Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Interpol Trojaner (https://www.trojaner-board.de/151009-interpol-trojaner.html)

dyoni 13.03.2014 21:28
Interpol Trojaner
 
Guten Abend,
leider hat es mich nun auch erwischt. Ich habe versucht eine Lösung zu finden ohne aktive Hilfestellung bekommen zu müssen, da ich jedoch nicht fündig wurde würde ich um Unterstützung bitten.

zur Info dies dürfe die hartnäckigere Variante des ehemaligen BKA Viruses sein (auch der Abgesicherte Modus wurde immer sofort heruntergefahren)

Mein System Windows 7 (x64)

Anbei das erstellte FRST64 Logfile
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by SYSTEM on MININT-Q2SIQTK on 13-03-2014 21:10:52
Running from J:\
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.


The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-10-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-10-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1096576 2012-01-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348624 2012-05-01] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\Alex\...\Run: [vegas] - rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
HKU\Alex\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\Alex\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\Alex\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\Alex\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs-x32: c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll [3618304 2013-11-18] ()
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk
ShortcutTarget: b4vfrbo.lnk -> C:\ProgramData\obrfv4b.cpp (Microsoft Corporation)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk
ShortcutTarget: EventGhost.lnk -> C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project)

==================== Services (Whitelisted) =================

S2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [809736 2009-09-29] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-01] (Avira Operations GmbH & Co. KG)
S2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
S2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [545280 2012-01-16] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [40832 2012-01-12] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 Winmgmt; C:\ProgramData\b4vfrbo.zvv [332540 2014-03-07] (Microsoft Corporation)
S2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-10-10] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S1 hwinterfacex64; C:\Windows\System32\Drivers\hwinterfacex64.sys [5632 2011-06-04] (Logix4u)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-02-05] (hxxp://libusb-win32.sourceforge.net)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-10-10] ()
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
S3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95232 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
S3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [70144 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-06] (Duplex Secure Ltd.)
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-27] (Jungo Connectivity)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-13 21:10 - 2014-03-13 21:10 - 00000000 ____D () C:\FRST
2014-03-13 20:38 - 2014-03-13 20:38 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:56 - 2014-03-13 20:37 - 00000000 ____D () C:\Users\Alex\AppData\Local\Temporary Projects
2014-03-07 14:03 - 2014-03-07 14:03 - 00332540 ____T (Microsoft Corporation) C:\ProgramData\b4vfrbo.zvv
2014-03-07 14:02 - 2014-03-13 21:01 - 95027928 ____T () C:\ProgramData\b4vfrbo.fee
2014-03-07 14:02 - 2014-03-07 14:02 - 00220201 _____ (Microsoft Corporation) C:\ProgramData\obrfv4b.cpp
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-02-27 22:17 - 2014-03-07 14:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-02-27 22:17 - 2014-03-07 14:46 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:09 - 2014-02-27 22:31 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-02-27 21:19 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1150.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1140.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00143360 _____ (Jungo) C:\Windows\SysWOW64\wdapi1010.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi102.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1011.dll

==================== One Month Modified Files and Folders =======

2014-03-13 21:10 - 2014-03-13 21:10 - 00000000 ____D () C:\FRST
2014-03-13 21:01 - 2014-03-07 14:02 - 95027928 ____T () C:\ProgramData\b4vfrbo.fee
2014-03-13 21:00 - 2012-07-14 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-13 20:53 - 2012-09-26 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 20:53 - 2012-09-26 11:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 20:53 - 2012-09-26 11:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 20:53 - 2012-09-26 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-13 20:48 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-13 20:48 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-13 20:43 - 2009-10-09 22:51 - 01120015 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 20:38 - 2014-03-13 20:38 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-03-13 20:38 - 2009-10-10 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-13 20:38 - 2009-10-09 22:52 - 00000000 ____D () C:\users\Alex
2014-03-13 20:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-13 20:38 - 2009-07-14 05:51 - 00052098 _____ () C:\Windows\setupact.log
2014-03-13 20:37 - 2014-03-09 14:56 - 00000000 ____D () C:\Users\Alex\AppData\Local\Temporary Projects
2014-03-13 20:37 - 2012-09-26 11:52 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-13 20:37 - 2009-10-09 23:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-13 20:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:57 - 2010-05-15 23:48 - 00000000 ____D () C:\Users\Alex\Documents\Visual Studio 2010
2014-03-07 18:44 - 2009-07-14 03:34 - 00001105 _____ () C:\Windows\System32\Drivers\etc\hosts.bak
2014-03-07 14:46 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-03-07 14:46 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-03-07 14:03 - 2014-03-07 14:03 - 00332540 ____T (Microsoft Corporation) C:\ProgramData\b4vfrbo.zvv
2014-03-07 14:02 - 2014-03-07 14:02 - 00220201 _____ (Microsoft Corporation) C:\ProgramData\obrfv4b.cpp
2014-03-06 23:57 - 2009-10-10 22:37 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-03-06 01:58 - 2009-10-10 12:53 - 00002050 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-05 21:27 - 2009-07-14 18:58 - 01626168 _____ () C:\Windows\System32\perfh007.dat
2014-03-05 21:27 - 2009-07-14 18:58 - 00437876 _____ () C:\Windows\System32\perfc007.dat
2014-03-05 21:27 - 2009-07-14 06:13 - 00006682 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-27 22:42 - 2011-11-19 23:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microchip
2014-02-27 22:31 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:13 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:09 - 2009-10-10 06:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 22:07 - 2009-10-25 14:52 - 00049138 _____ () C:\Windows\DPINST.LOG
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:59 - 2010-05-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\System32\appmgmt
2014-02-27 21:20 - 2009-10-25 14:52 - 00000000 ____D () C:\Program Files\DIFX
2014-02-23 20:23 - 2012-04-01 13:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\Microchip
2014-02-22 20:52 - 2013-12-29 11:39 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-22 20:52 - 2009-10-10 07:07 - 00254132 _____ () C:\Windows\PFRO.log
2014-02-16 01:32 - 2009-10-10 22:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\dvdcss
2014-02-13 20:44 - 2012-09-26 11:52 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Files to move or delete:
====================
C:\ProgramData\b4vfrbo.fee
C:\ProgramData\b4vfrbo.zvv


Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\3p35jfpw.dll
C:\Users\Alex\AppData\Local\Temp\AlawarGameBoxWebSetup.exe
C:\Users\Alex\AppData\Local\Temp\AskSLib.dll
C:\Users\Alex\AppData\Local\Temp\avguidx.dll
C:\Users\Alex\AppData\Local\Temp\AVG_toolbar.exe
C:\Users\Alex\AppData\Local\Temp\bassmod.dll
C:\Users\Alex\AppData\Local\Temp\devcpp-4.9.9.2_setup.exe
C:\Users\Alex\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Alex\AppData\Local\Temp\drm_dyndata_7320012.dll
C:\Users\Alex\AppData\Local\Temp\DTLite4355-0068.exe
C:\Users\Alex\AppData\Local\Temp\e3h4e2k1.dll
C:\Users\Alex\AppData\Local\Temp\FarmFrenzy3IceAge_1660.exe
C:\Users\Alex\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\fsprod.dll
C:\Users\Alex\AppData\Local\Temp\fssfm.dll
C:\Users\Alex\AppData\Local\Temp\glz25fip.dll
C:\Users\Alex\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Alex\AppData\Local\Temp\mejtrvfx.dll
C:\Users\Alex\AppData\Local\Temp\nvStInst.exe
C:\Users\Alex\AppData\Local\Temp\oi_{2F3721C9-2F45-48E3-A821-17F0907EEEA5}.exe
C:\Users\Alex\AppData\Local\Temp\ose00000.exe
C:\Users\Alex\AppData\Local\Temp\Paint.NET.3.5.8.Install.exe
C:\Users\Alex\AppData\Local\Temp\preconfig.exe
C:\Users\Alex\AppData\Local\Temp\qn5elkzf.dll
C:\Users\Alex\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alex\AppData\Local\Temp\Softonic_Deutsch.exe
C:\Users\Alex\AppData\Local\Temp\tbSoft.dll
C:\Users\Alex\AppData\Local\Temp\ubiE6E2.tmp.exe
C:\Users\Alex\AppData\Local\Temp\vys.dll
C:\Users\Alex\AppData\Local\Temp\yo0via0f.dll
C:\Users\Alex\AppData\Local\Temp\z1amcgxy.dll


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2014-02-27 21:27:20
Restore point made on: 2014-02-27 21:29:35
Restore point made on: 2014-02-27 21:41:09
Restore point made on: 2014-02-27 21:42:37
Restore point made on: 2014-02-27 21:43:49
Restore point made on: 2014-02-27 21:45:39
Restore point made on: 2014-02-27 21:46:35
Restore point made on: 2014-02-27 22:07:05
Restore point made on: 2014-02-27 22:09:05
Restore point made on: 2014-03-01 00:42:16
Restore point made on: 2014-03-09 16:01:08

==================== Memory info ===========================

Percentage of memory in use: 14%
Total physical RAM: 4095.18 MB
Available physical RAM: 3493.23 MB
Total Pagefile: 4093.33 MB
Available Pagefile: 3477.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:139.73 GB) (Free:43.72 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:1397.26 GB) (Free:11.81 GB) NTFS
Drive j: () (Removable) (Total:0.27 GB) (Free:0.26 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 140 GB) (Disk ID: C03FC8C5)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1397 GB) (Disk ID: 7F9DF4C9)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 15 GB) (Disk ID: 1A2CA942)
Partition 1: (Active) - (Size=277 MB) - (Type=0B)


LastRegBack: 2014-03-01 20:39

==================== End Of Log ============================
Vorab schon einmal ein großes Dankeschön
lg dyoni

Bootsektor 13.03.2014 22:46
:hallo:

Ich habe dein Thema in Arbeit und melde mich so schnell wie möglich mit weiteren Anweisungen.

Bootsektor 13.03.2014 22:55
:hallo:

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:
  • Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [code][/code]
  • Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also [CODE] Logfile [/CODE]
  • Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Kannst du nach diesem Fix wieder normal starten?

Schritt 1
Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk
ShortcutTarget: b4vfrbo.lnk -> C:\ProgramData\obrfv4b.cpp (Microsoft Corporation)
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk
C:\ProgramData\obrfv4b.cpp
C:\ProgramData\b4vfrbo.zvv
C:\ProgramData\b4vfrbo.fee
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Fix Button.
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.


Achtung, dies ist ein Entsperrungsversuch, das bedeutet nicht, dass dein PC nun frei von Malware ist, bitte arbeite also weiterhin mit!

dyoni 13.03.2014 23:11
Hallo Sandra,

vielen Dank für die rasche Rückmeldung.

Wie gewünscht hier das Ergebnis (Fixlog.txt)

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-03-2014
Ran by SYSTEM at 2014-03-13 23:08:36 Run:1
Running from J:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk
ShortcutTarget: b4vfrbo.lnk -> C:\ProgramData\obrfv4b.cpp (Microsoft Corporation)
C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk
C:\ProgramData\obrfv4b.cpp
C:\ProgramData\b4vfrbo.zvv
C:\ProgramData\b4vfrbo.fee
       
*****************

C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk => Moved successfully.
C:\ProgramData\obrfv4b.cpp => Moved successfully.
"C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b4vfrbo.lnk" => File/Directory not found.
"C:\ProgramData\obrfv4b.cpp" => File/Directory not found.
C:\ProgramData\b4vfrbo.zvv => Moved successfully.
C:\ProgramData\b4vfrbo.fee => Moved successfully.

==== End of Fixlog ====
lg alex

Bootsektor 13.03.2014 23:14
Hallo Alex.

Kannst du den Rechner denn jetzt normal starten?

Wenn ja, dann mache bitte folgendes:

Schritt 1

Verschiebe nun die FRST.exe von Deinem USB-Stick auf den Desktop Deines Rechners.
Starte jetzt noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

dyoni 13.03.2014 23:37
Hallo,
danke es ist zumindest wieder Zugriff auf mein System möglich

FRST.txt

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Alex (administrator) on ATHLONX2 on 13-03-2014 23:21:58
Running from C:\Users\Alex\Desktop
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\RunTask.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\RunTask.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-10-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-10-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1096576 2012-01-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348624 2012-05-01] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [vegas] - rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {95e0debd-a186-11df-a734-0026180a6d0e} - F:\raf-anno2070.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {a172ac67-b58e-11de-9323-0026180a6d0e} - L:\autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs-x32: c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll [3618304 2013-11-18] ()
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk
ShortcutTarget: EventGhost.lnk -> C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0675B732B49CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
URLSearchHook: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
URLSearchHook: HKCU - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
SearchScopes: HKCU - {10039295-EA80-4CA0-9A68-0377A872A131} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={92BDE6D3-F2A2-44A3-A1C7-74A4EA033015}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default
FF user.js: detected! => C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: ST Deutsch Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT1351351&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=2&CUI=SB_CUI&UM=UM_ID&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\Babylon.xml
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\fb_add_on@avm.de [2013-05-20]
FF Extension: Delta Toolbar - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\ffxtlbr@delta.com [2013-07-17]
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\staged [2014-01-04]
FF Extension: ST Deutsch Community Toolbar - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} [2013-04-18]
FF Extension: Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@software.joehewitt.com.xpi [2011-07-30]
FF Extension: CodeBurner for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@tools.sitepoint.com.xpi [2011-07-30]
FF Extension: Firefinder for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firefinder@robertnyman.com.xpi [2011-07-30]
FF Extension: SQLite Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2012-11-15]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [809736 2009-09-29] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-01] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
U2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [545280 2012-01-16] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [40832 2012-01-12] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 Winmgmt; C:\PROGRA~3\b4vfrbo.zvv [X]

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-10-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S1 hwinterfacex64; C:\Windows\System32\Drivers\hwinterfacex64.sys [5632 2011-06-04] (Logix4u)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-02-05] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-10-10] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
R3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95232 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
R3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [70144 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-06] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-27] (Jungo Connectivity)
U3 ar01yecd; C:\Windows\System32\Drivers\ar01yecd.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-13 23:21 - 2014-03-13 23:22 - 00021798 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-13 23:21 - 2014-03-12 20:04 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-13 21:10 - 2014-03-13 23:21 - 00000000 ____D () C:\FRST
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:56 - 2014-03-13 20:37 - 00000000 ____D () C:\Users\Alex\AppData\Local\Temporary Projects
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-02-27 22:17 - 2014-03-07 14:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-02-27 22:17 - 2014-03-07 14:46 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:09 - 2014-02-27 22:31 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:19 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1150.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1140.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00143360 _____ (Jungo) C:\Windows\SysWOW64\wdapi1010.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi102.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1011.dll

==================== One Month Modified Files and Folders =======

2014-03-13 23:22 - 2014-03-13 23:21 - 00021798 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-13 23:22 - 2012-07-14 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-13 23:21 - 2014-03-13 21:10 - 00000000 ____D () C:\FRST
2014-03-13 23:21 - 2009-10-09 22:51 - 01122072 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 23:16 - 2012-09-26 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-13 23:16 - 2009-10-10 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-13 23:16 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-13 23:16 - 2009-07-14 05:51 - 00052154 _____ () C:\Windows\setupact.log
2014-03-13 23:08 - 2009-10-09 22:52 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 20:53 - 2012-09-26 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-13 20:53 - 2012-09-26 11:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-13 20:53 - 2012-09-26 11:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 20:48 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-13 20:48 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-13 20:38 - 2009-10-09 22:52 - 00000000 ____D () C:\Users\Alex
2014-03-13 20:37 - 2014-03-09 14:56 - 00000000 ____D () C:\Users\Alex\AppData\Local\Temporary Projects
2014-03-13 20:37 - 2012-09-26 11:52 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-13 20:37 - 2009-10-09 23:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-13 20:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-12 20:04 - 2014-03-13 23:21 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:57 - 2010-05-15 23:48 - 00000000 ____D () C:\Users\Alex\Documents\Visual Studio 2010
2014-03-07 18:44 - 2009-07-14 03:34 - 00001105 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-03-07 14:46 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-03-07 14:46 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-03-06 23:57 - 2009-10-10 22:37 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-03-06 01:58 - 2009-10-10 12:53 - 00002050 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-05 21:27 - 2009-07-14 18:58 - 01626168 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 21:27 - 2009-07-14 18:58 - 00437876 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 21:27 - 2009-07-14 06:13 - 00006682 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 22:42 - 2011-11-19 23:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microchip
2014-02-27 22:31 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:13 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:09 - 2009-10-10 06:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 22:07 - 2009-10-25 14:52 - 00049138 _____ () C:\Windows\DPINST.LOG
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:59 - 2010-05-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:20 - 2009-10-25 14:52 - 00000000 ____D () C:\Program Files\DIFX
2014-02-23 20:23 - 2012-04-01 13:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\Microchip
2014-02-22 20:52 - 2013-12-29 11:39 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-22 20:52 - 2009-10-10 07:07 - 00254132 _____ () C:\Windows\PFRO.log
2014-02-16 01:32 - 2009-10-10 22:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\dvdcss
2014-02-13 20:44 - 2012-09-26 11:52 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\3p35jfpw.dll
C:\Users\Alex\AppData\Local\Temp\AlawarGameBoxWebSetup.exe
C:\Users\Alex\AppData\Local\Temp\AskSLib.dll
C:\Users\Alex\AppData\Local\Temp\avguidx.dll
C:\Users\Alex\AppData\Local\Temp\AVG_toolbar.exe
C:\Users\Alex\AppData\Local\Temp\bassmod.dll
C:\Users\Alex\AppData\Local\Temp\devcpp-4.9.9.2_setup.exe
C:\Users\Alex\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Alex\AppData\Local\Temp\drm_dyndata_7320012.dll
C:\Users\Alex\AppData\Local\Temp\DTLite4355-0068.exe
C:\Users\Alex\AppData\Local\Temp\e3h4e2k1.dll
C:\Users\Alex\AppData\Local\Temp\FarmFrenzy3IceAge_1660.exe
C:\Users\Alex\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\fsprod.dll
C:\Users\Alex\AppData\Local\Temp\fssfm.dll
C:\Users\Alex\AppData\Local\Temp\glz25fip.dll
C:\Users\Alex\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Alex\AppData\Local\Temp\mejtrvfx.dll
C:\Users\Alex\AppData\Local\Temp\nvStInst.exe
C:\Users\Alex\AppData\Local\Temp\oi_{2F3721C9-2F45-48E3-A821-17F0907EEEA5}.exe
C:\Users\Alex\AppData\Local\Temp\ose00000.exe
C:\Users\Alex\AppData\Local\Temp\Paint.NET.3.5.8.Install.exe
C:\Users\Alex\AppData\Local\Temp\preconfig.exe
C:\Users\Alex\AppData\Local\Temp\qn5elkzf.dll
C:\Users\Alex\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alex\AppData\Local\Temp\Softonic_Deutsch.exe
C:\Users\Alex\AppData\Local\Temp\tbSoft.dll
C:\Users\Alex\AppData\Local\Temp\ubiE6E2.tmp.exe
C:\Users\Alex\AppData\Local\Temp\vys.dll
C:\Users\Alex\AppData\Local\Temp\yo0via0f.dll
C:\Users\Alex\AppData\Local\Temp\z1amcgxy.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-03-01 20:39

