StumbleUpon
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\file scout
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\jetpack
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}
Ordner Gelöscht : C:\Users\Nico\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\PROGRA~3\BROWSE~1\261339~1.144\{16CDF~1\BROWSE~1.DLL
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\PROGRA~3\BROWSE~1\261339~1.144\{16CDF~1\browsemngr.dll
Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB_DE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\StumbleUpon
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\StumbleUpon
Schlüssel Gelöscht : HKCU\Software\59558c88b03ee947
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\StumbleUpon.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\StumbleUpon.QTimeCpio.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2849855
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB_DE
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\59558c88b03ee947
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DB616CFF-D989-48A8-9C85-E2A8D56AB2CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bhphemoobgnikcoofkgackkaimpfmenm
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{498C5B96-E281-4804-81C7-CC0415A1CFD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C03D1A9-46DE-4EB1-AC4F-B454319400D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB_DE Toolbar
Schlüssel Gelöscht : HKU\S-1-5-21-4147683108-3158561192-3553953681-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16490

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\prefs.js

Gelöscht : user_pref("pttl.menu-search-groups-tab", false);
Gelöscht : user_pref("pttl.menu-search-groups-win", false);
Gelöscht : user_pref("browser.search.selectedEngine", "blekko");

Datei : C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [9598 octets] - [24/06/2013 20:02:59]

########## EOF - C:\AdwCleaner[S1].txt - [9658 octets] ##########
Junkware Removal Tool:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Nico on 24.06.2013 at 20:07:20,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\browser manager"
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{01EBE53D-52F7-45BF-B1A8-6FD14455D5D1}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{02E6BBB4-669F-4E39-A3F6-72CF34739CA5}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{037257E9-DCC1-465A-8961-A788B83B5301}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{03AE1076-79FE-4B2F-A0CA-1901C679F2D2}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{047912A4-D5D3-4CA5-BACD-AA40BAABE114}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{0D6AF066-CA60-4533-A71E-85FF675A8470}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{0E23AFFF-335A-4ABF-8C65-7D80DC8B5674}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{0F47E5C8-1DDE-4DF6-AD11-CBAC8A91D4AB}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{15386968-E8EF-41EB-9819-1369E36053E7}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{156D18F7-7BDC-4A5E-9520-51F6BDFC79B1}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{1591575B-C81A-4A9A-AD32-289DEE6E3833}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{1753E0C8-2B13-441D-8EFC-497F86CA5178}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{1A5F0B37-CD5C-4776-BD1E-C94F37ED8331}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{1D2962E8-3E0C-42C5-A949-111D92C99983}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{1DBF5012-8A5A-4CD2-9551-E860CBCD0A76}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{1EEDE0F9-56F6-41A1-9D45-6EB9B3E1B611}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2614D05B-120E-4957-9AB6-47E75C374EA5}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2702E585-7EE5-4A60-9186-A2AD1128F779}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{288BDC8C-F06E-48D3-9B6B-CEB0584BB219}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2BDAEEF9-17D4-42F4-98C4-37B15FAE936C}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2C13E42A-9B64-4AF7-BDE8-9F501163A828}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2DE91B77-39DF-42EA-AB59-3F0E1CBA2BBA}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2DF0B75A-CC77-4BDB-A9C2-B3783AD63DDF}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{2F1B950D-6759-46E9-BB84-43576785E2F3}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{30001609-4380-4909-AC72-353A184D919E}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{314CA933-6DF9-4CE7-8930-5446B484F6E6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{321086D4-DD72-434C-B677-958C4C46B7AB}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{3272F80F-95A2-40A8-9F0F-26BD2A62B648}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{3510C0C9-5DA4-4AD0-AA9C-E52BB5FF7FAB}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{37F50EE5-9ADC-42B5-8CC9-BE0A11946C43}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{3CB60814-A551-4D06-AB3F-BD3D9327D453}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{3DF2C66D-8A1B-4F2F-A0A7-C09A68A3644F}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{41810BFD-2E05-49B6-9528-ABB80D005A2A}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4345CAC0-10F4-4900-8092-B95DA873373B}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{46684BCF-6A14-49AA-B27D-836C99FB78A6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{476718A3-B104-4087-AC53-02E96F81A5F0}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{47B5E902-1A83-4E05-A9B4-7AA0D6BDAC26}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4B1F0E74-1A1D-47C5-B7B0-BE32F8D9027E}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4B5718E3-03CC-4E36-931C-C54F0221A295}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4B62601C-42A7-4805-8B7E-3507DFC6FB2F}