Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Windows7: Optimizer Pro und seine Freunde (https://www.trojaner-board.de/152935-windows7-optimizer-pro-freunde.html)

robinarthur 23.04.2014 14:34
Windows7: Optimizer Pro und seine Freunde
 
Hallo,

meine Freundin hat gestern ein paar Schriftarten aus dem Internet heruntergeladen und dabei hat Sie sich Optimizer Pro eingefangen. Leider habe ich mich gestern Abend gleich an die Bereinigung gemacht, ohne hier nachzufragen. Mithilfe des Junkware Removal Tool habe ich geglaubt alles bereinigt zu haben. Das offensichtliche (Desktopverknüpfungen und aufpoppendes OptimizerPro) waren verschwunden, sodass ich ins Bett bin.

Heute morgen wechselte mein Browser beim Aufruf von virustotal.com allerdings selbstständig die Url. (Ich wollte die Schriftartdatei mal testen). Danach führte ich FRST aus und bekam folgende Logs: (Zur Info: Da ich anschließend etwas aufgeräumt habe und mehrere Programme gelöscht habe, kommen am Ende die aktuellen Logs, wie sie in den goldenen Regeln zur Threaderstellung gefordert werden. Leider habe ich keine weiteren Logs von gestern Abend und heute morgen und kann auch nicht hunderprozentig sagen, was ich alles für Tools genutzt habe)



Da mein Beitrag zu lang wurde, habe ich die alten Logfiles als Archiv angehängt.

Nun die geforderten Logs, des Zustandes von meinem Rechner wie er gerade ist.:


der vollständigkeit halber das Defogger Log

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:24 on 23/04/2014 (ck)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
die aktuellen FRST Logs