==================== End Of Log ============================
--- --- ---

--- --- ---



Addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2014
Ran by Alex at 2014-03-13 23:22:38
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================


==================== Installed Programs ======================

ABBYY FineReader 10 Professional Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.51.7008 - ABBYY)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Professional (HKLM-x32\...\Adobe_a68eec966ce913ddaa63251dc82ed31) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
ALPHACOOL USB DISPLAY 1.0.0 (HKLM-x32\...\ALPHACOOL USB DISPLAY SOFTWARE_is1) (Version: 0.0.1 - ALPHACOOL GmbH)
AMD DnD V1.0.19 (x32 Version: 1.0.19 - AMD) Hidden
Anno 2070 (HKLM-x32\...\{435C32E1-96F0-4518-B051-A5403900C389}_is1) (Version: 1.01 - RAF)
ATI Catalyst Install Manager (HKLM\...\{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Atmel ARM GNU Toolchain (HKLM-x32\...\{D237FA93-8456-4FE5-94E6-48A26C4BDCD7}) (Version: 4.7.1416 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{43805F64-77D3-4CC4-A63B-9269914AA565}) (Version: 3.4.1052 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{6AB4A87F-2AF4-42F3-9FAB-5571BDDBA7DC}) (Version: 3.4.1051 - Atmel)
Atmel JungoUSB (x32 Version: 6.2.84 - Atmel) Hidden
Atmel LibUSB (x32 Version: 6.2.36 - Atmel) Hidden
Atmel SeggerUSB (x32 Version: 6.2.22 - Atmel) Hidden
Atmel Studio 6.2 (HKLM-x32\...\{97D378E2-A10A-463F-9752-D4B332A7218E}) (Version: 6.2.993 - Atmel)
Atmel Studio Backend (HKLM-x32\...\{E4DD3C3F-AE95-439C-A041-49E0A9D23185}) (Version: 1.10.318 - Atmel Corporation)
Atmel Studio InfFiles (x32 Version: 6.2.63 - Atmel Corporation) Hidden
Atmel USB Driver Package (HKLM-x32\...\{13fdfa7e-1bec-46cf-8231-3dd7bf6d0f3c}) (Version: 6.2.223 - Atmel)
Atmel WinUSB (x32 Version: 6.2.20 - Atmel) Hidden
AtmelSoftwareFramework (HKLM-x32\...\{EB2C6ED5-9313-40D2-B391-DA7FAA7C7BEF}) (Version: 3.15.1244 - Atmel)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.0.0.1125 - Avira)
AVR macro Assembler (HKLM-x32\...\{0D051458-97D0-44FD-AD8F-53D16BBED7D4}) (Version: 2.1.1103 - Atmel)
Awavo Com Port Monitor version 3.5 (HKCU\...\{3DD4341D-3A1B-4C85-A226-E1417B18351F}_is1) (Version: 3.5 - Awavo Software)
AX88772_Vista_64 (HKLM-x32\...\InstallShield_{D5816E5F-1EB0-40FA-A21D-5DEA01F1F4C2}) (Version: 1.00.0000 - ASIX Electronics Corporation)
AX88772_Vista_64 (x32 Version: 1.00.0000 - ASIX Electronics Corporation) Hidden
Big Fish Games Client (HKLM-x32\...\BFGC) (Version: 1.3.0.8 - )
BitGuard (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - MediaTechSoft Inc.) <==== ATTENTION
Blobby Volley 2 Version 1.0RC1 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC1_is1) (Version:  - )
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CdCoverCreator 2.5.2 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.2 - thyanté Software)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Cursed House 2 - Deutsch 1.0 (HKLM-x32\...\Cursed House 2 - Deutsch 1.0) (Version: 1.0 - BigFish)
DAEMON Tools Toolbar (HKLM-x32\...\DAEMON Tools Toolbar) (Version: 1.0.8.0552 - DT Soft Ltd) <==== ATTENTION
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar  (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Digital Scope Ver2.0.0.5 (HKLM-x32\...\Digital Scope Ver2.0.0.5) (Version: 2.0.0.5 - ODM)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EAGLE 6.1.0 (HKLM-x32\...\EAGLE 6.1.0) (Version: 6.1.0 - CadSoft Computer GmbH)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EventGhost 0.4.1.r1582 (HKLM-x32\...\EventGhost_is1) (Version: 0.4.1.r1582 - EventGhost Project)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version:  - )
Farm Frenzy 3 - Ice Age (HKLM-x32\...\{DD6D9C2A-6FF5-4EB0-8ECB-146D4B015550}) (Version: 1.00.0000 - Purplehills)
Farm Frenzy 3 (HKLM-x32\...\{C861E63F-F1ED-46BD-9AE7-D5051915B1D9}) (Version: 1.00.0000 - Purplehills)
Farm Frenzy 3 (HKLM-x32\...\Farm Frenzy 3) (Version: 1.0 - Melestra)
Farm Frenzy 3 Russisches Roulette v1.0 (HKLM-x32\...\{5A480C53-6AAC-4E07-BC24-BD4E8AC7D246}_is1) (Version:  - My Company, Inc.)
Farm Frenzy 3: Ice Age (HKLM-x32\...\Farm Frenzy 3: Ice Age) (Version:  - Alawar Entertainment Inc.)
Farmer Jane (HKLM-x32\...\BFG-Farmer Jane) (Version:  - )
Free Video to DVD Converter version 5.0.27.717 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.27.717 - DVDVideoSoft Ltd.)
Free-Buttons.org (HKLM-x32\...\Free-Buttons.org) (Version:  - )
Germany's next Topmodel - Deluxe Edition (HKLM-x32\...\Germany's next Topmodel - Deluxe Edition_is1) (Version:  - dtp young)
HI-TECH C Compiler for the PIC10/12/16 MCUs V9.83PL0 (HKLM-x32\...\PICC 9.83) (Version: 9.83 - HI-TECH Software)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB945282) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB945282) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946040) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB946040) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946308) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB946308) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947540) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB947540) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947789) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB948127) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB948127) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
jaLCDs v3.2 (HKLM-x32\...\jaLCDs_is1) (Version:  - HooMair)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
KlimaLogg Pro (HKLM-x32\...\KlimaLogg Pro_is1) (Version:  - TFA Dostmann)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LCDHype Version 0.6 (HKLM-x32\...\LCDHype Version 0.6_is1) (Version:  - ViRuSTriNiTy)
LcdStudio 2.0 Build 806 (HKLM-x32\...\LcdStudio) (Version: 2.0 Build 806 - LcdStudio)
LibUsbDotNet 2.2.8 (HKLM\...\LibUsbDotNet_is1) (Version:  - Travis Robinson)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Likno Web Button Maker - Free version (HKLM-x32\...\Likno Web Button Maker - Free version) (Version: 1.4 - Likno Software)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.6.0.8 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Mathcad 14.0 M010 (HKLM-x32\...\{56CE91CC-92EC-4B0E-98B7-3D0F6AD6C4C5}) (Version: 14.0.1.0 - PTC)
Mathcad 14.0 M010 Help (HKLM-x32\...\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}) (Version: 14.0.1 - Ihr Firmenname)
Mathcad 14.0 M010 Resource Center (HKLM-x32\...\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}) (Version: 14.0.1 - Ihr Firmenname)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microchip Application Libraries v2011-12-05 (HKLM-x32\...\Microchip Application Libraries v2011-12-05 v2011-12-05) (Version: v2011-12-05 - Microchip Technology Inc.)
Microchip Application Libraries v2012-02-15 (HKLM-x32\...\Microchip Application Libraries v2012-02-15 v2012-02-15) (Version: v2012-02-15 - Microchip Technology Inc.)
Microchip Libraries for Applications v2013_12_20 (HKLM-x32\...\Microchip Libraries for Applications v2013_12_20 v2013_12_20) (Version: v2013_12_20 - Microchip Technology Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 Language Pack - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{B006B9E9-41DD-4479-9177-3743A53B7735}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20621.0) (Version: 4.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (x32 Version: 4.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{0536BCDF-7EF6-48F6-8765-A3C065A065A5}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{B0682940-6FFB-4850-80BA-B2FEF0D64BA8}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
Microsoft Expression Design 4 (x32 Version: 7.0.20516.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.1651.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F21D2032-60FE-4729-9C87-46F1615FB965}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20705.0) (Version: 4.0.20705.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (x32 Version: 4.0.20705.0 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1166.0) (Version: 4.0.1166.0 - Microsoft Corporation)
Microsoft Expression Web 4 (x32 Version: 4.0.1166.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Samples (HKLM-x32\...\{579CB8A1-9966-4223-943F-05B3CF84C841}) (Version: 1.0 - Microsoft)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (HKLM\...\{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MOBackup - Datensicherung für Outlook (Testversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 6.16 - Heiko Schröder)
MosChip Multi-IO Controller (HKLM\...\MosChip Technology) (Version:  - )
Mozilla Firefox 12.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MPLAB C for PIC18 MCUs (HKLM-x32\...\MPLAB C for PIC18 MCUs v3.40) (Version: v3.40 - Microchip)
MPLAB Tools v8.80 (HKLM-x32\...\InstallShield_{97AC8E6A-0F76-42B0-B868-AA054D060C4A}) (Version: 8.80 - Microchip Technology Inc.)
MPLAB Tools v8.80 (x32 Version: 8.80 - Microchip Technology Inc.) Hidden
MPLAB X IDE v2.00 (HKLM-x32\...\MPLAB X IDE v2.00 v2.00) (Version: v2.00 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.30) (Version: v1.30 - Microchip)
MSDN Library for Visual Studio 2008 SP1 - DEU (x32 Version: 9.0.30904 - Microsoft Corporation) Hidden
MSDN Library für Visual Studio 2008 SP1 (HKLM-x32\...\MSDN Library für Visual Studio 2008 SP1) (Version: 9.0.30904 - Microsoft Corporation)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector Net 6.2.3 (HKLM-x32\...\{5FD88490-011C-4DF1-B886-F298D955171B}) (Version: 6.2.3 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
MySQL Workbench 5.2 CE (HKLM-x32\...\{E3ABB4CC-1DC5-4430-BC49-D86AB708A9B8}) (Version: 5.2.34.2 - Oracle Corporation)
Mysteries of the Undead (HKLM-x32\...\Mysteries of the Undeadv1.0) (Version: v1.0 - GO! Games)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.540 - Electronic Arts)
NetServer 1.03 (HKLM-x32\...\{7A5508A1-15C9-4755-B9E8-2C6C6E0EDF14}_is1) (Version:  - WhiteLabel)
Nokia Connectivity Cable Driver (HKLM-x32\...\{52D02A2B-03D2-4E34-A358-DC5D951FD296}) (Version: 7.1.17.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.30.9 - Nokia)
Nokia PC Suite (x32 Version: 7.1.30.9 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}) (Version: 01.08.010.40008 - Nokia Corporation)
NVIDIA 3D Vision Controller-Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1070 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 310.70 (Version: 310.70 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{0C973594-7DDF-4BD0-84ED-3517F7622037}) (Version: 9.23.3.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
phpDesigner 7 version 7.2.5 (HKLM-x32\...\phpDesigner7_is1) (Version:  - MPSOFTWARE)
PIC Timer Calculator (HKLM-x32\...\{D1C31A98-7DA8-468D-AFF2-AFEA5A0C55A3}) (Version: 0.9.0.6 - PI© Timer Calculator)
PICkit 2 v2.61 (HKLM-x32\...\{2818ADC7-C1FB-40A8-BE6B-36B62682E9E8}) (Version: 2.61.00 - Microchip)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RENESIS® Player Browser Plugins (HKLM-x32\...\{2CBE278F-B04E-419B-BF25-98DC25997C3A}) (Version: 1.1.1 - examotion® GmbH)
Royal TS (HKLM-x32\...\{1129AB4F-BA74-4A7B-814A-732489A32B36}) (Version: 1.5.0 - code4ward)
SharpDevelop 2.2 (HKLM-x32\...\{7C192D21-DFB3-4F1F-9F06-A6C3D3AE1B85}) (Version: 2.2.2648 - ic#code)
SharpDevelop 3.1.1 (HKLM-x32\...\{BE88BB6D-A85D-4135-AA3D-A6906BD6918A}) (Version: 3.1.5327 - ic#code)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
Softonic_Deutsch Toolbar (HKLM-x32\...\Softonic_Deutsch Toolbar) (Version:  - ) <==== ATTENTION
SQLite ADO.NET 2.0/3.5 Provider (HKLM-x32\...\{00257FA9-3622-45E4-8B4B-A792CC5169EB}) (Version: 1.066.0 - Phoenix Software Solutions, LLC)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Internet TV v8.0 (Premium Edition) (HKLM-x32\...\Super Internet TV (Premium Edition)_is1) (Version:  - Ahusoft)
The Good Life v.1.0.4 (HKLM-x32\...\The Good Life_is1) (Version:  - Iceberg Interactive)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
TopStyle 4 (HKLM-x32\...\TopStyle4_is1) (Version:  - topstyle4.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 RC1 (release candidate 1) - C. Ghisler & Co.)
UltraCompare v6.40 (HKLM-x32\...\{BA04B455-D7E2-4C3A-9C6A-61FE54FCA37A}) (Version: 6.0.181 - IDM Computer Solutions, Inc.)
UltraEdit 15.20 (HKLM-x32\...\{7B2B4D74-7410-4E42-A519-98E651FD4109}) (Version: 15.20.9 - IDM Computer Solutions, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_EXCEL_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 (KB980729) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974561) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0CDDBAA2-2111-4A0E-A1B0-76C40C635331}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb2202131) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A67392E8-282B-4BEF-8020-EF3DD664DE7B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VA HausDesigner Professional 2.0 (HKLM-x32\...\{676BE939-4A20-4AFC-8A05-F929575219D4}) (Version: 2.01.0000 - VA Software Ltd.)
VA Tutorial 2.01 (HKLM-x32\...\My Program_is1) (Version:  - )
vc820_840 Interface Program  (HKLM-x32\...\{DCF0505D-84DF-4313-BA7C-2856AF003100}) (Version: 1.00.0000 - DMM)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Home Server 2011 Connector (HKLM\...\{C1E4D639-4A33-4314-809E-89BD0EF48522}) (Version: 6.1.8800.16395 - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1) (HKLM\...\E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84) (Version: 06/01/2009 4.1 - Nokia)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3) (HKLM\...\F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7) (Version: 06/01/2009 7.01.0.3 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Segger (jlink) USB  (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinHTTrack Website Copier 3.44-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-07 18:44 - 00001056 ____A C:\Windows\system32\Drivers\etc\hosts
            192.168.0.2  homeisle.at
      192.168.0.2  testisle.at       
      192.168.0.2  oriisle.at
      192.168.0.2  entwisle.at
      192.168.0.2  videoisle.at
      192.168.0.2  ftpisle.at
      192.168.0.2  wikiisle.at