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4CABD8F5-D16E-4AA5-8A39-1CD5F610A3B9}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4D374E6D-7095-4273-95B8-AB3E04E1314B}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4DDAFA8B-38CC-49BE-AD2D-6CE12AF3777C}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4F9CC9AD-155F-4D7D-8C6F-97F76FA3B8CB}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{4FC71047-D567-49F4-BF1A-EE9BEC968BA8}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{51CAD761-A4BE-4158-88A3-04F5989631DD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{541142D7-14DF-4A3A-B7B4-FE0BAB078C75}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{54BA7195-F7DA-4C1B-8FBD-876A3EE4425C}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{56F3C4E4-3FE5-43E7-9105-EA9FA28E6CAA}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{5C5DAE84-6AAE-4170-9870-2303EE6DF141}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{5F085D98-226E-43C9-8603-D0439B8F9173}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{5FF4C74B-2090-4C2A-A3DC-E0F4D88A20A3}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{61D8E345-5945-4694-8B3D-D59714F6115C}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{638E48D2-191B-477A-80E2-1465A8D58A69}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{647AE599-E642-4BFD-AF5B-E958879EC067}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{66653932-703E-4245-BC9B-A343A033EE6C}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{66AB0421-08A0-4D9D-BC6A-FDB9A4173B89}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{6B36B864-E4BD-4EB7-9A29-4933FDC5AEC6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{6D944F31-376E-48A0-A105-3B8C5CD998E1}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{71E9D03E-2E0D-43A7-B846-D75060741525}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{78880806-B50A-4DAA-B1E4-BDF91EC99361}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{78A1709A-EF51-4D22-AED1-A778E056F562}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{78FB168C-A3F7-4003-9C49-6D25AA6E6265}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{7A02E4FB-3889-4B8F-871B-06F42DCAB1CD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{7A2F6DE5-CBAA-4B8A-89BE-2DACFF433C79}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{7F2828CD-F61D-4A78-847E-448D87FB5D46}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{83372C36-C73B-4A59-BAB2-918DF5F29A93}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{84102022-3D35-4475-AE16-FFCB62A22BBD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{84119013-A6E0-4C4A-B0D2-453773257D70}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{864A6DA4-5DCC-40B5-AFC0-AF7BA04BA752}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{866F08E0-85C9-43DA-BB6D-986EDC88A1AD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{868D3521-5C24-4E5E-B2B8-36FCBC7AA71D}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{86D5FA29-A0C7-4C23-BB22-41033CF5804B}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{873AD60F-2FDC-4321-8F21-AC924F1B4909}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{8DF46C0C-F220-479A-9BFA-F6706C0AA355}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{92288302-9D7F-462D-A6E9-AD64A0B1DC57}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{981988B6-376D-4909-9B51-C9516D53CF57}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{99FE690E-36B7-44B5-8020-62CBC089519F}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{9DC79AA1-E744-43CD-8669-A14F4663E466}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{9EA3890D-1765-4BE0-9A96-DDF85F7B2973}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{9F7A3AEF-A96A-456A-A5E2-6FB80983C6AF}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A0AA6669-4F5D-44C9-9D89-C85AD9CBD5C5}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A3B9C5E6-D87F-4DB1-AA34-8258F0A6D317}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A4097610-706F-4F65-9095-7B1CF22EECF4}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A473CEA6-62FA-46AA-A651-FDA95B1CFE19}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A8D35E27-30D4-45D1-B1F5-38C37E90233B}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A911D062-FDE2-4B0F-9213-F18ABB6AB403}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A9ACDF43-09CD-4D58-83D7-2810A2D901CD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{A9EC708F-3324-4859-A758-3FF1345398C6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{AE1FD881-9B91-44EA-B104-0CC7C1817D7E}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{B01731E7-D514-4A8E-AA21-89F1722A492B}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{B192C236-1DE9-4892-B7E0-6105E0E7A11E}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{B2B50102-15B5-4696-8EB7-0590465704FC}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{B3ACCC8B-AD1D-4CBC-A936-AC4A903163D0}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{B53858E7-273C-49D4-949E-13DACB2853D3}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{B8338E88-AA64-4BAB-8DCA-7A98B825855E}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{BD094525-8D7E-4569-A01E-6A9496953540}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{BEBA1EC2-5BDF-46A9-875D-D9C6CEDF3BB7}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{BF8901B1-79C1-495A-A003-C5B6E1D37D50}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{BFEB08CC-993C-456C-8C08-B6045F978476}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{C42C2A4E-7B79-403D-B1FA-A593F6805CD9}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{C59E23D9-574C-4E8C-800E-7D9559667CA1}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{C64745CA-9B03-43DA-8F61-68716C6BA498}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{C69681ED-320F-4230-8006-D046F24F3B78}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{C6D40B7A-91D5-48D2-92C3-E3FF28133A72}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{C97274E7-F488-4093-92C8-01702A9A25CD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{CA6D5D2B-1570-4EE5-9C70-0B3298B621E4}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{CB08A2DB-F897-44B1-AEB0-71B920475D0F}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{CE1799F7-E234-4427-AF6E-4629597E9686}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D010C017-665A-4BED-9C20-504AD174049A}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D0E22335-93FB-47B6-903A-2E72B6117C45}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D132D63F-3BBE-44FE-9052-D9CC7CB4DB17}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D170BC73-B8DF-4E13-9EA6-36738972179D}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D1828E64-9D1F-4EE9-BAD0-DE22E8F25CEC}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D28B7ADB-8FF6-4208-AA85-D39FC5DDB5C6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D321C03A-591E-4B4B-91E9-5026B8E08CBC}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D69C65B1-9D41-496E-B2F6-255D1EBD53A6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D7BB6A2F-C3F8-4CE7-AC78-4991C2FA9188}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{D8BDBDB0-6714-480D-91FC-2F101077576A}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{DA5C2700-2051-4CCC-81C6-75AFC24FA9D9}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{DC7270AF-0143-4D3D-8A9C-F7FAB03DEEAA}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{DD04D806-6230-43DF-9327-CD38E4582F3A}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{DD2D3A62-EE14-4A66-B5D3-55B6F4EB884F}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{DEA2B9C4-50CB-46E8-A446-296826719D53}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E1BDB5C9-E5B3-4180-9C6F-A8122BE51BD1}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E2139376-C05A-4C81-BDA6-55431AD58FDD}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E2BD4F9E-4004-40DB-BBE7-BC51B98D7F1A}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E47E2920-90EB-4708-8932-98B88356FD38}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E6590DC6-33D1-4793-B878-18D6E04772C8}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E78ABC4C-29C2-41B9-A205-402E44EE7F22}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E7A6AB95-8438-4084-B3AF-3CEDDAC825B8}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E82131B8-59A0-49B5-877A-BBB1DDB98AEC}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E8B02BD7-A8D8-4802-8C95-9A2CC80AC981}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{E9A8A265-3C75-4062-A3EE-40FB5FA1523B}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{EADBE752-5CA8-4C14-B3B6-685823CDB1DC}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{EAE1ACE6-07ED-4BE8-90C5-99132C9550F4}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{ECFB0ED4-6612-405D-9466-26DD8950BD07}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{ED65F898-9809-4085-AE8F-3A0E4AD61075}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{EE33A63D-0053-436F-850F-A7536BD73CCA}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{EF16CD45-997A-4403-925C-59CDD7FBF937}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{F21B4F83-737A-49DE-9EBD-C0D2AE5B1672}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{F2768FFF-5D99-464F-A897-3947B18A044D}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{F515E7BC-316C-4F28-AF3B-F84A2244F70F}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{F80160CB-D818-4A8B-95B6-9BB9EDC35F10}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{F93C549F-379D-4D67-84AD-0F234B6459AE}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{F9859730-4A8B-4935-96F9-B5159219BD09}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{FA6853ED-B40E-44E3-916C-A79F626E5318}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{FACDC9C9-975E-4E06-825A-1832B1F308FF}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{FC09B251-EC2C-4EAB-8661-E65D55C3F587}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{FE4E77AA-B286-4FE8-A804-A232CEED92D8}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{FEA91367-07F7-4512-89A7-56A3340735D6}
Successfully deleted: [Empty Folder] C:\Users\Nico\appdata\local\{FF864D3B-82FC-4FFB-BFBC-D10DBB5072EF}



~~~ FireFox

Successfully deleted: [File] C:\Users\Nico\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\invalidprefs.js
Successfully deleted: [Folder] C:\Users\Nico\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Successfully deleted: [Folder] C:\Users\Nico\AppData\Roaming\mozilla\firefox\profiles\uhmxne3e.Normales surfen\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
Emptied folder: C:\Users\Nico\AppData\Roaming\mozilla\firefox\profiles\uhmxne3e.Normales surfen\minidumps [207 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.06.2013 at 20:14:41,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und die neue FRST:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2013
Ran by Nico (administrator) on 24-06-2013 20:56:35
Running from C:\Users\Nico\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11785832 2011-03-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [4526 2010-11-29] ()
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Power Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831528 2011-05-10] (Acer Incorporated)
HKLM\...\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [CD- und DVD-Sharing] "C:\Program Files\CD- und DVD-Sharing\ODSAgent.exe" [582256 2010-04-16] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [500208 2010-03-06] (Adobe Systems Incorporated)
HKCU\...\Run: [Facebook Update] "C:\Users\Nico\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2013-01-04] (Facebook Inc.)