==================== Scheduled Tasks (whitelisted) =============

Task: {0E5D13CC-D94A-46B3-9D7C-75757F3D2CF7} - System32\Tasks\Microsoft\Windows\Windows Server\Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {4FB8058B-0BBA-4914-B6EC-D9F7B8CF5DB4} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {6A0C51AC-82D8-44E2-9EA5-F6644D055FB2} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {7447AC42-28A7-4E93-86EE-52D9734BDBF0} - System32\Tasks\{BBEE10A5-340B-49E5-B9C3-ED1C507CCD29} => \\192.168.0.2\Daten_2\_Elektronik\Software\Messgerät\vc820_840\SETUP.EXE
Task: {7B9F8C53-C67C-42B8-88B2-7A0E775D9CDF} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {8B00117E-4E45-408C-82A1-23B22480274B} - System32\Tasks\Microsoft\Windows\Windows Server\Backup_On_Idle => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {915578DE-EF7B-4C24-92E6-07A6B27248B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {91857397-D5D0-4E8C-858C-0FF332A41692} - System32\Tasks\EPUpdater => C:\Users\Alex\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {9425D53F-91C2-4B21-B722-93866701A913} - System32\Tasks\{29C20EC8-464C-4721-AFB7-0A56D1066BED} => D:\Downloads\NokiaSoftwareUpdaterSetup_de.exe [2009-10-25] ()
Task: {9930869E-755C-4D70-8F7B-10C32C5E7875} - System32\Tasks\{201A5D11-CEFC-4147-8A24-56E01D5B3AEB} => H:\P# Dokumentationen Ebooks Bsp etc\C++Builder 3\SETUP.EXE
Task: {9A807BA4-395E-4D7F-9668-90A7548C609A} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {A445D9F3-8CF5-4D08-8F0F-94C8C3C50097} - System32\Tasks\{BB79CC5F-A061-47EC-97CC-D4A142760536} => \\192.168.0.2\Daten_2\_Elektronik\Software\Messgerät\vc820_840\SETUP.EXE
Task: {D3CF8221-18D0-421A-A5C3-E2385BC88ABB} - System32\Tasks\{02540EEC-B4FD-477B-94EE-AE2D18858B6A} => H:\P# Dokumentationen Ebooks Bsp etc\C++Builder 3\SETUP.EXE
Task: {E8DD87F1-1C87-4A59-9D39-2B5832F1ECF5} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {F554843E-3C6A-476A-90B0-379AC8C93CCC} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-29 11:37 - 2013-11-18 15:32 - 01958880 _____ () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll
2012-12-21 09:16 - 2012-12-01 06:49 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-29 11:37 - 2013-11-18 15:32 - 03780064 _____ () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
2014-02-07 17:59 - 2012-01-16 17:54 - 00545280 _____ () C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
2009-10-02 14:20 - 2009-10-02 14:20 - 00112128 _____ () C:\Programme\UltraEdit\ue64ctmn.dll
2009-09-30 05:40 - 2009-09-30 05:40 - 00147968 _____ () C:\Programme\UltraCompare\UC_ShellExt07x64.dll
2009-11-26 22:27 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2009-11-26 22:27 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2013-12-29 11:37 - 2013-11-18 15:31 - 03618304 _____ () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2014-02-07 17:59 - 2012-01-10 11:09 - 00159744 _____ () C:\Program Files (x86)\KlimaLoggPro\sHID.dll
2008-08-12 11:16 - 2008-08-12 11:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 14:01 - 2008-07-29 14:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 13:50 - 2008-07-29 13:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 14:11 - 2008-07-29 14:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Alex\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:A259B70C
AlternateDataStreams: C:\ProgramData\TEMP:AA60673F

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Bonus.SSR.FR10 => "C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/13/2014 09:06:11 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.


Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.
.

Error: (03/12/2014 07:46:29 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.


Details:
Could not query the status of the EventSystem service.

System Error:
Der Computer wird heruntergefahren.
.

Error: (03/09/2014 03:55:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/07/2014 02:10:11 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9c0

Startzeit: 01cf3a05eef6a230

Endzeit: 63

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Berichts-ID: cb51eaf1-a5f9-11e3-81ea-0026180a6d0e

Error: (03/07/2014 02:02:04 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3e7c

Startzeit: 01cf3a04e098a4f0

Endzeit: 88

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Berichts-ID: a90125c1-a5f8-11e3-81ea-0026180a6d0e

Error: (03/07/2014 04:01:48 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/07/2014 03:20:53 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16385, Zeitstempel: 0x4a5bc69e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x222c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (03/05/2014 09:27:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/05/2014 09:27:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/05/2014 09:27:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


System errors:
=============
Error: (03/13/2014 11:27:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:26:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:25:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:25:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:24:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:24:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:23:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:23:42 PM) (Source: DCOM) (User: )
Description: {8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (03/13/2014 11:23:12 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126

Error: (03/13/2014 11:22:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde mit folgendem Fehler beendet:
%%126


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-13 23:16:25.281
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hwinterfacex64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.281
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hwinterfacex64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.265
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.265
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.250
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.250
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.234
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\n3900.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.234
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\n3900.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.218
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\SED133x.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-13 23:16:25.203
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\SED133x.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 39%
Total physical RAM: 4095.18 MB
Available physical RAM: 2494.32 MB
Total Pagefile: 8188.5 MB
Available Pagefile: 6239.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:139.73 GB) (Free:43.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:1397.26 GB) (Free:11.81 GB) NTFS
Drive f: () (Removable) (Total:0.27 GB) (Free:0.26 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 140 GB) (Disk ID: C03FC8C5)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1397 GB) (Disk ID: 7F9DF4C9)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 15 GB) (Disk ID: 1A2CA942)
Partition 1: (Active) - (Size=277 MB) - (Type=0B)

==================== End Of Log ============================

Werd für heute Schluss machen, muss morgen wieder früh raus (morgen Nachmittag/Abend kanns für mich erst wieder weitergehen.)
Vielen vielen Dank nochmals

lg alex

Bootsektor 14.03.2014 00:52
Hallo Alex,

sehr schön.

Es könnte sein, dass du ein Rootkit auf deinem PC hast, das möchte ich gerne überprüfen.
Mache aber vorher noch diesen Schritt
Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
S2 Winmgmt; C:\PROGRA~3\b4vfrbo.zvv [X]

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Schritt 3
Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

dyoni 14.03.2014 23:51
Hallo Sandra,

habe nun alle Logfiles beisammen.

Fixlog.txt

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-03-2014
Ran by Alex at 2014-03-14 22:53:49 Run:2
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S2 Winmgmt; C:\PROGRA~3\b4vfrbo.zvv [X]

*****************

Winmgmt => Service restored successfully.


The system needed a reboot.

==== End of Fixlog ====

mbar-log

Code:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.14.07

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Alex :: ATHLONX2 [administrator]

14.03.2014 23:30:45
mbar-log-2014-03-14 (23-30-45).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 303888
Time elapsed: 12 minute(s), 24 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

FRST.txt


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Alex (administrator) on ATHLONX2 on 14-03-2014 23:44:07
Running from C:\Users\Alex\Desktop
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\ipmGui.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(IDM Computer Solutions, Inc.) C:\Programme\UltraEdit\Uedit32.exe
(Atmel) C:\Program Files (x86)\Atmel\Atmel Studio 6.2\atmelstudio.exe
(Atmel Corporation) C:\Program Files (x86)\Atmel\Atmel Studio 6.2\atbackend\atbackend.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\VCSExpress.exe
(Microsoft Corporation) D:\Daten - Entwicklung\C#\Meine_Projekte\RS232 Kommunikation\RS232 Kommunikation\bin\Debug\RS232 Kommunikation.vshost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-10-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-10-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1096576 2012-01-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348624 2012-05-01] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {95e0debd-a186-11df-a734-0026180a6d0e} - F:\raf-anno2070.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {a172ac67-b58e-11de-9323-0026180a6d0e} - L:\autorun.exe
AppInit_DLLs-x32: c:\progra~3\bitguard\271832~1.68\{c16c1~1\bitguard.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll [3618304 2013-11-18] ()
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk
ShortcutTarget: EventGhost.lnk -> C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0675B732B49CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
URLSearchHook: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
URLSearchHook: HKCU - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
SearchScopes: HKCU - {10039295-EA80-4CA0-9A68-0377A872A131} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://isearch.avg.com/search?cid={92BDE6D3-F2A2-44A3-A1C7-74A4EA033015}&mid=&lang=&ds=&pr=&d=&v=&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1351351
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM-x32 - Softonic Deutsch Toolbar - {8dbb6d8e-e4a6-4e3b-9753-af78b226441c} - C:\Program Files (x86)\Softonic_Deutsch\tbSof1.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - No Name - {8DBB6D8E-E4A6-4E3B-9753-AF78B226441C} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default
FF user.js: detected! => C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\user.js
FF NewTab: hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: ST Deutsch Customized Web Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT1351351&SearchSource=13
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=2&CUI=SB_CUI&UM=UM_ID&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\Babylon.xml
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\delta.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: FRITZ!Box AddOn - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\fb_add_on@avm.de [2013-05-20]
FF Extension: Delta Toolbar - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\ffxtlbr@delta.com [2013-07-17]
FF Extension: No Name - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\staged [2014-01-04]
FF Extension: ST Deutsch Community Toolbar - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c} [2013-04-18]
FF Extension: Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@software.joehewitt.com.xpi [2011-07-30]
FF Extension: CodeBurner for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@tools.sitepoint.com.xpi [2011-07-30]
FF Extension: Firefinder for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firefinder@robertnyman.com.xpi [2011-07-30]
FF Extension: SQLite Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2012-11-15]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [809736 2009-09-29] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-01] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
U2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [545280 2012-01-16] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [40832 2012-01-12] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-10-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S1 hwinterfacex64; C:\Windows\System32\Drivers\hwinterfacex64.sys [5632 2011-06-04] (Logix4u)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-02-05] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-10-10] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
R3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95232 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
R3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [70144 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-06] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-27] (Jungo Connectivity)
U3 aur6407q; C:\Windows\System32\Drivers\aur6407q.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-14 23:26 - 2014-03-14 23:26 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-03-14 23:06 - 2014-03-14 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 23:05 - 2014-03-14 23:43 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-14 23:05 - 2014-03-14 23:30 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-14 23:04 - 2014-03-14 23:30 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-14 23:00 - 2014-03-14 23:43 - 00000000 ____D () C:\Users\Alex\Desktop\mbar
2014-03-13 23:22 - 2014-03-13 23:28 - 00063407 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-13 23:21 - 2014-03-14 23:44 - 00021729 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-13 23:21 - 2014-03-12 20:04 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-13 21:10 - 2014-03-14 23:44 - 00000000 ____D () C:\FRST
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-02-27 22:17 - 2014-03-14 23:32 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-02-27 22:17 - 2014-03-14 23:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:09 - 2014-02-27 22:31 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:19 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1150.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1140.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00143360 _____ (Jungo) C:\Windows\SysWOW64\wdapi1010.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi102.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1011.dll

==================== One Month Modified Files and Folders =======

2014-03-14 23:44 - 2014-03-13 23:21 - 00021729 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-14 23:44 - 2014-03-13 21:10 - 00000000 ____D () C:\FRST
2014-03-14 23:43 - 2014-03-14 23:05 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-14 23:43 - 2014-03-14 23:00 - 00000000 ____D () C:\Users\Alex\Desktop\mbar
2014-03-14 23:37 - 2012-07-14 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-14 23:35 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-14 23:35 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-14 23:32 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-03-14 23:32 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-03-14 23:32 - 2009-10-09 22:51 - 01158809 _____ () C:\Windows\WindowsUpdate.log
2014-03-14 23:30 - 2014-03-14 23:05 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-14 23:30 - 2014-03-14 23:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-14 23:26 - 2014-03-14 23:26 - 00003420 _____ () C:\Windows\System32\Tasks\BitGuard
2014-03-14 23:26 - 2009-10-10 07:07 - 00255006 _____ () C:\Windows\PFRO.log
2014-03-14 23:26 - 2009-10-10 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-14 23:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-14 23:26 - 2009-07-14 05:51 - 00052322 _____ () C:\Windows\setupact.log
2014-03-14 23:23 - 2014-01-05 13:52 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Isinyn
2014-03-14 23:06 - 2014-03-14 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 22:54 - 2012-09-26 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-14 22:53 - 2012-09-26 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 22:53 - 2012-09-26 11:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 22:53 - 2012-09-26 11:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 23:28 - 2014-03-13 23:22 - 00063407 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-13 23:08 - 2009-10-09 22:52 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 20:38 - 2009-10-09 22:52 - 00000000 ____D () C:\Users\Alex
2014-03-13 20:37 - 2012-09-26 11:52 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-13 20:37 - 2009-10-09 23:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-13 20:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-12 20:04 - 2014-03-13 23:21 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:57 - 2010-05-15 23:48 - 00000000 ____D () C:\Users\Alex\Documents\Visual Studio 2010
2014-03-07 18:44 - 2009-07-14 03:34 - 00001105 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-03-06 23:57 - 2009-10-10 22:37 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-03-06 01:58 - 2009-10-10 12:53 - 00002050 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-05 21:27 - 2009-07-14 18:58 - 01626168 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 21:27 - 2009-07-14 18:58 - 00437876 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 21:27 - 2009-07-14 06:13 - 00006682 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 22:42 - 2011-11-19 23:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microchip
2014-02-27 22:31 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:13 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:09 - 2009-10-10 06:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 22:07 - 2009-10-25 14:52 - 00049138 _____ () C:\Windows\DPINST.LOG
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:59 - 2010-05-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:20 - 2009-10-25 14:52 - 00000000 ____D () C:\Program Files\DIFX
2014-02-23 20:23 - 2012-04-01 13:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\Microchip
2014-02-22 20:52 - 2013-12-29 11:39 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 01:32 - 2009-10-10 22:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\dvdcss
2014-02-13 20:44 - 2012-09-26 11:52 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\3p35jfpw.dll
C:\Users\Alex\AppData\Local\Temp\AlawarGameBoxWebSetup.exe
C:\Users\Alex\AppData\Local\Temp\AskSLib.dll
C:\Users\Alex\AppData\Local\Temp\avguidx.dll
C:\Users\Alex\AppData\Local\Temp\AVG_toolbar.exe
C:\Users\Alex\AppData\Local\Temp\bassmod.dll
C:\Users\Alex\AppData\Local\Temp\devcpp-4.9.9.2_setup.exe
C:\Users\Alex\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Alex\AppData\Local\Temp\drm_dyndata_7320012.dll
C:\Users\Alex\AppData\Local\Temp\DTLite4355-0068.exe
C:\Users\Alex\AppData\Local\Temp\e3h4e2k1.dll
C:\Users\Alex\AppData\Local\Temp\FarmFrenzy3IceAge_1660.exe
C:\Users\Alex\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\fsprod.dll
C:\Users\Alex\AppData\Local\Temp\fssfm.dll
C:\Users\Alex\AppData\Local\Temp\glz25fip.dll
C:\Users\Alex\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Alex\AppData\Local\Temp\mejtrvfx.dll
C:\Users\Alex\AppData\Local\Temp\nvStInst.exe
C:\Users\Alex\AppData\Local\Temp\oi_{2F3721C9-2F45-48E3-A821-17F0907EEEA5}.exe
C:\Users\Alex\AppData\Local\Temp\ose00000.exe
C:\Users\Alex\AppData\Local\Temp\Paint.NET.3.5.8.Install.exe
C:\Users\Alex\AppData\Local\Temp\preconfig.exe
C:\Users\Alex\AppData\Local\Temp\qn5elkzf.dll
C:\Users\Alex\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alex\AppData\Local\Temp\Softonic_Deutsch.exe
C:\Users\Alex\AppData\Local\Temp\tbSoft.dll
C:\Users\Alex\AppData\Local\Temp\ubiE6E2.tmp.exe
C:\Users\Alex\AppData\Local\Temp\yo0via0f.dll
C:\Users\Alex\AppData\Local\Temp\z1amcgxy.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-03-01 20:39

==================== End Of Log ============================
--- --- ---



lg alex

Bootsektor 15.03.2014 00:05
Hallo Alex,

ok, klasse, kein Rootkit :)

Dann machen wir mal weiter.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [vegas] - rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
C:\Windows\system32\sshnas.dll
C:\Users\Alex\AppData\Local\Temp\*.exe
C:\Users\Alex\AppData\Local\Temp\*.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 3
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
http://imageshack.us/a/img841/7292/thisisujrt.gif Bitte lade Junkware Removal Tool auf Deinen Desktop.
  • Starte das Tool mit Doppelklick. Vista und 7 Nutzer bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Das Tool wird sich öffnen und mit dem Scan beginnen.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

dyoni 15.03.2014 01:04
Hallo Sandra,

hier hab ich wieder ein paar Logfiles

Fixlog.txt
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-03-2014
Ran by Alex at 2014-03-15 00:34:38 Run:3
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************

*****************


==== End of Fixlog ====

AdwCleaner[S0].txt
Code:
# AdwCleaner v3.022 - Bericht erstellt am 15/03/2014 um 00:39:14
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate  (64 bits)
# Benutzername : Alex - ATHLONX2
# Gestartet von : C:\Users\Alex\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : BitGuard

***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\BitGuard
[!] Ordner Gelöscht : C:\ProgramData\AlawarWrapper
[!] Ordner Gelöscht : C:\Program Files (x86)\Conduit
[!] Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
[!] Ordner Gelöscht : C:\Program Files (x86)\Delta
[!] Ordner Gelöscht : C:\Program Files (x86)\Softonic_Deutsch
[!] Ordner Gelöscht : C:\Program Files (x86)\Softonic_Deutsch
[!] Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\Delta
[!] Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\Softonic_Deutsch
[!] Ordner Gelöscht : C:\Users\Alex\AppData\LocalLow\Softonic_Deutsch
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\BabSolution
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Babylon
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\OpenCandy
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\ConduitCommon
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\CT1351351
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\ffxtlbr@delta.com
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\fb_add_on@avm.de
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\ffxtlbr@delta.com
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\staged
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
[!] Ordner Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\{8dbb6d8e-e4a6-4e3b-9753-af78b226441c}
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\bProtector_extensions.rdf
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\invalidprefs.js
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\BitGuard
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\d
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKCU\Software\ae8adae13bef49
Schlüssel Gelöscht : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Schlüssel Gelöscht : HKLM\SOFTWARE\ae8adae13bef49
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT1351351
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F91CF85F-E31B-4005-B5F1-57DE0937FAC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F91CF85F-E31B-4005-B5F1-57DE0937FAC6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{8DBB6D8E-E4A6-4E3B-9753-AF78B226441C}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Softonic_Deutsch
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\Software\Softonic_Deutsch
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_Deutsch Toolbar