HKCU\...\Policies\system: [disableregistrytools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [336384 2011-05-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [vmware-tray] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [129648 2011-09-23] (VMware, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [154144 2010-07-29] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~2\IDM\QUICKF~1\PlugIns\IEHelp.dll (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 01 %SystemRoot%\System32\mswsock.dll [232448] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog9 13 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog9 14 C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll [346736] (VMware, Inc.)
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [326144] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog9-x64 01 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Winsock: Catalog9-x64 02 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Winsock: Catalog9-x64 13 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 14 C:\Program Files (x86)\VMware\VMware Workstation\x64\vsocklib.dll [446576] (VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\System32\socketspy-64.dll [450048] (Ufasoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer - C:\Windows\system32\TVUAx\npTVUAx.dll No File
FF Plugin-x32: @protectdisc.com/NPMPDRM - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Yahoo! Toolbar - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: Adblock Plus - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF Extension: No Name - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF Extension: No Name - C:\Users\Nico\AppData\Roaming\Mozilla\Firefox\Profiles\uhmxne3e.Normales surfen\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\27.0.1453.116\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nico\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (fluxDVD Browser Plugin) - C:\Program Files (x86)\Common Files\mpDRM\NPMPDRM.dll ( )
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Veetle TV Player) - C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
CHR Plugin: (Veetle TV Core) - C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Nico\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (TVU Web Player for FireFox) - C:\Windows\system32\TVUAx\npTVUAx.dll No File
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Nico\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0

==================== Services (Whitelisted) =================

R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-05-10] (Acer Incorporated)
R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [39528 2011-01-18] (Acer Incorporated)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-04-05] (Acer Incorporated)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-03-24] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software)
S3 ufad-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe [191024 2010-08-19] (VMware, Inc.)

==================== Drivers (Whitelisted) ====================

R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-09-04] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-07-19] (Oracle Corporation)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
R2 vstor2-ws60; C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys [32816 2010-08-19] (VMware, Inc.)
S1 SBRE; \??\C:\Windows\system32\drivers\SBREdrv.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-24 20:14 - 2013-06-24 20:14 - 00017316 ____A C:\Users\Nico\Desktop\JRT.txt
2013-06-24 20:07 - 2013-06-24 20:07 - 00000000 ____D C:\Windows\ERUNT
2013-06-24 20:07 - 2013-06-24 20:07 - 00000000 ____D C:\JRT
2013-06-24 20:02 - 2013-06-24 20:03 - 00009721 ____A C:\AdwCleaner[S1].txt
2013-06-24 20:00 - 2013-06-24 20:05 - 00000112 ____A C:\Windows\setupact.log
2013-06-24 20:00 - 2013-06-24 20:00 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 19:59 - 2013-06-24 19:59 - 00648201 ____A C:\Users\Nico\Desktop\adwcleaner.exe
2013-06-24 19:57 - 2013-06-24 19:58 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Nico\Desktop\JRT.exe
2013-06-24 19:28 - 2013-06-24 19:28 - 00000000 ___SD C:\ComboFix
2013-06-24 18:42 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-24 18:42 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-24 18:42 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-24 18:42 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-24 18:42 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-24 18:42 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-24 18:42 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-24 18:42 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-24 18:38 - 2013-06-24 20:09 - 00040422 ____A C:\Windows\WindowsUpdate.log
2013-06-24 18:33 - 2013-06-24 18:33 - 02092792 ____A C:\Users\Nico\Downloads\avira_free_antivirus(1).exe
2013-06-24 18:24 - 2013-06-24 18:25 - 00000075 ____A C:\Users\Nico\Desktop\test.bat
2013-06-24 18:24 - 2013-06-24 18:24 - 00000069 ____A C:\Users\Nico\Desktop\test.cmd.txt
2013-06-24 18:21 - 2013-06-24 19:28 - 00000000 ____D C:\Qoobox
2013-06-24 18:21 - 2013-06-24 19:04 - 00000000 ____D C:\Windows\erdnt
2013-06-24 18:16 - 2013-06-24 18:17 - 05082330 ____R (Swearware) C:\Users\Nico\Desktop\ComboFix.exe
2013-06-24 14:20 - 2013-06-24 15:18 - 00000000 ____D C:\FRST
2013-06-24 14:19 - 2013-06-24 14:19 - 01931364 ____A (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2013-06-23 13:01 - 2013-06-23 13:31 - 89977796 ____A C:\Users\Nico\Downloads\D.DX.12.13.part8.rar
2013-06-23 12:17 - 2013-06-24 16:49 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part7.rar
2013-06-22 13:45 - 2013-06-24 19:29 - 00000000 ____D C:\Windows\Minidump
2013-06-22 12:41 - 2013-06-22 12:41 - 00000392 ____A C:\Users\Nico\defogger_reenable
2013-06-22 12:29 - 2013-06-24 15:22 - 00000000 ____D C:\Users\Nico\Desktop\Gegen Virus
2013-06-22 12:21 - 2013-06-23 12:16 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part4.rar
2013-06-21 14:21 - 2013-06-21 14:21 - 00000000 ____D C:\Users\Nico\Downloads\SpybotPortable
2013-06-21 14:19 - 2013-06-21 14:20 - 57524944 ____A (PortableApps.com) C:\Users\Nico\Downloads\SpybotPortable_2.1.paf.exe
2013-06-21 14:14 - 2013-06-21 14:14 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nico\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-20 22:39 - 2013-06-20 22:39 - 00000019 ____A C:\Users\Nico\Desktop\in 1,5 aus.cmd
2013-06-20 22:28 - 2013-06-20 22:28 - 00000000 ____D C:\Windows\Profiles\Nico
2013-06-20 22:16 - 2013-06-20 22:30 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-20 22:15 - 2013-06-22 11:30 - 00000000 ____D C:\Users\Nico\AppData\Roaming\vlc
2013-06-20 22:15 - 2013-06-20 22:15 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 22:12 - 2013-06-20 22:12 - 23229256 ____A C:\Users\Nico\Downloads\vlc-2.0.7-win64.exe
2013-06-20 22:07 - 2013-06-20 22:42 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part3.rar
2013-06-20 20:02 - 2013-05-28 15:05 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
2013-06-20 19:41 - 2013-06-20 19:41 - 01125456 ____A (BitTorrent Inc.) C:\Users\Nico\Downloads\BitTorrent.exe
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2013-06-17 21:27 - 2013-06-17 21:27 - 00000000 ____D C:\ProgramData\VS
2013-06-17 21:25 - 2013-06-17 21:25 - 00000000 ____D C:\fbabd28d772111eec99e8982
2013-06-17 18:08 - 2013-06-17 18:08 - 00001795 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-17 18:07 - 2013-06-17 18:08 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 18:07 - 2013-06-17 18:08 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 18:07 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iPod
2013-06-14 14:31 - 2013-06-12 21:15 - 00000101 ____A C:\Users\Nico\Downloads\ind-scary.nfo
2013-06-14 14:30 - 2013-06-14 14:30 - 00000466 ____A C:\Users\Nico\Desktop\DATA (D) - Verknüpfung.lnk
2013-06-13 17:22 - 2013-06-13 21:27 - 731594045 ____A C:\Users\Nico\Downloads\342fdsfssmo5.rar
2013-06-12 15:53 - 2013-05-17 06:05 - 17824768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 15:53 - 2013-05-17 05:27 - 10926080 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 15:53 - 2013-05-17 05:09 - 02312704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 15:53 - 2013-05-17 05:02 - 01392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 15:53 - 2013-05-17 05:02 - 01346560 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 15:53 - 2013-05-17 05:01 - 01494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-06-12 15:53 - 2013-05-17 05:00 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-06-12 15:53 - 2013-05-17 04:58 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 15:53 - 2013-05-17 04:56 - 00599040 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-06-12 15:53 - 2013-05-17 04:56 - 00173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-06-12 15:53 - 2013-05-17 04:55 - 00816640 