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.16385

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]

-\\ Mozilla Firefox v12.0 (de)

[ Datei : C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946");
Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "ST Deutsch Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "ST Deutsch Customized Web Search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT1351351&SearchSource=13");
Zeile gelöscht : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT1351351&SearchSource=13,hxxp://search.conduit.com/?ctid=CT1351351&SearchSource=13");
Zeile gelöscht : user_pref("CommunityToolbar.ConduitSearchList", "ST Deutsch Customized Web Search,ST Deutsch Customized Web Search");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT1351351", "\"1367226780\");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18.0.7", "\"9f8d2729abc2ce1:0\");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT1351351", "\"52c3f1538cb4af4ada257fcbc6b15d49\");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT1351351/CT1351351", "\"7225e7a906f3d2cbc7aac497f01ae8fb3\");
Zeile gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"2135a1037034a83eb714f4667ef91be1\");
Zeile gelöscht : user_pref("CommunityToolbar.globalUserId", "df9029c8-b1bc-4b69-bf6a-36ce91a6743e");
Zeile gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1351351");
Zeile gelöscht : user_pref("CommunityToolbar.originalHomepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946");
Zeile gelöscht : user_pref("CommunityToolbar.originalSearchEngine", "Delta Search");
Zeile gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT1351351");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT1351351");
Zeile gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT1351351");
Zeile gelöscht : user_pref("CT1351351..clientLogIsEnabled", true);
Zeile gelöscht : user_pref("CT1351351..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Zeile gelöscht : user_pref("CT1351351..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Zeile gelöscht : user_pref("CT1351351.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Zeile gelöscht : user_pref("CT1351351.alertChannelId", "669");
Zeile gelöscht : user_pref("CT1351351.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_1000515", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_129453389581694279", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_129453389582163031", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_129453389582631783", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_129453389583100535", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_129453389692163103", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_1334738591000", true);
Zeile gelöscht : user_pref("CT1351351.BrowserCompStateIsOpen_1367226497000", true);
Zeile gelöscht : user_pref("CT1351351.components.1000234", true);
Zeile gelöscht : user_pref("CT1351351.components.1000515", true);
Zeile gelöscht : user_pref("CT1351351.CT1351351", "CT1351351");
Zeile gelöscht : user_pref("CT1351351.CurrentServerDate", "4-1-2014");
Zeile gelöscht : user_pref("CT1351351.DialogsAlignMode", "LTR");
Zeile gelöscht : user_pref("CT1351351.DialogsGetterLastCheckTime", "Sat Jan 04 2014 00:52:25 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.DownloadReferralCookieData", "");
Zeile gelöscht : user_pref("CT1351351.DSInstall", true);
Zeile gelöscht : user_pref("CT1351351.FirstServerDate", "4-1-2014");
Zeile gelöscht : user_pref("CT1351351.FirstTime", true);
Zeile gelöscht : user_pref("CT1351351.FirstTimeFF3", true);
Zeile gelöscht : user_pref("CT1351351.FirstTimeHiddenVer", true);
Zeile gelöscht : user_pref("CT1351351.FixPageNotFoundErrors", true);
Zeile gelöscht : user_pref("CT1351351.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"hxxp://appdown[...]
Zeile gelöscht : user_pref("CT1351351.GroupingServerCheckInterval", 1440);
Zeile gelöscht : user_pref("CT1351351.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Zeile gelöscht : user_pref("CT1351351.HasUserGlobalKeys", true);
Zeile gelöscht : user_pref("CT1351351.homepageProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT1351351.HPInstall", true);
Zeile gelöscht : user_pref("CT1351351.initDone", true);
Zeile gelöscht : user_pref("CT1351351.Initialize", true);
Zeile gelöscht : user_pref("CT1351351.InitializeCommonPrefs", true);
Zeile gelöscht : user_pref("CT1351351.InstallationAndCookieDataSentCount", 1);
Zeile gelöscht : user_pref("CT1351351.InstallationType", "Unknown");
Zeile gelöscht : user_pref("CT1351351.InstalledDate", "Sat Jan 04 2014 00:52:27 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.IsGrouping", false);
Zeile gelöscht : user_pref("CT1351351.IsInitSetupIni", true);
Zeile gelöscht : user_pref("CT1351351.IsMulticommunity", false);
Zeile gelöscht : user_pref("CT1351351.IsOpenThankYouPage", true);
Zeile gelöscht : user_pref("CT1351351.IsOpenUninstallPage", true);
Zeile gelöscht : user_pref("CT1351351.LanguagePackLastCheckTime", "Sat Jan 04 2014 00:54:34 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.LanguagePackReloadIntervalMM", 1440);
Zeile gelöscht : user_pref("CT1351351.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Zeile gelöscht : user_pref("CT1351351.LastLogin_3.18.0.7", "Sat Jan 04 2014 00:54:34 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.LatestVersion", "3.20.0.4");
Zeile gelöscht : user_pref("CT1351351.Locale", "de-de");
Zeile gelöscht : user_pref("CT1351351.MCDetectTooltipHeight", "83");
Zeile gelöscht : user_pref("CT1351351.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Zeile gelöscht : user_pref("CT1351351.MCDetectTooltipWidth", "295");
Zeile gelöscht : user_pref("CT1351351.myStuffEnabled", true);
Zeile gelöscht : user_pref("CT1351351.MyStuffEnabledAtInstallation", true);
Zeile gelöscht : user_pref("CT1351351.myStuffPublihserMinWidth", 400);
Zeile gelöscht : user_pref("CT1351351.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Zeile gelöscht : user_pref("CT1351351.myStuffServiceIntervalMM", 1440);
Zeile gelöscht : user_pref("CT1351351.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Zeile gelöscht : user_pref("CT1351351.navigateToUrlOnSearch", false);
Zeile gelöscht : user_pref("CT1351351.OriginalFirstVersion", "3.18.0.7");
Zeile gelöscht : user_pref("CT1351351.revertSettingsEnabled", true);
Zeile gelöscht : user_pref("CT1351351.SavedHomepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=A8D30026180A6D0E&affID=121564&tt=160713_9127&tsp=4946");
Zeile gelöscht : user_pref("CT1351351.SearchCaption", "ST Deutsch Customized Web Search");
Zeile gelöscht : user_pref("CT1351351.SearchFromAddressBarIsInit", true);
Zeile gelöscht : user_pref("CT1351351.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=2&CUI=SB_CUI&UM=UM_ID&q=");
Zeile gelöscht : user_pref("CT1351351.SearchInNewTabEnabled", true);
Zeile gelöscht : user_pref("CT1351351.SearchInNewTabIntervalMM", 1440);
Zeile gelöscht : user_pref("CT1351351.SearchInNewTabLastCheckTime", "Sat Jan 04 2014 00:54:34 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
Zeile gelöscht : user_pref("CT1351351.searchProtectorDialogDelayInSec", 10);
Zeile gelöscht : user_pref("CT1351351.searchProtectorEnableByLogin", true);
Zeile gelöscht : user_pref("CT1351351.SendProtectorDataViaLogin", true);
Zeile gelöscht : user_pref("CT1351351.ServiceMapLastCheckTime", "Sat Jan 04 2014 00:52:26 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.SettingsLastCheckTime", "Sat Jan 04 2014 00:52:24 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.SettingsLastUpdate", "1388396614");
Zeile gelöscht : user_pref("CT1351351.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT1351351&SearchSource=13");
Zeile gelöscht : user_pref("CT1351351.testingCtid", "");
Zeile gelöscht : user_pref("CT1351351.toolbarAppMetaDataLastCheckTime", "Sat Jan 04 2014 00:52:27 GMT+0100");
Zeile gelöscht : user_pref("CT1351351.ToolbarShrinkedFromSetup", false);
Zeile gelöscht : user_pref("CT1351351.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Zeile gelöscht : user_pref("CT1351351.TrusteLinkUrl", "hxxp://trust.conduit.com/CT1351351");
Zeile gelöscht : user_pref("CT1351351.UserID", "UN47106172450843951");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.id", "a8d3e7380000000000000026180a6d0e");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15903");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.520:10:52");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121564&tt=160713_9127&tsp=4946");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1351351&SearchSource=2&CUI=SB_CUI&UM=UM_ID&q=");

*************************

AdwCleaner[R0].txt - [26409 octets] - [15/03/2014 00:36:12]
AdwCleaner[S0].txt - [25494 octets] - [15/03/2014 00:39:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25555 octets] ##########

JRT.txt
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Alex on 15.03.2014 at  0:45:32,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully deleted [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs\\bProtectTabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1376881132-1448347952-4138131370-1001\Software\sweetim



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\yme7uwkp.default\searchplugins\babylon.xml
Emptied folder: C:\Users\Alex\AppData\Roaming\mozilla\firefox\profiles\yme7uwkp.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.03.2014 at  0:52:15,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST.txt

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Alex (administrator) on ATHLONX2 on 15-03-2014 00:53:31
Running from C:\Users\Alex\Desktop
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Launchpad.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-10-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-10-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1096576 2012-01-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248040 2010-02-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348624 2012-05-01] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {95e0debd-a186-11df-a734-0026180a6d0e} - F:\raf-anno2070.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {a172ac67-b58e-11de-9323-0026180a6d0e} - L:\autorun.exe
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk
ShortcutTarget: EventGhost.lnk -> C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0675B732B49CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {10039295-EA80-4CA0-9A68-0377A872A131} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@software.joehewitt.com.xpi [2011-07-30]
FF Extension: CodeBurner for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@tools.sitepoint.com.xpi [2011-07-30]
FF Extension: Firefinder for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firefinder@robertnyman.com.xpi [2011-07-30]
FF Extension: SQLite Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2012-11-15]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [809736 2009-09-29] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-01] (Avira Operations GmbH & Co. KG)
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
U2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [545280 2012-01-16] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [40832 2012-01-12] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-10-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S1 hwinterfacex64; C:\Windows\System32\Drivers\hwinterfacex64.sys [5632 2011-06-04] (Logix4u)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-02-05] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-10-10] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
R3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95232 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
R3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [70144 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-06] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-27] (Jungo Connectivity)
U3 aj1wgasu; C:\Windows\System32\Drivers\aj1wgasu.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 00:52 - 2014-03-15 00:52 - 00001616 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-15 00:45 - 2014-03-15 00:45 - 00000000 ____D () C:\Windows\ERUNT
2014-03-15 00:41 - 2014-03-15 00:41 - 00025696 _____ () C:\Users\Alex\Desktop\AdwCleaner[S0].txt
2014-03-15 00:36 - 2014-03-15 00:39 - 00000000 ____D () C:\AdwCleaner
2014-03-15 00:26 - 2014-03-15 00:26 - 01037734 _____ (Thisisu) C:\Users\Alex\Desktop\JRT.exe
2014-03-15 00:25 - 2014-03-15 00:25 - 01950720 _____ () C:\Users\Alex\Desktop\adwcleaner.exe
2014-03-14 23:06 - 2014-03-14 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 23:05 - 2014-03-14 23:30 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-14 23:04 - 2014-03-14 23:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-14 23:00 - 2014-03-14 23:43 - 00000000 ____D () C:\Users\Alex\Desktop\mbar
2014-03-14 22:53 - 2014-03-14 22:53 - 00000443 _____ () C:\Users\Alex\Desktop\Fixlog.txtx
2014-03-13 23:22 - 2014-03-13 23:28 - 00063407 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-13 23:21 - 2014-03-15 00:53 - 00016921 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-13 23:21 - 2014-03-12 20:04 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-13 21:10 - 2014-03-15 00:53 - 00000000 ____D () C:\FRST
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-02-27 22:17 - 2014-03-14 23:32 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-02-27 22:17 - 2014-03-14 23:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:09 - 2014-02-27 22:31 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:19 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1150.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1140.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00143360 _____ (Jungo) C:\Windows\SysWOW64\wdapi1010.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi102.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1011.dll

==================== One Month Modified Files and Folders =======

2014-03-15 00:53 - 2014-03-13 23:21 - 00016921 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-15 00:53 - 2014-03-13 21:10 - 00000000 ____D () C:\FRST
2014-03-15 00:53 - 2012-09-26 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 00:53 - 2012-07-14 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-15 00:52 - 2014-03-15 00:52 - 00001616 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-15 00:49 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 00:49 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 00:46 - 2009-10-09 22:51 - 01169564 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 00:45 - 2014-03-15 00:45 - 00000000 ____D () C:\Windows\ERUNT
2014-03-15 00:41 - 2014-03-15 00:41 - 00025696 _____ () C:\Users\Alex\Desktop\AdwCleaner[S0].txt
2014-03-15 00:40 - 2009-10-10 07:07 - 00261154 _____ () C:\Windows\PFRO.log
2014-03-15 00:40 - 2009-10-10 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-15 00:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 00:40 - 2009-07-14 05:51 - 00052378 _____ () C:\Windows\setupact.log
2014-03-15 00:39 - 2014-03-15 00:36 - 00000000 ____D () C:\AdwCleaner
2014-03-15 00:26 - 2014-03-15 00:26 - 01037734 _____ (Thisisu) C:\Users\Alex\Desktop\JRT.exe
2014-03-15 00:25 - 2014-03-15 00:25 - 01950720 _____ () C:\Users\Alex\Desktop\adwcleaner.exe
2014-03-14 23:50 - 2014-03-14 23:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-14 23:43 - 2014-03-14 23:00 - 00000000 ____D () C:\Users\Alex\Desktop\mbar
2014-03-14 23:32 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-03-14 23:32 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-03-14 23:30 - 2014-03-14 23:05 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-14 23:23 - 2014-01-05 13:52 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Isinyn
2014-03-14 23:06 - 2014-03-14 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 22:53 - 2014-03-14 22:53 - 00000443 _____ () C:\Users\Alex\Desktop\Fixlog.txtx
2014-03-14 22:53 - 2012-09-26 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 22:53 - 2012-09-26 11:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 22:53 - 2012-09-26 11:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 23:28 - 2014-03-13 23:22 - 00063407 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-13 23:08 - 2009-10-09 22:52 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 20:38 - 2009-10-09 22:52 - 00000000 ____D () C:\Users\Alex
2014-03-13 20:37 - 2012-09-26 11:52 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-13 20:37 - 2009-10-09 23:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-13 20:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-12 20:04 - 2014-03-13 23:21 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:57 - 2010-05-15 23:48 - 00000000 ____D () C:\Users\Alex\Documents\Visual Studio 2010
2014-03-07 18:44 - 2009-07-14 03:34 - 00001105 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-03-06 23:57 - 2009-10-10 22:37 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-03-06 01:58 - 2009-10-10 12:53 - 00002050 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-05 21:27 - 2009-07-14 18:58 - 01626168 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 21:27 - 2009-07-14 18:58 - 00437876 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 21:27 - 2009-07-14 06:13 - 00006682 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 22:42 - 2011-11-19 23:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microchip
2014-02-27 22:31 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:13 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:09 - 2009-10-10 06:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 22:07 - 2009-10-25 14:52 - 00049138 _____ () C:\Windows\DPINST.LOG
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:59 - 2010-05-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:20 - 2009-10-25 14:52 - 00000000 ____D () C:\Program Files\DIFX
2014-02-23 20:23 - 2012-04-01 13:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\Microchip
2014-02-22 20:52 - 2013-12-29 11:39 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-16 01:32 - 2009-10-10 22:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\dvdcss
2014-02-13 20:44 - 2012-09-26 11:52 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

Some content of TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\3p35jfpw.dll
C:\Users\Alex\AppData\Local\Temp\AlawarGameBoxWebSetup.exe
C:\Users\Alex\AppData\Local\Temp\AskSLib.dll
C:\Users\Alex\AppData\Local\Temp\avguidx.dll
C:\Users\Alex\AppData\Local\Temp\AVG_toolbar.exe
C:\Users\Alex\AppData\Local\Temp\bassmod.dll
C:\Users\Alex\AppData\Local\Temp\devcpp-4.9.9.2_setup.exe
C:\Users\Alex\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Alex\AppData\Local\Temp\drm_dyndata_7320012.dll
C:\Users\Alex\AppData\Local\Temp\DTLite4355-0068.exe
C:\Users\Alex\AppData\Local\Temp\e3h4e2k1.dll
C:\Users\Alex\AppData\Local\Temp\FarmFrenzy3IceAge_1660.exe
C:\Users\Alex\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER-1.exe
C:\Users\Alex\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Alex\AppData\Local\Temp\fsprod.dll
C:\Users\Alex\AppData\Local\Temp\fssfm.dll
C:\Users\Alex\AppData\Local\Temp\glz25fip.dll
C:\Users\Alex\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Alex\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Alex\AppData\Local\Temp\mejtrvfx.dll
C:\Users\Alex\AppData\Local\Temp\nvStInst.exe
C:\Users\Alex\AppData\Local\Temp\oi_{2F3721C9-2F45-48E3-A821-17F0907EEEA5}.exe
C:\Users\Alex\AppData\Local\Temp\ose00000.exe
C:\Users\Alex\AppData\Local\Temp\Paint.NET.3.5.8.Install.exe
C:\Users\Alex\AppData\Local\Temp\preconfig.exe
C:\Users\Alex\AppData\Local\Temp\qn5elkzf.dll
C:\Users\Alex\AppData\Local\Temp\Quarantine.exe
C:\Users\Alex\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Alex\AppData\Local\Temp\Softonic_Deutsch.exe
C:\Users\Alex\AppData\Local\Temp\tbSoft.dll
C:\Users\Alex\AppData\Local\Temp\ubiE6E2.tmp.exe
C:\Users\Alex\AppData\Local\Temp\yo0via0f.dll
C:\Users\Alex\AppData\Local\Temp\z1amcgxy.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-03-01 20:39