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 15:53 - 2013-05-17 04:54 - 00729088 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 15:53 - 2013-05-17 04:53 - 02147840 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 15:53 - 2013-05-17 04:51 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 15:53 - 2013-05-17 04:51 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-06-12 15:53 - 2013-05-17 04:46 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 15:53 - 2013-05-17 01:08 - 12329984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 15:53 - 2013-05-17 00:49 - 09738752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 15:53 - 2013-05-17 00:39 - 01800704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 15:53 - 2013-05-17 00:28 - 01129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 15:53 - 2013-05-17 00:28 - 01104384 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 15:53 - 2013-05-17 00:27 - 01427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-06-12 15:53 - 2013-05-17 00:26 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-06-12 15:53 - 2013-05-17 00:23 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 15:53 - 2013-05-17 00:21 - 00717824 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 15:53 - 2013-05-17 00:21 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-06-12 15:53 - 2013-05-17 00:20 - 00420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-06-12 15:53 - 2013-05-17 00:19 - 00607744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 15:53 - 2013-05-17 00:17 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 15:53 - 2013-05-17 00:17 - 00073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-06-12 15:53 - 2013-05-17 00:16 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 15:53 - 2013-05-17 00:12 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 14:50 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 14:50 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 14:50 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 14:50 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 14:50 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 14:50 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 14:50 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 14:50 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 14:50 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 14:50 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 14:50 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-05 15:41 - 2013-06-05 15:41 - 00001036 ____A C:\Users\Nico\Desktop\ILS-SimV4.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2013-06-24 20:30 - 2012-08-29 20:45 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-24 20:30 - 2012-08-26 15:03 - 00001116 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
2013-06-24 20:14 - 2013-06-24 20:14 - 00017316 ____A C:\Users\Nico\Desktop\JRT.txt
2013-06-24 20:13 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-24 20:13 - 2009-07-14 06:45 - 00016752 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-24 20:10 - 2011-08-18 13:46 - 00765954 ____A C:\Windows\System32\perfh007.dat
2013-06-24 20:10 - 2011-08-18 13:46 - 00174834 ____A C:\Windows\System32\perfc007.dat
2013-06-24 20:10 - 2009-07-14 07:13 - 01808082 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-24 20:09 - 2013-06-24 18:38 - 00040422 ____A C:\Windows\WindowsUpdate.log
2013-06-24 20:09 - 2013-01-04 00:04 - 00000924 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000UA.job
2013-06-24 20:07 - 2013-06-24 20:07 - 00000000 ____D C:\Windows\ERUNT
2013-06-24 20:07 - 2013-06-24 20:07 - 00000000 ____D C:\JRT
2013-06-24 20:05 - 2013-06-24 20:00 - 00000112 ____A C:\Windows\setupact.log
2013-06-24 20:05 - 2012-01-13 17:01 - 00000000 ____D C:\ProgramData\VMware
2013-06-24 20:05 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-24 20:03 - 2013-06-24 20:02 - 00009721 ____A C:\AdwCleaner[S1].txt
2013-06-24 20:00 - 2013-06-24 20:00 - 00000000 ____A C:\Windows\setuperr.log
2013-06-24 19:59 - 2013-06-24 19:59 - 00648201 ____A C:\Users\Nico\Desktop\adwcleaner.exe
2013-06-24 19:58 - 2013-06-24 19:57 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Nico\Desktop\JRT.exe
2013-06-24 19:34 - 2013-03-19 22:58 - 00691712 __ASH C:\Users\Nico\Desktop\Thumbs.db
2013-06-24 19:30 - 2012-08-26 15:03 - 00001064 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
2013-06-24 19:29 - 2013-06-22 13:45 - 00000000 ____D C:\Windows\Minidump