==================== End Of Log ============================
--- --- ---



addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2014
Ran by Alex at 2014-03-15 00:53:58
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ABBYY FineReader 10 Professional Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.51.7008 - ABBYY)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Professional (HKLM-x32\...\Adobe_a68eec966ce913ddaa63251dc82ed31) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
ALPHACOOL USB DISPLAY 1.0.0 (HKLM-x32\...\ALPHACOOL USB DISPLAY SOFTWARE_is1) (Version: 0.0.1 - ALPHACOOL GmbH)
AMD DnD V1.0.19 (x32 Version: 1.0.19 - AMD) Hidden
Anno 2070 (HKLM-x32\...\{435C32E1-96F0-4518-B051-A5403900C389}_is1) (Version: 1.01 - RAF)
ATI Catalyst Install Manager (HKLM\...\{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Atmel ARM GNU Toolchain (HKLM-x32\...\{D237FA93-8456-4FE5-94E6-48A26C4BDCD7}) (Version: 4.7.1416 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{43805F64-77D3-4CC4-A63B-9269914AA565}) (Version: 3.4.1052 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{6AB4A87F-2AF4-42F3-9FAB-5571BDDBA7DC}) (Version: 3.4.1051 - Atmel)
Atmel JungoUSB (x32 Version: 6.2.84 - Atmel) Hidden
Atmel LibUSB (x32 Version: 6.2.36 - Atmel) Hidden
Atmel SeggerUSB (x32 Version: 6.2.22 - Atmel) Hidden
Atmel Studio 6.2 (HKLM-x32\...\{97D378E2-A10A-463F-9752-D4B332A7218E}) (Version: 6.2.993 - Atmel)
Atmel Studio Backend (HKLM-x32\...\{E4DD3C3F-AE95-439C-A041-49E0A9D23185}) (Version: 1.10.318 - Atmel Corporation)
Atmel Studio InfFiles (x32 Version: 6.2.63 - Atmel Corporation) Hidden
Atmel USB Driver Package (HKLM-x32\...\{13fdfa7e-1bec-46cf-8231-3dd7bf6d0f3c}) (Version: 6.2.223 - Atmel)
Atmel WinUSB (x32 Version: 6.2.20 - Atmel) Hidden
AtmelSoftwareFramework (HKLM-x32\...\{EB2C6ED5-9313-40D2-B391-DA7FAA7C7BEF}) (Version: 3.15.1244 - Atmel)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.0.0.1125 - Avira)
AVR macro Assembler (HKLM-x32\...\{0D051458-97D0-44FD-AD8F-53D16BBED7D4}) (Version: 2.1.1103 - Atmel)
Awavo Com Port Monitor version 3.5 (HKCU\...\{3DD4341D-3A1B-4C85-A226-E1417B18351F}_is1) (Version: 3.5 - Awavo Software)
AX88772_Vista_64 (HKLM-x32\...\InstallShield_{D5816E5F-1EB0-40FA-A21D-5DEA01F1F4C2}) (Version: 1.00.0000 - ASIX Electronics Corporation)
AX88772_Vista_64 (x32 Version: 1.00.0000 - ASIX Electronics Corporation) Hidden
Big Fish Games Client (HKLM-x32\...\BFGC) (Version: 1.3.0.8 - )
Blobby Volley 2 Version 1.0RC1 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC1_is1) (Version:  - )
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CdCoverCreator 2.5.2 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.2 - thyanté Software)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Cursed House 2 - Deutsch 1.0 (HKLM-x32\...\Cursed House 2 - Deutsch 1.0) (Version: 1.0 - BigFish)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Digital Scope Ver2.0.0.5 (HKLM-x32\...\Digital Scope Ver2.0.0.5) (Version: 2.0.0.5 - ODM)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EAGLE 6.1.0 (HKLM-x32\...\EAGLE 6.1.0) (Version: 6.1.0 - CadSoft Computer GmbH)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EventGhost 0.4.1.r1582 (HKLM-x32\...\EventGhost_is1) (Version: 0.4.1.r1582 - EventGhost Project)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version:  - )
Farm Frenzy 3 - Ice Age (HKLM-x32\...\{DD6D9C2A-6FF5-4EB0-8ECB-146D4B015550}) (Version: 1.00.0000 - Purplehills)
Farm Frenzy 3 (HKLM-x32\...\{C861E63F-F1ED-46BD-9AE7-D5051915B1D9}) (Version: 1.00.0000 - Purplehills)
Farm Frenzy 3 (HKLM-x32\...\Farm Frenzy 3) (Version: 1.0 - Melestra)
Farm Frenzy 3 Russisches Roulette v1.0 (HKLM-x32\...\{5A480C53-6AAC-4E07-BC24-BD4E8AC7D246}_is1) (Version:  - My Company, Inc.)
Farm Frenzy 3: Ice Age (HKLM-x32\...\Farm Frenzy 3: Ice Age) (Version:  - Alawar Entertainment Inc.)
Farmer Jane (HKLM-x32\...\BFG-Farmer Jane) (Version:  - )
Free Video to DVD Converter version 5.0.27.717 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.27.717 - DVDVideoSoft Ltd.)
Free-Buttons.org (HKLM-x32\...\Free-Buttons.org) (Version:  - )
Germany's next Topmodel - Deluxe Edition (HKLM-x32\...\Germany's next Topmodel - Deluxe Edition_is1) (Version:  - dtp young)
HI-TECH C Compiler for the PIC10/12/16 MCUs V9.83PL0 (HKLM-x32\...\PICC 9.83) (Version: 9.83 - HI-TECH Software)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB945282) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB945282) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946040) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB946040) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946308) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB946308) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947540) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB947540) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947789) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB948127) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB948127) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
jaLCDs v3.2 (HKLM-x32\...\jaLCDs_is1) (Version:  - HooMair)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
KlimaLogg Pro (HKLM-x32\...\KlimaLogg Pro_is1) (Version:  - TFA Dostmann)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LCDHype Version 0.6 (HKLM-x32\...\LCDHype Version 0.6_is1) (Version:  - ViRuSTriNiTy)
LcdStudio 2.0 Build 806 (HKLM-x32\...\LcdStudio) (Version: 2.0 Build 806 - LcdStudio)
LibUsbDotNet 2.2.8 (HKLM\...\LibUsbDotNet_is1) (Version:  - Travis Robinson)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Likno Web Button Maker - Free version (HKLM-x32\...\Likno Web Button Maker - Free version) (Version: 1.4 - Likno Software)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.6.0.8 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Mathcad 14.0 M010 (HKLM-x32\...\{56CE91CC-92EC-4B0E-98B7-3D0F6AD6C4C5}) (Version: 14.0.1.0 - PTC)
Mathcad 14.0 M010 Help (HKLM-x32\...\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}) (Version: 14.0.1 - Ihr Firmenname)
Mathcad 14.0 M010 Resource Center (HKLM-x32\...\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}) (Version: 14.0.1 - Ihr Firmenname)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microchip Application Libraries v2011-12-05 (HKLM-x32\...\Microchip Application Libraries v2011-12-05 v2011-12-05) (Version: v2011-12-05 - Microchip Technology Inc.)
Microchip Application Libraries v2012-02-15 (HKLM-x32\...\Microchip Application Libraries v2012-02-15 v2012-02-15) (Version: v2012-02-15 - Microchip Technology Inc.)
Microchip Libraries for Applications v2013_12_20 (HKLM-x32\...\Microchip Libraries for Applications v2013_12_20 v2013_12_20) (Version: v2013_12_20 - Microchip Technology Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 Language Pack - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{B006B9E9-41DD-4479-9177-3743A53B7735}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20621.0) (Version: 4.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (x32 Version: 4.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{0536BCDF-7EF6-48F6-8765-A3C065A065A5}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{B0682940-6FFB-4850-80BA-B2FEF0D64BA8}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
Microsoft Expression Design 4 (x32 Version: 7.0.20516.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.1651.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F21D2032-60FE-4729-9C87-46F1615FB965}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20705.0) (Version: 4.0.20705.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (x32 Version: 4.0.20705.0 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1166.0) (Version: 4.0.1166.0 - Microsoft Corporation)
Microsoft Expression Web 4 (x32 Version: 4.0.1166.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Samples (HKLM-x32\...\{579CB8A1-9966-4223-943F-05B3CF84C841}) (Version: 1.0 - Microsoft)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (HKLM\...\{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MOBackup - Datensicherung für Outlook (Testversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 6.16 - Heiko Schröder)
MosChip Multi-IO Controller (HKLM\...\MosChip Technology) (Version:  - )
Mozilla Firefox 12.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MPLAB C for PIC18 MCUs (HKLM-x32\...\MPLAB C for PIC18 MCUs v3.40) (Version: v3.40 - Microchip)
MPLAB Tools v8.80 (HKLM-x32\...\InstallShield_{97AC8E6A-0F76-42B0-B868-AA054D060C4A}) (Version: 8.80 - Microchip Technology Inc.)
MPLAB Tools v8.80 (x32 Version: 8.80 - Microchip Technology Inc.) Hidden
MPLAB X IDE v2.00 (HKLM-x32\...\MPLAB X IDE v2.00 v2.00) (Version: v2.00 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.30) (Version: v1.30 - Microchip)
MSDN Library for Visual Studio 2008 SP1 - DEU (x32 Version: 9.0.30904 - Microsoft Corporation) Hidden
MSDN Library für Visual Studio 2008 SP1 (HKLM-x32\...\MSDN Library für Visual Studio 2008 SP1) (Version: 9.0.30904 - Microsoft Corporation)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector Net 6.2.3 (HKLM-x32\...\{5FD88490-011C-4DF1-B886-F298D955171B}) (Version: 6.2.3 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
MySQL Workbench 5.2 CE (HKLM-x32\...\{E3ABB4CC-1DC5-4430-BC49-D86AB708A9B8}) (Version: 5.2.34.2 - Oracle Corporation)
Mysteries of the Undead (HKLM-x32\...\Mysteries of the Undeadv1.0) (Version: v1.0 - GO! Games)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.540 - Electronic Arts)
NetServer 1.03 (HKLM-x32\...\{7A5508A1-15C9-4755-B9E8-2C6C6E0EDF14}_is1) (Version:  - WhiteLabel)
Nokia Connectivity Cable Driver (HKLM-x32\...\{52D02A2B-03D2-4E34-A358-DC5D951FD296}) (Version: 7.1.17.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.30.9 - Nokia)
Nokia PC Suite (x32 Version: 7.1.30.9 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}) (Version: 01.08.010.40008 - Nokia Corporation)
NVIDIA 3D Vision Controller-Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1070 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 310.70 (Version: 310.70 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{0C973594-7DDF-4BD0-84ED-3517F7622037}) (Version: 9.23.3.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
phpDesigner 7 version 7.2.5 (HKLM-x32\...\phpDesigner7_is1) (Version:  - MPSOFTWARE)
PIC Timer Calculator (HKLM-x32\...\{D1C31A98-7DA8-468D-AFF2-AFEA5A0C55A3}) (Version: 0.9.0.6 - PI© Timer Calculator)
PICkit 2 v2.61 (HKLM-x32\...\{2818ADC7-C1FB-40A8-BE6B-36B62682E9E8}) (Version: 2.61.00 - Microchip)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RENESIS® Player Browser Plugins (HKLM-x32\...\{2CBE278F-B04E-419B-BF25-98DC25997C3A}) (Version: 1.1.1 - examotion® GmbH)
Royal TS (HKLM-x32\...\{1129AB4F-BA74-4A7B-814A-732489A32B36}) (Version: 1.5.0 - code4ward)
SharpDevelop 2.2 (HKLM-x32\...\{7C192D21-DFB3-4F1F-9F06-A6C3D3AE1B85}) (Version: 2.2.2648 - ic#code)
SharpDevelop 3.1.1 (HKLM-x32\...\{BE88BB6D-A85D-4135-AA3D-A6906BD6918A}) (Version: 3.1.5327 - ic#code)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SQLite ADO.NET 2.0/3.5 Provider (HKLM-x32\...\{00257FA9-3622-45E4-8B4B-A792CC5169EB}) (Version: 1.066.0 - Phoenix Software Solutions, LLC)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Internet TV v8.0 (Premium Edition) (HKLM-x32\...\Super Internet TV (Premium Edition)_is1) (Version:  - Ahusoft)
The Good Life v.1.0.4 (HKLM-x32\...\The Good Life_is1) (Version:  - Iceberg Interactive)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
TopStyle 4 (HKLM-x32\...\TopStyle4_is1) (Version:  - topstyle4.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 RC1 (release candidate 1) - C. Ghisler & Co.)
UltraCompare v6.40 (HKLM-x32\...\{BA04B455-D7E2-4C3A-9C6A-61FE54FCA37A}) (Version: 6.0.181 - IDM Computer Solutions, Inc.)
UltraEdit 15.20 (HKLM-x32\...\{7B2B4D74-7410-4E42-A519-98E651FD4109}) (Version: 15.20.9 - IDM Computer Solutions, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_EXCEL_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 (KB980729) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974561) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0CDDBAA2-2111-4A0E-A1B0-76C40C635331}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb2202131) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A67392E8-282B-4BEF-8020-EF3DD664DE7B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VA HausDesigner Professional 2.0 (HKLM-x32\...\{676BE939-4A20-4AFC-8A05-F929575219D4}) (Version: 2.01.0000 - VA Software Ltd.)
VA Tutorial 2.01 (HKLM-x32\...\My Program_is1) (Version:  - )
vc820_840 Interface Program  (HKLM-x32\...\{DCF0505D-84DF-4313-BA7C-2856AF003100}) (Version: 1.00.0000 - DMM)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Home Server 2011 Connector (HKLM\...\{C1E4D639-4A33-4314-809E-89BD0EF48522}) (Version: 6.1.8800.16395 - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1) (HKLM\...\E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84) (Version: 06/01/2009 4.1 - Nokia)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3) (HKLM\...\F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7) (Version: 06/01/2009 7.01.0.3 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Segger (jlink) USB  (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinHTTrack Website Copier 3.44-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)

==================== Restore Points  =========================

27-02-2014 20:27:09 Gerätetreiber-Paketinstallation: Atmel Corp. Anschlüsse (COM & LPT)
27-02-2014 20:29:28 Installed Atmel Studio 6.2
27-02-2014 20:41:01 Atmel USB Driver Package
27-02-2014 20:42:31 Removed Atmel AVR (32 bit) GNU Toolchain
27-02-2014 20:43:44 Removed Atmel AVR (8 bit) GNU Toolchain
27-02-2014 20:45:34 Removed AVR macro Assembler
27-02-2014 20:46:29 Removed Atmel ARM GNU Toolchain
27-02-2014 21:06:56 Atmel USB Driver Package
27-02-2014 21:08:59 Installed Atmel Studio 6.2
28-02-2014 23:42:02 Gerätetreiber-Paketinstallation: ERFOS Anschlüsse (COM & LPT)
09-03-2014 15:00:56 Geplanter Prüfpunkt
14-03-2014 22:23:04 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-07 18:44 - 00001056 ____A C:\Windows\system32\Drivers\etc\hosts
            192.168.0.2  homeisle.at
      192.168.0.2  testisle.at       
      192.168.0.2  oriisle.at
      192.168.0.2  entwisle.at
      192.168.0.2  videoisle.at
      192.168.0.2  ftpisle.at
      192.168.0.2  wikiisle.at

==================== Scheduled Tasks (whitelisted) =============

Task: {4FB8058B-0BBA-4914-B6EC-D9F7B8CF5DB4} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {50B10398-E4CF-491F-A8A9-BDE71497B2E4} - System32\Tasks\Microsoft\Windows\Windows Server\Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {6A0C51AC-82D8-44E2-9EA5-F6644D055FB2} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {7447AC42-28A7-4E93-86EE-52D9734BDBF0} - System32\Tasks\{BBEE10A5-340B-49E5-B9C3-ED1C507CCD29} => \\192.168.0.2\Daten_2\_Elektronik\Software\Messgerät\vc820_840\SETUP.EXE
Task: {74D550B4-3C4C-4E9E-92F6-B7479134916C} - \BitGuard No Task File
Task: {7B9F8C53-C67C-42B8-88B2-7A0E775D9CDF} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {8B00117E-4E45-408C-82A1-23B22480274B} - System32\Tasks\Microsoft\Windows\Windows Server\Backup_On_Idle => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {915578DE-EF7B-4C24-92E6-07A6B27248B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {91857397-D5D0-4E8C-858C-0FF332A41692} - \EPUpdater No Task File
Task: {9425D53F-91C2-4B21-B722-93866701A913} - System32\Tasks\{29C20EC8-464C-4721-AFB7-0A56D1066BED} => D:\Downloads\NokiaSoftwareUpdaterSetup_de.exe [2009-10-25] ()
Task: {9930869E-755C-4D70-8F7B-10C32C5E7875} - System32\Tasks\{201A5D11-CEFC-4147-8A24-56E01D5B3AEB} => H:\P# Dokumentationen Ebooks Bsp etc\C++Builder 3\SETUP.EXE
Task: {9A807BA4-395E-4D7F-9668-90A7548C609A} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {A445D9F3-8CF5-4D08-8F0F-94C8C3C50097} - System32\Tasks\{BB79CC5F-A061-47EC-97CC-D4A142760536} => \\192.168.0.2\Daten_2\_Elektronik\Software\Messgerät\vc820_840\SETUP.EXE
Task: {D3CF8221-18D0-421A-A5C3-E2385BC88ABB} - System32\Tasks\{02540EEC-B4FD-477B-94EE-AE2D18858B6A} => H:\P# Dokumentationen Ebooks Bsp etc\C++Builder 3\SETUP.EXE
Task: {E8DD87F1-1C87-4A59-9D39-2B5832F1ECF5} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {F554843E-3C6A-476A-90B0-379AC8C93CCC} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-12-21 09:16 - 2012-12-01 06:49 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-07 17:59 - 2012-01-16 17:54 - 00545280 _____ () C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
2009-11-26 22:27 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2009-11-26 22:27 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2014-02-07 17:59 - 2012-01-10 11:09 - 00159744 _____ () C:\Program Files (x86)\KlimaLoggPro\sHID.dll
2008-08-12 11:16 - 2008-08-12 11:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 14:01 - 2008-07-29 14:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 13:50 - 2008-07-29 13:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 14:11 - 2008-07-29 14:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Alex\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:A259B70C
AlternateDataStreams: C:\ProgramData\TEMP:AA60673F