2013-06-24 19:29 - 2012-09-04 17:44 - 00000000 ____D C:\Users\Nico\AppData\Roaming\DAEMON Tools Pro
2013-06-24 19:29 - 2012-01-12 19:08 - 00000000 ____D C:\Users\Nico\AppData\Roaming\BitTorrent
2013-06-24 19:29 - 2011-12-14 09:59 - 00000000 ____D C:\Users\Nico\AppData\Local\CrashDumps
2013-06-24 19:28 - 2013-06-24 19:28 - 00000000 ___SD C:\ComboFix
2013-06-24 19:28 - 2013-06-24 18:21 - 00000000 ____D C:\Qoobox
2013-06-24 19:04 - 2013-06-24 18:21 - 00000000 ____D C:\Windows\erdnt
2013-06-24 19:00 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-24 18:33 - 2013-06-24 18:33 - 02092792 ____A C:\Users\Nico\Downloads\avira_free_antivirus(1).exe
2013-06-24 18:25 - 2013-06-24 18:24 - 00000075 ____A C:\Users\Nico\Desktop\test.bat
2013-06-24 18:24 - 2013-06-24 18:24 - 00000069 ____A C:\Users\Nico\Desktop\test.cmd.txt
2013-06-24 18:17 - 2013-06-24 18:16 - 05082330 ____R (Swearware) C:\Users\Nico\Desktop\ComboFix.exe
2013-06-24 16:49 - 2013-06-23 12:17 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part7.rar
2013-06-24 16:49 - 2012-04-21 12:08 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Skype
2013-06-24 15:22 - 2013-06-22 12:29 - 00000000 ____D C:\Users\Nico\Desktop\Gegen Virus
2013-06-24 15:18 - 2013-06-24 14:20 - 00000000 ____D C:\FRST
2013-06-24 14:19 - 2013-06-24 14:19 - 01931364 ____A (Farbar) C:\Users\Nico\Desktop\FRST64.exe
2013-06-23 13:31 - 2013-06-23 13:01 - 89977796 ____A C:\Users\Nico\Downloads\D.DX.12.13.part8.rar
2013-06-23 13:24 - 2012-06-06 21:16 - 00000000 ____D C:\Users\Nico\AppData\Roaming\Spotify
2013-06-23 12:16 - 2013-06-22 12:21 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part4.rar
2013-06-23 11:48 - 2011-12-19 17:33 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-06-22 12:41 - 2013-06-22 12:41 - 00000392 ____A C:\Users\Nico\defogger_reenable
2013-06-22 12:41 - 2011-12-08 15:43 - 00000000 ____D C:\users\Nico
2013-06-22 11:30 - 2013-06-20 22:15 - 00000000 ____D C:\Users\Nico\AppData\Roaming\vlc
2013-06-21 23:08 - 2013-01-04 00:03 - 00000902 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4147683108-3158561192-3553953681-1000Core.job
2013-06-21 14:21 - 2013-06-21 14:21 - 00000000 ____D C:\Users\Nico\Downloads\SpybotPortable
2013-06-21 14:20 - 2013-06-21 14:19 - 57524944 ____A (PortableApps.com) C:\Users\Nico\Downloads\SpybotPortable_2.1.paf.exe
2013-06-21 14:14 - 2013-06-21 14:14 - 10285040 ____A (Malwarebytes Corporation                                    ) C:\Users\Nico\Downloads\mbam-setup-1.75.0.1300.exe
2013-06-20 22:42 - 2013-06-20 22:07 - 104857600 ____A C:\Users\Nico\Downloads\D.DX.12.13.part3.rar
2013-06-20 22:39 - 2013-06-20 22:39 - 00000019 ____A C:\Users\Nico\Desktop\in 1,5 aus.cmd
2013-06-20 22:30 - 2013-06-20 22:16 - 00000000 ____D C:\Program Files (x86)\x264 Video Codec
2013-06-20 22:28 - 2013-06-20 22:28 - 00000000 ____D C:\Windows\Profiles\Nico
2013-06-20 22:15 - 2013-06-20 22:15 - 00000000 ____D C:\Program Files\VideoLAN
2013-06-20 22:12 - 2013-06-20 22:12 - 23229256 ____A C:\Users\Nico\Downloads\vlc-2.0.7-win64.exe
2013-06-20 19:44 - 2012-01-12 19:09 - 00000000 ____D C:\Program Files (x86)\BitTorrent
2013-06-20 19:41 - 2013-06-20 19:41 - 01125456 ____A (BitTorrent Inc.) C:\Users\Nico\Downloads\BitTorrent.exe
2013-06-19 18:38 - 2012-06-06 21:17 - 00000000 ____D C:\Users\Nico\AppData\Local\Spotify
2013-06-19 15:31 - 2012-08-26 15:05 - 00002374 ____A C:\Users\Nico\Desktop\Google Chrome.lnk
2013-06-18 15:50 - 2011-12-09 15:06 - 01786150 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-18 15:32 - 2012-03-26 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2013-06-18 15:32 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\MSBuild
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default\Documents\Visual Studio 2008
2013-06-18 15:22 - 2013-06-18 15:22 - 00000000 ____D C:\Users\Default User\Documents\Visual Studio 2008
2013-06-17 21:28 - 2012-03-26 20:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2013-06-17 21:27 - 2013-06-17 21:27 - 00000000 ____D C:\ProgramData\VS
2013-06-17 21:25 - 2013-06-17 21:25 - 00000000 ____D C:\fbabd28d772111eec99e8982
2013-06-17 18:08 - 2013-06-17 18:08 - 00001795 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-17 18:08 - 2013-06-17 18:07 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-17 18:08 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iTunes