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Bonus.SSR.FR10 => "C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

==================== Faulty Device Manager Devices =============

Name: Generic USB SM Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Generic USB MS Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-15 00:40:34.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hwinterfacex64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hwinterfacex64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.078
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.078
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.062
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.062
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.047
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\n3900.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.047
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\n3900.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.031
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\SED133x.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 00:40:34.016
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\SED133x.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 4095.18 MB
Available physical RAM: 2390.36 MB
Total Pagefile: 8188.5 MB
Available Pagefile: 6085.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:139.73 GB) (Free:43.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:1397.26 GB) (Free:11.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 140 GB) (Disk ID: C03FC8C5)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1397 GB) (Disk ID: 7F9DF4C9)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

==================== End Of Log ============================
lg alex

Bootsektor 15.03.2014 01:07
Hallo Alex,

irgendwie hat Schritt 1 meines Posts (die Fixlist) nicht funktioniert. Bitte wiederhole diesen nochmal.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [vegas] - rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
C:\Windows\system32\sshnas.dll
C:\Users\Alex\AppData\Local\Temp\*.exe
C:\Users\Alex\AppData\Local\Temp\*.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


dyoni 15.03.2014 01:19
Hallo Sandra,

war mein Fehler, sorry

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-03-2014
Ran by Alex at 2014-03-15 01:17:17 Run:4
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [vegas] - rundll32.exe C:\Windows\system32\sshnas.dll,DllWork
C:\Windows\system32\sshnas.dll
C:\Users\Alex\AppData\Local\Temp\*.exe
C:\Users\Alex\AppData\Local\Temp\*.dll
*****************

HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\Software\Microsoft\Windows\CurrentVersion\Run\\vegas => Value not found.
"C:\Windows\system32\sshnas.dll" => File/Directory not found.
C:\Users\Alex\AppData\Local\Temp\*.exe => Moved successfully.
C:\Users\Alex\AppData\Local\Temp\*.dll => Moved successfully.

==== End of Fixlog ====
lg alex

Bootsektor 15.03.2014 01:42
Hallo Alex,

alles klar. :)
Hast du denn aktuell jetzt noch Probleme?

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

McAfee Security Scan Plus
Java(TM) 6 Update 20

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Schritt 2

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {74D550B4-3C4C-4E9E-92F6-B7479134916C} - \BitGuard No Task File
AlternateDataStreams: C:\ProgramData\TEMP:A259B70C
AlternateDataStreams: C:\ProgramData\TEMP:AA60673F

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 4
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern :kaffee:

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 5
Starte noch einmal FRST.
  • Setze den Haken bei addition.txt und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
  • Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

dyoni 15.03.2014 13:10
Hallo Sandra,

nun ist es wieder so weit.

Also offensichtliche Probleme hab ich keine mehr (Pc bootet auch mittlerweile um einiges schneller), jedoch Eset meldete 23 infiizierte Objekte.

Die 2 Programme wurden entfernt.

Fixlog.txt
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-03-2014
Ran by Alex at 2014-03-15 02:07:59 Run:5
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {74D550B4-3C4C-4E9E-92F6-B7479134916C} - \BitGuard No Task File
AlternateDataStreams: C:\ProgramData\TEMP:A259B70C
AlternateDataStreams: C:\ProgramData\TEMP:AA60673F
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{74D550B4-3C4C-4E9E-92F6-B7479134916C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74D550B4-3C4C-4E9E-92F6-B7479134916C} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard => Key deleted successfully.
C:\ProgramData\TEMP => ":A259B70C" ADS removed successfully.
C:\ProgramData\TEMP => ":AA60673F" ADS removed successfully.

==== End of Fixlog ====

mbar-log-2014-03-14 (23-06-03).txt
Code:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.14.07

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Alex :: ATHLONX2 [administrator]

14.03.2014 23:06:03
mbar-log-2014-03-14 (23-06-03).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 304249
Time elapsed: 10 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 4
HKCU\SOFTWARE\Margotte (Trojan.FakeAlert) -> Delete on reboot.
HKCU\SOFTWARE\NeoChronos (Trojan.FakeAlert) -> Delete on reboot.
HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\Handle (Malware.Trace) -> Delete on reboot.

Registry Values Detected: 1
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|vegas (Trojan.FakeAlert) -> Data: rundll32.exe C:\Windows\system32\sshnas.dll,DllWork -> Delete on reboot.

Registry Data Items Detected: 1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs (Rogue.InternetSecurityEssentials) -> Bad: (c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll) Good: () -> Replace on reboot.

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\loader.dll (Rogue.InternetSecurityEssentials) -> Delete on reboot.
C:\Users\Alex\AppData\Roaming\Isinyn\alcym.exe (Trojan.VBKrypt) -> Delete on reboot.
C:\Users\Alex\AppData\Local\Temp\vys.dll (Trojan.FakeMS.ED) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

EsetOnlineScanner\log.txt
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=661e8d95fac705499a800e6e2f8d37a1
# engine=17459
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-15 10:50:51
# local_time=2014-03-15 11:50:51 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1799 16775166 100 98 51125940 260303941 51957520 0
# compatibility_mode=5893 16776574 100 94 52669103 147286322 0 0
# scanned=847334
# found=23
# cleaned=0
# scan_time=33660
sh=330B27335672B5912F9F765F8723D58F09A4259B ft=1 fh=4dbc0280fb516f8f vn="Win64/Reveton.A trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\b4vfrbo.zvv.xBAD"
sh=4B0FB4523B768C7D2B033CA1016F235D42CD5577 ft=1 fh=aea08c1f9c6cc7ff vn="a variant of Win32/Kryptik.BWRJ trojan" ac=I fn="C:\FRST\Quarantine\C\ProgramData\obrfv4b.cpp.xBAD"
sh=957CA32BEAC35539DEDDF4BF176022CD534B8236 ft=1 fh=c3cde893ead57472 vn="a variant of Win32/Kryptik.EH trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\hd.tune.3.5q3226(2).exe"
sh=08AD1AED0C449DE96805F9DB702AE09041EB3F6A ft=1 fh=316a57d44221308b vn="a variant of Win32/Kryptik.EH trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\hd.tune.3.5q3226.exe"
sh=1E533E01D2496874001F51CF06D05D14E57CADA6 ft=1 fh=17f92afba5827b8d vn="multiple threats" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\palm_key.0xe"
sh=2830B98CFD8019FCD723FD8E1F8A483FD23AFB8C ft=1 fh=809615ac9e43ca8d vn="MSIL/Dedem.U trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\2007-12-29 davor\cryptload\cl08seCu10\plugins\link-protector.com.0ll"
sh=BF742B455A017380E69A3233BBDBFA4D05D9F2D6 ft=1 fh=5e5d740476c01baf vn="MSIL/Dedem.V trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\2007-12-29 davor\cryptload\cl08seCu10\plugins\lix.in.0ll"
sh=138135A435072111366EBE3174CAE03866D68398 ft=1 fh=e6ec980c5b9604a5 vn="MSIL/Dedem.Y trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\2007-12-29 davor\cryptload\cl08seCu10\plugins\rs.dr.ag.1.0ll"
sh=0FC09D67815F161F47C851DA25D8B84F84960802 ft=1 fh=2536c4763f3ba1be vn="MSIL/Dedem.T trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\2007-12-29 davor\cryptload\cl08seCu10\plugins\tinyurl.com.0ll"
sh=E0F42BAE4FCFA06E3D69E709CF58D2298E7DE86A ft=1 fh=ba2926b943eeffe4 vn="MSIL/Dedem.W trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\2007-12-29 davor\cryptload\cl08seCu10\plugins\won-site.biz.0ll"
sh=0A22B3983FAB5E0E0A616938859896DA35EA3E4A ft=1 fh=93610e1dac617aeb vn="Win32/TrojanDropper.VB.OZ trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\O_O_Defrag_Professional_v10.0.1634\O_O_Defrag_Professional_v10.0.1634\OODefrag10ProfessionalEnu.0xe"
sh=54AA33CEC551B27B40FBC6C76578EF82CB98CC68 ft=1 fh=009afaabc9d4d6a9 vn="a variant of Generik.NBTPZH trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\downloads\TC37\Total_Commander_Ultima_Prime_3.7\tcup37.exe"
sh=FFEEEE38CFDE29423D45C0F1F3DAD9E44B3F2ABB ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Small.DDP trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\shit to order\gjnkfblfe.zip"
sh=3ED40875FA980684BC45C86CC6CFBF9030FCEBA6 ft=1 fh=9d09d48e9d1bf023 vn="a variant of Generik.CAICYZW trojan" ac=I fn="D:\Daten - unzuordenbar\Desktop\shit to order\SmartMovie_Palm_Pdassi_3_22\SmartMovie_palm_lcg_v3.12_KeyGen_by_TLG_Bokiv\KeyGEN.exe"
sh=C33BC33D1D9B35C86BBA737FA4CE0140CAA17F2F ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="D:\FTP-Zugang\_privat\Fernseher\pay-tv\Humy-Samy Editor.zip"
sh=A509A8CF1C13152C36853DCF646184B31F397BFD ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Zlob.AMU trojan" ac=I fn="D:\PDA\PDA\Nascar.v1.5.PalmOS.CRACKED-LCDPDA.ZIP"
sh=C48DBD8C4FA2BC6B64D1F6455B68F7CBF8B1E74F ft=1 fh=e29a2cff6a648566 vn="Win32/Agent.AAE trojan" ac=I fn="D:\zz_alte Sicherungen\E-LW\div downloads\Get data back\GETDATABACK_FOR_NTFS_3_02_KEYGEN.0XE"
sh=B6BAF304D7B63C4BE6B6863223A6E0018D8B2D9C ft=1 fh=221efc499be70265 vn="Win32/Adware.OneStep application" ac=I fn="D:\zz_alte Sicherungen\Sicherugnen Mediaplayer\D-Sicherungen\apps\pay-tv\temp\mediaportal\design\bluishwindows.exe"
sh=10CF8D58C110B1F19F35457358D9B7C30CE84FF6 ft=1 fh=208c1d4fba04f1c4 vn="Win32/Induc virus" ac=I fn="D:\_RSD - Downloads\JDO - Downloads\zzProgramme\Photo Effects 1.81\setup.exe"
sh=2DB816CE3B906DE4D70333D102C94B766D478009 ft=1 fh=c8cee462c2608bda vn="a variant of Generik.KAZSVDK trojan" ac=I fn="D:\_RSD - Downloads\RSD - Downloads\Kopie von Palipali\Palm Software\Video Encoder\SmartMovie_3_22\Converter\SmartMovie_keygen.exe"
sh=43F5B09101B37E94825D2D649B2971B50B3875CB ft=0 fh=0000000000000000 vn="a variant of Generik.KAZSVDK trojan" ac=I fn="D:\_RSD - Downloads\RSD - Downloads\Palipali\Palm Software\Video Encoder\SmartMovie_3_22.zip"
sh=8E8302A9092F680D210ABACE5AF83970AE04F866 ft=0 fh=0000000000000000 vn="JS/Redirector.NBO.Gen trojan" ac=I fn="D:\___WinVISTA-SYSTEMPLATTE\Users\Alex\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VJJU1NVU\ooc[1].js"
sh=4816E74BFCF94B4BE87FF94268E870BE6CF2B2E4 ft=1 fh=5ef433fbd1bd9015 vn="a variant of Generik.FGKTJHD trojan" ac=I fn="D:\___WinVISTA-SYSTEMPLATTE\_essentials\HD_Tune_Pro_v3.50\HD Tune Pro v3.50\Crack HD Tune Pro v3.50\HDTunePro.exe"

FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Alex (administrator) on ATHLONX2 on 15-03-2014 12:56:47
Running from C:\Users\Alex\Desktop
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
() C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WhsMcClient.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\WSConnectorUpdate.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\LANConfigSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\SharedServiceHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Dropbox, Inc.) C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Nokia.) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Server\Bin\Microsoft.HomeServer.Archive.TransferService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2009-10-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-10-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech, Inc.)
HKLM\...\Run: [Launchpad] - C:\Program Files\Windows Server\Bin\Launchpad.exe [1096576 2012-01-12] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348624 2012-05-01] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWow64\Macromed\Flash\FlashUtil10c.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [ISUSPM Startup] - C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1414144 2009-06-25] (Nokia)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DT Soft Ltd)
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {95e0debd-a186-11df-a734-0026180a6d0e} - F:\raf-anno2070.exe
HKU\S-1-5-21-1376881132-1448347952-4138131370-1001\...\MountPoints2: {a172ac67-b58e-11de-9323-0026180a6d0e} - L:\autorun.exe
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Alex\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk
ShortcutTarget: EventGhost.lnk -> C:\Program Files (x86)\EventGhost\EventGhost.exe (EventGhost Project)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC0675B732B49CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {10039295-EA80-4CA0-9A68-0377A872A131} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@software.joehewitt.com.xpi [2011-07-30]
FF Extension: CodeBurner for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firebug@tools.sitepoint.com.xpi [2011-07-30]
FF Extension: Firefinder for Firebug - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\firefinder@robertnyman.com.xpi [2011-07-30]
FF Extension: SQLite Manager - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\yme7uwkp.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2012-11-15]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync\ []

==================== Services (Whitelisted) =================

R2 ABBYY.Licensing.FineReader.Professional.10.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [809736 2009-09-29] (ABBYY)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-01] (Avira Operations GmbH & Co. KG)
R2 HealthAlertsSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
S2 initMonitor; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
U2 KlimaLogg Service; C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe [545280 2012-01-16] ()
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NotificationsProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 providers_system; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 ServiceProviderRegistry; C:\Program Files\Windows Server\Bin\ProviderRegistryService.exe [40832 2012-01-12] (Microsoft Corporation)
S4 SqmProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)
R2 WSS_ComputerBackupProviderSvc; C:\Program Files\Windows Server\Bin\SharedServiceHost.exe [30592 2011-03-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2009-10-10] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-24] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
S3 DSTDSO; C:\Windows\System32\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S3 DSTDSO; C:\Windows\SysWOW64\Drivers\dstusbamd64.SYS [16192 2011-06-24] (DSO)
S1 hwinterfacex64; C:\Windows\System32\Drivers\hwinterfacex64.sys [5632 2011-06-04] (Logix4u)
S1 KS0108; C:\Program Files (x86)\LcdStudio\ks0108.sys [3712 2008-03-10] ()
S1 LC7981; C:\Program Files (x86)\LcdStudio\LC7981.sys [5120 2008-03-10] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52832 2014-02-05] (hxxp://libusb-win32.sourceforge.net)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2009-10-10] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S1 n3900; C:\Program Files (x86)\LcdStudio\n3900.sys [3968 2008-03-10] ()
R3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95232 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
R3 nmserial; C:\Windows\System32\DRIVERS\nmserial.sys [70144 2007-01-10] (Windows (R) Codename Longhorn DDK provider)
S3 nmwcdcx64; C:\Windows\System32\drivers\ccdcmbox64.sys [25088 2009-02-09] (Nokia)
S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18944 2009-02-09] (Nokia)
S1 SED133x; C:\Program Files (x86)\LcdStudio\SED133x.sys [7424 2008-03-10] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-03-06] ()
S1 T6963C; C:\Program Files (x86)\LcdStudio\T6963c.sys [6400 2008-03-10] ()
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltx64j.sys [8192 2009-02-09] (Nokia)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-27] (Jungo Connectivity)
U3 av81ob1r; C:\Windows\System32\Drivers\av81ob1r.sys [0 ] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 02:27 - 2014-03-15 02:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-15 02:21 - 2014-03-15 02:21 - 02347384 _____ (ESET) C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2014-03-15 02:10 - 2014-03-15 02:10 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-15 02:10 - 2014-03-15 02:10 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-15 02:10 - 2014-03-15 02:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-15 02:10 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-15 02:08 - 2014-03-15 02:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-15 01:52 - 2014-02-13 20:44 - 00000426 _____ () C:\AVScanner.ini
2014-03-15 01:16 - 2014-03-15 01:16 - 00000000 _____ () C:\Users\Alex\Desktop\Fixlist.txt.bak
2014-03-15 00:52 - 2014-03-15 00:52 - 00001616 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-15 00:45 - 2014-03-15 00:45 - 00000000 ____D () C:\Windows\ERUNT
2014-03-15 00:41 - 2014-03-15 00:41 - 00025696 _____ () C:\Users\Alex\Desktop\AdwCleaner[S0].txt
2014-03-15 00:36 - 2014-03-15 00:39 - 00000000 ____D () C:\AdwCleaner
2014-03-15 00:26 - 2014-03-15 00:26 - 01037734 _____ (Thisisu) C:\Users\Alex\Desktop\JRT.exe
2014-03-15 00:25 - 2014-03-15 00:25 - 01950720 _____ () C:\Users\Alex\Desktop\adwcleaner.exe
2014-03-14 23:06 - 2014-03-14 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 23:04 - 2014-03-14 23:50 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-14 23:00 - 2014-03-14 23:43 - 00000000 ____D () C:\Users\Alex\Desktop\mbar
2014-03-14 22:53 - 2014-03-14 22:53 - 00000443 _____ () C:\Users\Alex\Desktop\Fixlog.txtx
2014-03-13 23:22 - 2014-03-15 00:54 - 00057500 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-13 23:21 - 2014-03-15 12:56 - 00015745 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-13 23:21 - 2014-03-12 20:04 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-13 21:10 - 2014-03-15 12:56 - 00000000 ____D () C:\FRST
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-02-27 22:17 - 2014-03-15 02:31 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-02-27 22:17 - 2014-03-15 02:30 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:09 - 2014-02-27 22:31 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:19 - 2014-02-27 22:13 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1150.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00151552 _____ (Jungo Connectivity) C:\Windows\SysWOW64\wdapi1140.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00143360 _____ (Jungo) C:\Windows\SysWOW64\wdapi1010.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1100.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi102.dll
2014-02-27 21:19 - 2014-01-27 10:44 - 00110592 _____ (Jungo) C:\Windows\SysWOW64\wdapi1011.dll

==================== One Month Modified Files and Folders =======

2014-03-15 12:56 - 2014-03-13 23:21 - 00015745 _____ () C:\Users\Alex\Desktop\FRST.txt
2014-03-15 12:56 - 2014-03-13 21:10 - 00000000 ____D () C:\FRST
2014-03-15 12:53 - 2012-09-26 11:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 12:21 - 2009-10-09 22:51 - 01221527 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 10:09 - 2012-07-14 17:16 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Dropbox
2014-03-15 02:32 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 02:32 - 2009-07-14 05:45 - 00013136 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 02:31 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\VisualAssistAtmel
2014-03-15 02:30 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\VisualAssistAtmel
2014-03-15 02:27 - 2014-03-15 02:27 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-15 02:23 - 2009-10-10 07:07 - 00264578 _____ () C:\Windows\PFRO.log
2014-03-15 02:23 - 2009-10-10 06:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-15 02:23 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 02:23 - 2009-07-14 05:51 - 00052490 _____ () C:\Windows\setupact.log
2014-03-15 02:21 - 2014-03-15 02:21 - 02347384 _____ (ESET) C:\Users\Alex\Desktop\esetsmartinstaller_enu.exe
2014-03-15 02:10 - 2014-03-15 02:10 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-15 02:10 - 2014-03-15 02:10 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Malwarebytes
2014-03-15 02:10 - 2014-03-15 02:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-15 02:08 - 2014-03-15 02:08 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Alex\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-15 01:52 - 2010-05-23 02:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-15 01:16 - 2014-03-15 01:16 - 00000000 _____ () C:\Users\Alex\Desktop\Fixlist.txt.bak
2014-03-15 00:54 - 2014-03-13 23:22 - 00057500 _____ () C:\Users\Alex\Desktop\Addition.txt
2014-03-15 00:52 - 2014-03-15 00:52 - 00001616 _____ () C:\Users\Alex\Desktop\JRT.txt
2014-03-15 00:45 - 2014-03-15 00:45 - 00000000 ____D () C:\Windows\ERUNT
2014-03-15 00:41 - 2014-03-15 00:41 - 00025696 _____ () C:\Users\Alex\Desktop\AdwCleaner[S0].txt
2014-03-15 00:39 - 2014-03-15 00:36 - 00000000 ____D () C:\AdwCleaner
2014-03-15 00:26 - 2014-03-15 00:26 - 01037734 _____ (Thisisu) C:\Users\Alex\Desktop\JRT.exe
2014-03-15 00:25 - 2014-03-15 00:25 - 01950720 _____ () C:\Users\Alex\Desktop\adwcleaner.exe
2014-03-14 23:50 - 2014-03-14 23:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-14 23:43 - 2014-03-14 23:00 - 00000000 ____D () C:\Users\Alex\Desktop\mbar
2014-03-14 23:23 - 2014-01-05 13:52 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Isinyn
2014-03-14 23:06 - 2014-03-14 23:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-14 22:53 - 2014-03-14 22:53 - 00000443 _____ () C:\Users\Alex\Desktop\Fixlog.txtx
2014-03-14 22:53 - 2012-09-26 11:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-14 22:53 - 2012-09-26 11:52 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-14 22:53 - 2012-09-26 11:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-13 23:08 - 2009-10-09 22:52 - 00000000 ___RD () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-13 20:38 - 2009-10-09 22:52 - 00000000 ____D () C:\Users\Alex
2014-03-13 20:37 - 2009-10-09 23:03 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-03-13 20:37 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-03-12 20:04 - 2014-03-13 23:21 - 02157056 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2014-03-12 19:24 - 2014-03-12 19:24 - 00000000 ____D () C:\Users\Alex\Desktop\Neuer Ordner
2014-03-09 14:57 - 2010-05-15 23:48 - 00000000 ____D () C:\Users\Alex\Documents\Visual Studio 2010
2014-03-07 18:44 - 2009-07-14 03:34 - 00001105 _____ () C:\Windows\system32\Drivers\etc\hosts.bak
2014-03-06 23:57 - 2009-10-10 22:37 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\vlc
2014-03-06 11:25 - 2014-03-06 11:25 - 00001235 _____ () C:\Users\Alex\Desktop\Awavo Com Port Monitor.lnk
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Awavo Software
2014-03-06 11:25 - 2014-03-06 11:25 - 00000000 ____D () C:\Users\Alex\AppData\Local\Awavo
2014-03-06 01:58 - 2009-10-10 12:53 - 00002050 ____H () C:\Users\Alex\Documents\Default.rdp
2014-03-05 21:27 - 2009-07-14 18:58 - 01626168 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 21:27 - 2009-07-14 18:58 - 00437876 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 21:27 - 2009-07-14 06:13 - 00006682 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-27 22:42 - 2011-11-19 23:13 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Microchip
2014-02-27 22:31 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\Documents\Atmel Studio
2014-02-27 22:17 - 2014-02-27 22:17 - 00002122 _____ () C:\Users\Public\Desktop\Atmel Studio 6.2.lnk
2014-02-27 22:17 - 2014-02-27 22:17 - 00000000 ____D () C:\Users\Alex\AppData\Local\IsolatedStorage
2014-02-27 22:13 - 2014-02-27 21:19 - 00000000 ____D () C:\Program Files (x86)\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\Atmel
2014-02-27 22:09 - 2014-02-27 22:09 - 00000000 ____D () C:\Users\Alex\AppData\Local\Atmel
2014-02-27 22:09 - 2009-10-10 06:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-27 22:07 - 2014-02-27 22:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-27 22:07 - 2009-10-25 14:52 - 00049138 _____ () C:\Windows\DPINST.LOG
2014-02-27 21:59 - 2014-02-27 21:59 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-02-27 21:59 - 2010-05-15 23:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 10.0
2014-02-27 21:43 - 2014-02-27 21:43 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-02-27 21:20 - 2009-10-25 14:52 - 00000000 ____D () C:\Program Files\DIFX
2014-02-23 20:23 - 2012-04-01 13:32 - 00000000 ____D () C:\Users\Alex\AppData\Local\Microchip
2014-02-16 01:32 - 2009-10-10 22:46 - 00000000 ____D () C:\Users\Alex\AppData\Roaming\dvdcss
2014-02-13 20:44 - 2014-03-15 01:52 - 00000426 _____ () C:\AVScanner.ini

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-03-15 12:23

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---



addition.txt
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2014
Ran by Alex at 2014-03-15 12:57:13
Running from C:\Users\Alex\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ABBYY FineReader 10 Professional Edition (HKLM-x32\...\{F1000000-0001-0000-0000-074957833700}) (Version: 10.501.51.7008 - ABBYY)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Extension - Flash Lite STI others (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Flash CS4 Professional (HKLM-x32\...\Adobe_a68eec966ce913ddaa63251dc82ed31) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Flash CS4 STI-other (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader 9.1 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
ALPHACOOL USB DISPLAY 1.0.0 (HKLM-x32\...\ALPHACOOL USB DISPLAY SOFTWARE_is1) (Version: 0.0.1 - ALPHACOOL GmbH)
AMD DnD V1.0.19 (x32 Version: 1.0.19 - AMD) Hidden
Anno 2070 (HKLM-x32\...\{435C32E1-96F0-4518-B051-A5403900C389}_is1) (Version: 1.01 - RAF)
ATI Catalyst Install Manager (HKLM\...\{CCC50A42-892B-AF23-6188-6E8D2FDF34E3}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
Atmel ARM GNU Toolchain (HKLM-x32\...\{D237FA93-8456-4FE5-94E6-48A26C4BDCD7}) (Version: 4.7.1416 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{43805F64-77D3-4CC4-A63B-9269914AA565}) (Version: 3.4.1052 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{6AB4A87F-2AF4-42F3-9FAB-5571BDDBA7DC}) (Version: 3.4.1051 - Atmel)
Atmel JungoUSB (x32 Version: 6.2.84 - Atmel) Hidden
Atmel LibUSB (x32 Version: 6.2.36 - Atmel) Hidden
Atmel SeggerUSB (x32 Version: 6.2.22 - Atmel) Hidden
Atmel Studio 6.2 (HKLM-x32\...\{97D378E2-A10A-463F-9752-D4B332A7218E}) (Version: 6.2.993 - Atmel)
Atmel Studio Backend (HKLM-x32\...\{E4DD3C3F-AE95-439C-A041-49E0A9D23185}) (Version: 1.10.318 - Atmel Corporation)
Atmel Studio InfFiles (x32 Version: 6.2.63 - Atmel Corporation) Hidden
Atmel USB Driver Package (HKLM-x32\...\{13fdfa7e-1bec-46cf-8231-3dd7bf6d0f3c}) (Version: 6.2.223 - Atmel)
Atmel WinUSB (x32 Version: 6.2.20 - Atmel) Hidden
AtmelSoftwareFramework (HKLM-x32\...\{EB2C6ED5-9313-40D2-B391-DA7FAA7C7BEF}) (Version: 3.15.1244 - Atmel)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.0.0.1125 - Avira)
AVR macro Assembler (HKLM-x32\...\{0D051458-97D0-44FD-AD8F-53D16BBED7D4}) (Version: 2.1.1103 - Atmel)
Awavo Com Port Monitor version 3.5 (HKCU\...\{3DD4341D-3A1B-4C85-A226-E1417B18351F}_is1) (Version: 3.5 - Awavo Software)
AX88772_Vista_64 (HKLM-x32\...\InstallShield_{D5816E5F-1EB0-40FA-A21D-5DEA01F1F4C2}) (Version: 1.00.0000 - ASIX Electronics Corporation)
AX88772_Vista_64 (x32 Version: 1.00.0000 - ASIX Electronics Corporation) Hidden
Big Fish Games Client (HKLM-x32\...\BFGC) (Version: 1.3.0.8 - )
Blobby Volley 2 Version 1.0RC1 (HKLM-x32\...\Blobby Volley 2 Version 1.0RC1_is1) (Version:  - )
Catalyst Control Center InstallProxy (x32 Version: 2009.1124.2131.38610 - ATI Technologies, Inc.) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.7.2423 - CDBurnerXP)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3661 - CDBurnerXP)
CdCoverCreator 2.5.2 (HKLM-x32\...\CdCoverCreator) (Version: 2.5.2 - thyanté Software)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Cursed House 2 - Deutsch 1.0 (HKLM-x32\...\Cursed House 2 - Deutsch 1.0) (Version: 1.0 - BigFish)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Digital Scope Ver2.0.0.5 (HKLM-x32\...\Digital Scope Ver2.0.0.5) (Version: 2.0.0.5 - ODM)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
EAGLE 6.1.0 (HKLM-x32\...\EAGLE 6.1.0) (Version: 6.1.0 - CadSoft Computer GmbH)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EventGhost 0.4.1.r1582 (HKLM-x32\...\EventGhost_is1) (Version: 0.4.1.r1582 - EventGhost Project)
Farm Frenzy 2 (HKLM-x32\...\Farm Frenzy 2) (Version:  - )
Farm Frenzy 3 - Ice Age (HKLM-x32\...\{DD6D9C2A-6FF5-4EB0-8ECB-146D4B015550}) (Version: 1.00.0000 - Purplehills)
Farm Frenzy 3 (HKLM-x32\...\{C861E63F-F1ED-46BD-9AE7-D5051915B1D9}) (Version: 1.00.0000 - Purplehills)
Farm Frenzy 3 (HKLM-x32\...\Farm Frenzy 3) (Version: 1.0 - Melestra)
Farm Frenzy 3 Russisches Roulette v1.0 (HKLM-x32\...\{5A480C53-6AAC-4E07-BC24-BD4E8AC7D246}_is1) (Version:  - My Company, Inc.)
Farm Frenzy 3: Ice Age (HKLM-x32\...\Farm Frenzy 3: Ice Age) (Version:  - Alawar Entertainment Inc.)
Farmer Jane (HKLM-x32\...\BFG-Farmer Jane) (Version:  - )
Free Video to DVD Converter version 5.0.27.717 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: 5.0.27.717 - DVDVideoSoft Ltd.)
Free-Buttons.org (HKLM-x32\...\Free-Buttons.org) (Version:  - )
Germany's next Topmodel - Deluxe Edition (HKLM-x32\...\Germany's next Topmodel - Deluxe Edition_is1) (Version:  - dtp young)
HI-TECH C Compiler for the PIC10/12/16 MCUs V9.83PL0 (HKLM-x32\...\PICC 9.83) (Version: 9.83 - HI-TECH Software)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB945282) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB945282) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946040) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB946040) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB946308) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB946308) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947540) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB947540) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB947789) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB947789) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (KB948127) (HKLM-x32\...\{D5A7D7AB-3093-3619-9261-74DB250ECF7B}.KB948127) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (KB944899) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB944899) (Version: 1 - Microsoft Corporation)
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
jaLCDs v3.2 (HKLM-x32\...\jaLCDs_is1) (Version:  - HooMair)
Java(TM) SE Development Kit 6 Update 20 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160200}) (Version: 1.6.0.200 - Sun Microsystems, Inc.)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
KlimaLogg Pro (HKLM-x32\...\KlimaLogg Pro_is1) (Version:  - TFA Dostmann)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
LCDHype Version 0.6 (HKLM-x32\...\LCDHype Version 0.6_is1) (Version:  - ViRuSTriNiTy)
LcdStudio 2.0 Build 806 (HKLM-x32\...\LcdStudio) (Version: 2.0 Build 806 - LcdStudio)
LibUsbDotNet 2.2.8 (HKLM\...\LibUsbDotNet_is1) (Version:  - Travis Robinson)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Likno Web Button Maker - Free version (HKLM-x32\...\Likno Web Button Maker - Free version) (Version: 1.4 - Likno Software)
Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.6.0.8 - Logitech)
Logitech Harmony Remote Software 7 (x32 Version: 7.6.0.8 - Logitech) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mathcad 14.0 M010 (HKLM-x32\...\{56CE91CC-92EC-4B0E-98B7-3D0F6AD6C4C5}) (Version: 14.0.1.0 - PTC)
Mathcad 14.0 M010 Help (HKLM-x32\...\{205ACCD7-5342-4694-91F3-3A99E4FD5AA6}) (Version: 14.0.1 - Ihr Firmenname)
Mathcad 14.0 M010 Resource Center (HKLM-x32\...\{EBD38AE9-D52D-448D-9DB4-4D5F66E1DAFC}) (Version: 14.0.1 - Ihr Firmenname)
Microchip Application Libraries v2011-12-05 (HKLM-x32\...\Microchip Application Libraries v2011-12-05 v2011-12-05) (Version: v2011-12-05 - Microchip Technology Inc.)
Microchip Application Libraries v2012-02-15 (HKLM-x32\...\Microchip Application Libraries v2012-02-15 v2012-02-15) (Version: v2012-02-15 - Microchip Technology Inc.)
Microchip Libraries for Applications v2013_12_20 (HKLM-x32\...\Microchip Libraries for Applications v2013_12_20 v2013_12_20) (Version: v2013_12_20 - Microchip Technology Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Document Explorer 2008 Language Pack - DEU (HKLM-x32\...\Microsoft Document Explorer 2008 Language Pack - DEU) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 Language Pack - DEU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{B006B9E9-41DD-4479-9177-3743A53B7735}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20621.0) (Version: 4.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (x32 Version: 4.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{0536BCDF-7EF6-48F6-8765-A3C065A065A5}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{B0682940-6FFB-4850-80BA-B2FEF0D64BA8}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Design 4 (HKLM-x32\...\Design_7.0.20516.0) (Version: 7.0.20516.0 - Microsoft Corporation)
Microsoft Expression Design 4 (x32 Version: 7.0.20516.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.1651.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F21D2032-60FE-4729-9C87-46F1615FB965}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (HKLM-x32\...\ExpressionStudio_4.0.20705.0) (Version: 4.0.20705.0 - Microsoft Corporation)
Microsoft Expression Studio 4 (x32 Version: 4.0.20705.0 - Microsoft Corporation) Hidden
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1166.0) (Version: 4.0.1166.0 - Microsoft Corporation)
Microsoft Expression Web 4 (x32 Version: 4.0.1166.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{9BD40163-B95D-4B07-8991-0AB775B6D88B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 (HKLM-x32\...\EXCEL) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Excel 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{801B0DA3-A3FF-46CC-B97F-D76D510AF5AE}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM-x32\...\Office14.VISIO) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition mit SP1 - DEU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - DEU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Samples (HKLM-x32\...\{579CB8A1-9966-4223-943F-05B3CF84C841}) (Version: 1.0 - Microsoft)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU Service Pack 1 (KB945140) (HKLM-x32\...\{E6420CCB-92BE-3ACB-BDC3-69FBDD319C94}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - deu (HKLM\...\{DE2C9D5F-C55C-30E8-9322-2B8E8B5DF87C}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MOBackup - Datensicherung für Outlook (Testversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 6.16 - Heiko Schröder)
MosChip Multi-IO Controller (HKLM\...\MosChip Technology) (Version:  - )
Mozilla Firefox 12.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 12.0 (x86 de)) (Version: 12.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 12.0 - Mozilla)
MPLAB C for PIC18 MCUs (HKLM-x32\...\MPLAB C for PIC18 MCUs v3.40) (Version: v3.40 - Microchip)
MPLAB Tools v8.80 (HKLM-x32\...\InstallShield_{97AC8E6A-0F76-42B0-B868-AA054D060C4A}) (Version: 8.80 - Microchip Technology Inc.)
MPLAB Tools v8.80 (x32 Version: 8.80 - Microchip Technology Inc.) Hidden
MPLAB X IDE v2.00 (HKLM-x32\...\MPLAB X IDE v2.00 v2.00) (Version: v2.00 - Microchip)
MPLAB XC8 C Compiler (HKLM-x32\...\MPLAB XC8 C Compiler v1.30) (Version: v1.30 - Microchip)
MSDN Library for Visual Studio 2008 SP1 - DEU (x32 Version: 9.0.30904 - Microsoft Corporation) Hidden
MSDN Library für Visual Studio 2008 SP1 (HKLM-x32\...\MSDN Library für Visual Studio 2008 SP1) (Version: 9.0.30904 - Microsoft Corporation)
MSVC80_x64 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86 (x32 Version: 1.0.1.0 - Nokia) Hidden
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector Net 6.2.3 (HKLM-x32\...\{5FD88490-011C-4DF1-B886-F298D955171B}) (Version: 6.2.3 - MySQL AB)
MySQL Tools for 5.0 (HKLM-x32\...\{FCB10DE3-E190-4A7E-B06A-FAC61567ABFC}) (Version: 5.0.17 - MySQL AB, Sun Microsystems, Inc.)
MySQL Workbench 5.2 CE (HKLM-x32\...\{E3ABB4CC-1DC5-4430-BC49-D86AB708A9B8}) (Version: 5.2.34.2 - Oracle Corporation)
Mysteries of the Undead (HKLM-x32\...\Mysteries of the Undeadv1.0) (Version: v1.0 - GO! Games)
Need for Speed™ SHIFT (HKLM-x32\...\{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}) (Version: 1.0.0.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.540 - Electronic Arts)
NetServer 1.03 (HKLM-x32\...\{7A5508A1-15C9-4755-B9E8-2C6C6E0EDF14}_is1) (Version:  - WhiteLabel)
Nokia Connectivity Cable Driver (HKLM-x32\...\{52D02A2B-03D2-4E34-A358-DC5D951FD296}) (Version: 7.1.17.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.30.9 - Nokia)
Nokia PC Suite (x32 Version: 7.1.30.9 - Nokia) Hidden
Nokia Software Updater (HKLM-x32\...\{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}) (Version: 01.08.010.40008 - Nokia Corporation)
NVIDIA 3D Vision Controller-Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 310.70 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA Grafiktreiber 310.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.70 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.95.599 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1070 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 310.70 (Version: 310.70 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Paint.NET v3.5.8 (HKLM\...\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB3}) (Version: 3.58.0 - dotPDN LLC)
PC Connectivity Solution (HKLM-x32\...\{0C973594-7DDF-4BD0-84ED-3517F7622037}) (Version: 9.23.3.0 - Nokia)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
phpDesigner 7 version 7.2.5 (HKLM-x32\...\phpDesigner7_is1) (Version:  - MPSOFTWARE)
PIC Timer Calculator (HKLM-x32\...\{D1C31A98-7DA8-468D-AFF2-AFEA5A0C55A3}) (Version: 0.9.0.6 - PI© Timer Calculator)
PICkit 2 v2.61 (HKLM-x32\...\{2818ADC7-C1FB-40A8-BE6B-36B62682E9E8}) (Version: 2.61.00 - Microchip)
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
RENESIS® Player Browser Plugins (HKLM-x32\...\{2CBE278F-B04E-419B-BF25-98DC25997C3A}) (Version: 1.1.1 - examotion® GmbH)
Royal TS (HKLM-x32\...\{1129AB4F-BA74-4A7B-814A-732489A32B36}) (Version: 1.5.0 - code4ward)
SharpDevelop 2.2 (HKLM-x32\...\{7C192D21-DFB3-4F1F-9F06-A6C3D3AE1B85}) (Version: 2.2.2648 - ic#code)
SharpDevelop 3.1.1 (HKLM-x32\...\{BE88BB6D-A85D-4135-AA3D-A6906BD6918A}) (Version: 3.1.5327 - ic#code)
Skype™ 5.8 (HKLM-x32\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.8.158 - Skype Technologies S.A.)
SQLite ADO.NET 2.0/3.5 Provider (HKLM-x32\...\{00257FA9-3622-45E4-8B4B-A792CC5169EB}) (Version: 1.066.0 - Phoenix Software Solutions, LLC)
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Super Internet TV v8.0 (Premium Edition) (HKLM-x32\...\Super Internet TV (Premium Edition)_is1) (Version:  - Ahusoft)
The Good Life v.1.0.4 (HKLM-x32\...\The Good Life_is1) (Version:  - Iceberg Interactive)
Tomb Raider: Anniversary 1.0 (HKLM-x32\...\Tomb Raider: Anniversary) (Version:  - )
TopStyle 4 (HKLM-x32\...\TopStyle4_is1) (Version:  - topstyle4.com)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.50 RC1 (release candidate 1) - C. Ghisler & Co.)
UltraCompare v6.40 (HKLM-x32\...\{BA04B455-D7E2-4C3A-9C6A-61FE54FCA37A}) (Version: 6.0.181 - IDM Computer Solutions, Inc.)
UltraEdit 15.20 (HKLM-x32\...\{7B2B4D74-7410-4E42-A519-98E651FD4109}) (Version: 15.20.9 - IDM Computer Solutions, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB981715) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_EXCEL_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM-x32\...\{90120000-0016-0000-0000-0000000FF1CE}_EXCEL_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office InfoPath 2007 (KB976416) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{432C5EE4-8096-4FF1-95E1-65219365DFF7}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 (KB980729) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_EXCEL_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 (KB974561) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0CDDBAA2-2111-4A0E-A1B0-76C40C635331}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Outlook 2007 Junk Email Filter (kb2202131) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A67392E8-282B-4BEF-8020-EF3DD664DE7B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VA HausDesigner Professional 2.0 (HKLM-x32\...\{676BE939-4A20-4AFC-8A05-F929575219D4}) (Version: 2.01.0000 - VA Software Ltd.)
VA Tutorial 2.01 (HKLM-x32\...\My Program_is1) (Version:  - )
vc820_840 Interface Program  (HKLM-x32\...\{DCF0505D-84DF-4313-BA7C-2856AF003100}) (Version: 1.00.0000 - DMM)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Home Server 2011 Connector (HKLM\...\{C1E4D639-4A33-4314-809E-89BD0EF48522}) (Version: 6.1.8800.16395 - Microsoft Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 4.1) (HKLM\...\E8A6D621B6D3FC5D43C68C549D959DE76EEF5D84) (Version: 06/01/2009 4.1 - Nokia)
Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.3) (HKLM\...\F779F5541ABD99C95C03B0FD5E3C058B22DA0FF7) (Version: 06/01/2009 7.01.0.3 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Windows-Treiberpaket - Segger (jlink) USB  (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinHTTrack Website Copier 3.44-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)