2013-06-17 18:08 - 2012-10-13 14:19 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-17 18:07 - 2013-06-17 18:07 - 00000000 ____D C:\Program Files\iPod
2013-06-14 22:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-14 14:30 - 2013-06-14 14:30 - 00000466 ____A C:\Users\Nico\Desktop\DATA (D) - Verknüpfung.lnk
2013-06-13 21:27 - 2013-06-13 17:22 - 731594045 ____A C:\Users\Nico\Downloads\342fdsfssmo5.rar
2013-06-12 21:15 - 2013-06-14 14:31 - 00000101 ____A C:\Users\Nico\Downloads\ind-scary.nfo
2013-06-12 21:15 - 2013-02-06 22:32 - 00000341 ____A C:\Users\Nico\Downloads\www.goldesel.to - www.charts.to .txt
2013-06-12 21:15 - 2013-02-06 22:32 - 00000291 ____A C:\Users\Nico\Downloads\Charts.to - Die ultimative Seite fuer Charts als Direkt-Download.url
2013-06-12 21:15 - 2013-02-06 22:32 - 00000220 ____A C:\Users\Nico\Downloads\Goldesel.to - Die Seite fuer Direkt-Downloads aller Art.url
2013-06-12 18:30 - 2012-04-14 15:21 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 18:30 - 2011-07-25 12:15 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-12 15:51 - 2011-12-17 14:27 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 15:07 - 2013-01-24 18:29 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-12 15:07 - 2011-07-25 11:54 - 00000000 ____D C:\ProgramData\Skype
2013-06-10 16:40 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-08 17:43 - 2011-12-15 23:13 - 00000616 ____A C:\Users\Nico\Documents\ax_files.xml
2013-06-07 13:44 - 2012-11-05 18:14 - 00000000 ____D C:\Users\Nico\AppData\Local\Origin
2013-06-07 13:44 - 2012-11-05 18:07 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-05 15:46 - 2013-04-13 19:06 - 00000000 __SHD C:\Users\Nico\wc
2013-06-05 15:41 - 2013-06-05 15:41 - 00001036 ____A C:\Users\Nico\Desktop\ILS-SimV4.exe - Verknüpfung.lnk
2013-06-03 17:21 - 2013-04-07 11:47 - 01130496 ____A C:\Users\Nico\Desktop\Schuppenat_Noel_09A (2).lpo
2013-05-28 15:05 - 2013-06-20 20:02 - 00163328 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-24 20:31

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 25.06.2013 07:47
Komisch.

Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.



tha619 25.06.2013 08:12
Ich muss allerdings dazu sagen, dass ich zur Zeit auf der Arbeit bin und nicht testen kann ob das Netzwerk wieder geht.

Code:
Farbar Service Scanner Version: 16-06-2013
Ran by Nico (administrator) on 25-06-2013 at 08:58:45
Running from "C:\Users\Nico\Desktop"
Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Other errors
There is no connection to network.
Attempt to access Google IP returned error. Other errors
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo.com returned error: Other errors


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Action Center Notification Icon =====> Unable to open HKLM\...\ShellServiceObjects\{F56F6FDD-AA9D-4618-A949-C1B91AF43B1A} key. The key does not exist.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2013-06-12 14:50] - [2013-05-08 08:39] - 1910632 ____A (Microsoft Corporation) 9849EA3843A2ADBDD1497E97A85D8CAE

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2013-06-12 14:50] - [2013-05-13 07:51] - 0184320 ____A (Microsoft Corporation) D8129C49798CBBFB2E4351D4B7B8EF9C

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
EDIT:

habe mit dem Handy nen Hotspot errichtet, aber immer noch kien internet!

schrauber 25.06.2013 08:18
Definier mal bitte es geht kein Internet.

tha619 25.06.2013 08:46
Kriege zwar eine 192. IP , aber komme nicht mal auf die Weboberfläche des Routers. Geschweigedenn irgendwelche Internetseiten, auch Avira kann keinen Kontakt ins Netz herstellen. WLAN ist verbunden, auch muss der Kontak zum Router da sein, da ich ja eine IP bekomme.

habe gerade gesehen das ich noch einen Systemwiderherstellungspunkt vom 19.06 habe, also ein tag bevor ich mir den gefangen habe, kann ich den auswählen oder bestehen da jetzt komplikationen?

schrauber 25.06.2013 13:57
Nee lass das mit dem SWH-Punkt.

Fix mit FRST
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
ZeroAccess:
C:\Windows\assembly\GAC_32\Desktop.ini

ZeroAccess:
C:\Windows\assembly\GAC_64\Desktop.ini
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Windows-taste+R, schreibe

netsh winsock reset
ipconfig /flushdns

und drück nach jeder Zeile enter. Immer noch kein Inet?

tha619 25.06.2013 15:47
Leider noch kein Internet , die andere Log Datei kommt gleich oder heute Abend !


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:15 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131