==================== Restore Points  =========================

27-02-2014 20:41:01 Atmel USB Driver Package
27-02-2014 20:42:31 Removed Atmel AVR (32 bit) GNU Toolchain
27-02-2014 20:43:44 Removed Atmel AVR (8 bit) GNU Toolchain
27-02-2014 20:45:34 Removed AVR macro Assembler
27-02-2014 20:46:29 Removed Atmel ARM GNU Toolchain
27-02-2014 21:06:56 Atmel USB Driver Package
27-02-2014 21:08:59 Installed Atmel Studio 6.2
28-02-2014 23:42:02 Gerätetreiber-Paketinstallation: ERFOS Anschlüsse (COM & LPT)
09-03-2014 15:00:56 Geplanter Prüfpunkt
14-03-2014 22:23:04 Malwarebytes Anti-Rootkit Restore Point
15-03-2014 00:51:16 Removed Java(TM) 6 Update 20

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-03-07 18:44 - 00001056 ____A C:\Windows\system32\Drivers\etc\hosts
            192.168.0.2  homeisle.at
      192.168.0.2  testisle.at       
      192.168.0.2  oriisle.at
      192.168.0.2  entwisle.at
      192.168.0.2  videoisle.at
      192.168.0.2  ftpisle.at
      192.168.0.2  wikiisle.at

==================== Scheduled Tasks (whitelisted) =============

Task: {2C453EA5-4569-4ED3-AC29-6C6F01AD50B5} - System32\Tasks\Microsoft\Windows\Windows Server\Backup => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {4FB8058B-0BBA-4914-B6EC-D9F7B8CF5DB4} - System32\Tasks\Microsoft\Windows\Windows Server\Health Definition Updates => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {6A0C51AC-82D8-44E2-9EA5-F6644D055FB2} - System32\Tasks\Microsoft\Windows\Windows Server\RenewClientCertificate => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {7447AC42-28A7-4E93-86EE-52D9734BDBF0} - System32\Tasks\{BBEE10A5-340B-49E5-B9C3-ED1C507CCD29} => \\192.168.0.2\Daten_2\_Elektronik\Software\Messgerät\vc820_840\SETUP.EXE
Task: {7B9F8C53-C67C-42B8-88B2-7A0E775D9CDF} - System32\Tasks\Microsoft\Windows\Windows Server\Alert Evaluations => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {8B00117E-4E45-408C-82A1-23B22480274B} - System32\Tasks\Microsoft\Windows\Windows Server\Backup_On_Idle => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {915578DE-EF7B-4C24-92E6-07A6B27248B9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-14] (Adobe Systems Incorporated)
Task: {91857397-D5D0-4E8C-858C-0FF332A41692} - \EPUpdater No Task File
Task: {9425D53F-91C2-4B21-B722-93866701A913} - System32\Tasks\{29C20EC8-464C-4721-AFB7-0A56D1066BED} => D:\Downloads\NokiaSoftwareUpdaterSetup_de.exe [2009-10-25] ()
Task: {9930869E-755C-4D70-8F7B-10C32C5E7875} - System32\Tasks\{201A5D11-CEFC-4147-8A24-56E01D5B3AEB} => H:\P# Dokumentationen Ebooks Bsp etc\C++Builder 3\SETUP.EXE
Task: {9A807BA4-395E-4D7F-9668-90A7548C609A} - System32\Tasks\Microsoft\Windows\Windows Server\UploadCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {A445D9F3-8CF5-4D08-8F0F-94C8C3C50097} - System32\Tasks\{BB79CC5F-A061-47EC-97CC-D4A142760536} => \\192.168.0.2\Daten_2\_Elektronik\Software\Messgerät\vc820_840\SETUP.EXE
Task: {D3CF8221-18D0-421A-A5C3-E2385BC88ABB} - System32\Tasks\{02540EEC-B4FD-477B-94EE-AE2D18858B6A} => H:\P# Dokumentationen Ebooks Bsp etc\C++Builder 3\SETUP.EXE
Task: {E8DD87F1-1C87-4A59-9D39-2B5832F1ECF5} - System32\Tasks\Microsoft\Windows\Windows Server\InstallAddIns => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: {F554843E-3C6A-476A-90B0-379AC8C93CCC} - System32\Tasks\Microsoft\Windows\Windows Server\SaveCEIPData => C:\Program Files\Windows Server\Bin\RunTask.exe [2012-01-12] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-12-21 09:16 - 2012-12-01 06:49 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-07 17:59 - 2012-01-16 17:54 - 00545280 _____ () C:\Program Files (x86)\KlimaLoggPro\KlimaLoggProService.exe
2009-11-26 22:27 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2009-11-26 22:27 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2014-02-07 17:59 - 2012-01-10 11:09 - 00159744 _____ () C:\Program Files (x86)\KlimaLoggPro\sHID.dll
2008-08-12 11:16 - 2008-08-12 11:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 14:01 - 2008-07-29 14:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 13:50 - 2008-07-29 13:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 14:11 - 2008-07-29 14:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 11:35 - 2009-08-20 11:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Alex\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFI\startupfolder: C:^Users^Alex^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Bonus.SSR.FR10 => "C:\Program Files (x86)\ABBYY FineReader 10\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

==================== Faulty Device Manager Devices =============

Name: Generic USB SM Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Generic USB MS Reader USB Device
Description: Laufwerk
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardlaufwerke)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2014 00:26:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (03/15/2014 00:26:20 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (03/15/2014 00:25:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (03/15/2014 02:27:02 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (03/15/2014 02:26:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (03/15/2014 02:22:00 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.


System errors:
=============
Error: (03/15/2014 02:24:48 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
hwinterfacex64
KS0108
LC7981
n3900
SED133x
T6963C

Error: (03/15/2014 02:24:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "KlimaLogg Service" wurde nicht richtig gestartet.

Error: (03/15/2014 02:23:16 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit Scanner" wurde mit folgendem dienstspezifischem Fehler beendet: %%303.

Error: (03/15/2014 02:23:15 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde mit folgendem dienstspezifischem Fehler beendet: %%305.

Error: (03/15/2014 02:23:03 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\LcdStudio\ks0108.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/15/2014 02:23:03 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\LcdStudio\LC7981.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/15/2014 02:23:03 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\LcdStudio\n3900.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/15/2014 02:23:03 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\LcdStudio\SED133x.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/15/2014 02:23:03 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Program Files (x86)\LcdStudio\T6963c.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/15/2014 01:56:15 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
hwinterfacex64
KS0108
LC7981
n3900
SED133x
T6963C


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-03-15 02:23:03.828
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hwinterfacex64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.828
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\hwinterfacex64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.813
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.813
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\KS0108.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.813
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.797
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\LC7981.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.782
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\n3900.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.782
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\n3900.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.766
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\SED133x.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-03-15 02:23:03.766
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\LcdStudio\SED133x.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 49%
Total physical RAM: 4095.18 MB
Available physical RAM: 2086.14 MB
Total Pagefile: 8188.5 MB
Available Pagefile: 5856.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:139.73 GB) (Free:42.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Daten) (Fixed) (Total:1397.26 GB) (Free:11.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 140 GB) (Disk ID: C03FC8C5)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 1397 GB) (Disk ID: 7F9DF4C9)
Partition 1: (Not Active) - (Size=-698723860480) - (Type=07 NTFS)

==================== End Of Log ============================

Bootsektor 15.03.2014 23:32
Hallo Alex,

du hast mir das Mbar-Log von dem ersten Lauf gepostet :).

Die Funde von ESET sind zum Großteil Cracks und Keygens und daraus resultierende Infektionen. Du solltest dir über die Nutzung von solchen wirklich Gedanken machen, die Entwickler von diesem Kram stellen sowas nicht aus lauter Barmherzigkeit her.

Schritt 1
Lösche die Funde von ESET, poste mir noch ein MBAM-Log.


>OK<

So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf, führen Updates durch und dann bekommst du noch etwas Lesestoff von mir.


Schritt 1
Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
  • DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.


Updates / Programme aktualisieren
  • Service Pack 1

    Lade das Service Pack 1 für Windows 7 herunter, installiere es und lasse Windows dann nach Updates suchen
  • Internetexplorer
    Dein InternetExplorer ist nicht mehr aktuell. Besuche diese Microsoftseite und lade dir von dort den neuesten Internetexplorer für dein Betriebssystem herunter
  • Mozilla Firefox
    Lade dir bitte von hier den aktuellen Firefox herunter.
  • Adobe Reader
    Deinstalliere Deinen Reader und lade Dir die neueste Version von hier herunter. Entferne den Haken bei McAfee Security Plus
  • Java
    Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Falls du Java unbedingt benötigst, dann
  • Downloade dir bitte die neueste Java-Version von hier
  • Speichere die jxpiinstall.exe
  • Schließe alle laufenden Programme. Speziell deinen Browser.
  • Starte die jxpiinstall.exe. Diese wird den Installer für die neueste Java Version ( Java 7 Update 51 ) herunter laden.
  • Entferne den Haken bei "Installieren Sie die Ask-Toolbar ..." während der Installation.
und sorge dafür, dass Java automatisch updated.
Dazu:
  • öffne Java
  • klicke auf den Reiter Update
  • klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
  • klicke auf Erweitert
  • ändere das Intervall mindestens auf wöchentlich
und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.


Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.
  • Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.

Antivirensoftware
  • Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz
  • MalwareBytes Anti-Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
    Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu TFC
Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
  • Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:54 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131