FRST.txt

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by ck (administrator) on CK-PC on 23-04-2014 14:27:43
Running from D:\Sicherung\Eigene Dateien\Downloads\trojaner_board
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Lenovo) C:\Windows\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
() C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\ck\AppData\Local\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [TVT Scheduler Proxy] => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-03-04] (Lenovo Group Limited)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\Run: [Google Update] => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: {3a296be8-645f-11e2-8fbe-60eb69e8e4d2} - E:\KDMElite.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: {5de3ccaa-c07a-11e3-a72f-60eb69e8e4d2} - E:\AutoRun.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: {cb935517-7327-11e0-9b20-889ffaea0160} - E:\autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF441C6FE6BCCCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=205
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\ck\AppData\Roaming\Mozilla\Firefox\D:\Sicherung\Firefoxprofil\Profiles\w5is9oru.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ck\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ck\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-08-15]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-10]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs"
CHR DefaultSearchKeyword: mystart.incredibar.com/mb143
CHR DefaultSearchURL: hxxp://mystart.incredibar.com/mb143/?loc=IB_DS&search={searchTerms}&a=6OyBXjq6eU&i=26
CHR Extension: (Google Wallet) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-08-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [335224 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143224 2010-03-30] (AVM Berlin)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [431960 2014-04-01] (Garmin Ltd or its subsidiaries)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2010-03-30] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-03-23] ()
R2 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [143360 2011-04-19] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [644408 2007-09-26] (Lenovo Group Limited)
R2 TVT Scheduler; C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited)
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2010-03-30] (AVM Berlin)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-09-06] (Oracle Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 fxusfssd; \??\C:\Windows\system32\drivers\fxusfssd.sys [X]
R3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
S3 X6va005; \??\C:\Users\ck\AppData\Local\Temp\005AE16.tmp [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 14:24 - 2014-04-23 14:24 - 00000000 _____ () C:\Users\ck\defogger_reenable
2014-04-23 11:11 - 2014-04-23 14:27 - 00000000 ____D () C:\FRST
2014-04-23 10:39 - 2014-04-23 10:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-23 10:28 - 2014-04-23 10:28 - 00000000 ____D () C:\swshare
2014-04-23 08:20 - 2014-04-23 08:41 - 00000000 ____D () C:\AdwCleaner
2014-04-23 08:18 - 2014-04-23 08:18 - 00000757 _____ () C:\Users\ck\Desktop\JRT.txt
2014-04-22 21:50 - 2014-04-22 21:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-04-17 20:32 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 20:32 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 20:32 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 20:32 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 20:31 - 2014-04-17 20:32 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-13 21:14 - 2014-04-19 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-12 10:07 - 2014-04-12 10:07 - 00851288 _____ () C:\Windows\Minidump\041214-17316-01.dmp
2014-04-10 16:38 - 2014-04-19 21:23 - 00000607 _____ () C:\Windows\wiso.ini
2014-04-10 16:38 - 2014-04-19 17:38 - 00000000 ____D () C:\Users\ck\AppData\Local\Buhl
2014-04-10 16:37 - 2014-04-10 16:37 - 00002095 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-04-10 16:27 - 2014-04-10 16:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-04-10 16:14 - 2014-04-10 16:14 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-10 08:48 - 2014-04-10 08:48 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-03-29 22:10 - 2014-03-29 22:10 - 00000000 ____D () C:\Users\ck\AppData\Local\GARMIN_Corp
2014-03-29 21:44 - 2014-03-29 21:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-23 14:27 - 2014-04-23 11:11 - 00000000 ____D () C:\FRST
2014-04-23 14:24 - 2014-04-23 14:24 - 00000000 _____ () C:\Users\ck\defogger_reenable
2014-04-23 14:24 - 2011-04-29 08:35 - 00000000 ____D () C:\Users\ck
2014-04-23 14:00 - 2011-05-04 16:58 - 00003480 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-04-23 14:00 - 2011-05-04 16:58 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-04-23 14:00 - 2011-05-04 16:58 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-04-23 13:57 - 2012-09-25 14:00 - 00087752 _____ () C:\Windows\setupact.log
2014-04-23 13:48 - 2011-05-11 21:31 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA.job
2014-04-23 13:37 - 2009-07-14 06:45 - 00015264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 13:37 - 2009-07-14 06:45 - 00015264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 12:34 - 2012-09-21 15:49 - 00000000 ____D () C:\Windows\pss
2014-04-23 10:39 - 2014-04-23 10:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-23 10:38 - 2009-07-14 13:12 - 00707712 _____ () C:\Windows\system32\perfh007.dat
2014-04-23 10:38 - 2009-07-14 13:12 - 00153272 _____ () C:\Windows\system32\perfc007.dat
2014-04-23 10:38 - 2009-07-14 07:13 - 01642876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 10:37 - 2011-04-29 08:34 - 01667547 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 10:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 10:31 - 2012-09-26 09:46 - 00160540 _____ () C:\Windows\PFRO.log
2014-04-23 10:31 - 2011-08-18 19:00 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-04-23 10:29 - 2012-10-06 17:41 - 00000000 ____D () C:\Users\ck\AppData\Local\Unity
2014-04-23 10:28 - 2014-04-23 10:28 - 00000000 ____D () C:\swshare
2014-04-23 10:19 - 2012-12-04 08:11 - 00000000 ____D () C:\ProgramData\Skype
2014-04-23 10:17 - 2013-03-13 09:24 - 00000000 ____D () C:\Poker
2014-04-23 09:46 - 2013-05-03 11:14 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-04-23 09:43 - 2012-05-08 18:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-23 09:41 - 2013-07-19 07:37 - 00000060 _____ () C:\Windows\Sierra.ini
2014-04-23 09:41 - 2011-04-29 18:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-23 08:47 - 2012-12-04 08:12 - 00000000 ____D () C:\Users\ck\AppData\Roaming\Skype
2014-04-23 08:44 - 2011-08-09 10:07 - 00000432 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-23 08:41 - 2014-04-23 08:20 - 00000000 ____D () C:\AdwCleaner
2014-04-23 08:18 - 2014-04-23 08:18 - 00000757 _____ () C:\Users\ck\Desktop\JRT.txt
2014-04-23 07:31 - 2009-07-14 06:45 - 00432920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 22:08 - 2011-04-29 17:27 - 00117176 _____ () C:\Users\ck\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 21:50 - 2014-04-22 21:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-04-21 18:59 - 2011-05-11 21:31 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core.job
2014-04-21 14:45 - 2013-05-18 15:12 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-04-20 16:24 - 2011-04-29 17:42 - 00000000 ____D () C:\Users\ck\AppData\Local\Adobe
2014-04-20 16:09 - 2012-04-16 19:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 16:09 - 2011-05-22 21:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 14:27 - 2012-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 21:23 - 2014-04-10 16:38 - 00000607 _____ () C:\Windows\wiso.ini
2014-04-19 17:38 - 2014-04-10 16:38 - 00000000 ____D () C:\Users\ck\AppData\Local\Buhl
2014-04-19 16:54 - 2014-04-13 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-17 20:32 - 2014-04-17 20:31 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 20:32 - 2013-12-01 20:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 20:32 - 2013-07-01 21:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-14 20:13 - 2014-04-17 20:32 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-17 20:32 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-17 20:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-17 20:32 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 10:07 - 2014-04-12 10:07 - 00851288 _____ () C:\Windows\Minidump\041214-17316-01.dmp
2014-04-12 10:07 - 2011-05-03 12:54 - 00000000 ____D () C:\Windows\Minidump
2014-04-12 10:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-11 12:49 - 2012-05-08 18:41 - 00000000 ____D () C:\ProgramData\Origin
2014-04-11 12:32 - 2012-05-08 18:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-10 16:38 - 2012-03-29 00:53 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-04-10 16:37 - 2014-04-10 16:37 - 00002095 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-04-10 16:27 - 2014-04-10 16:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-04-10 16:14 - 2014-04-10 16:14 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-10 08:48 - 2014-04-10 08:48 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-04-10 08:48 - 2014-02-21 10:39 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-04-10 08:48 - 2014-02-21 10:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-10 08:48 - 2014-02-03 11:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-10 08:48 - 2014-02-01 12:54 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-04-01 18:43 - 2011-05-11 21:31 - 00004072 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA
2014-04-01 18:43 - 2011-05-11 21:31 - 00003676 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core
2014-03-31 23:22 - 2011-05-04 16:58 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-03-31 09:57 - 2011-05-04 16:58 - 00004220 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-03-30 11:59 - 2014-02-15 03:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2014-03-29 22:11 - 2014-02-01 12:57 - 00000000 ____D () C:\Users\ck\AppData\Local\Garmin
2014-03-29 22:11 - 2014-02-01 12:54 - 00000000 ____D () C:\Users\ck\AppData\Roaming\Garmin
2014-03-29 22:10 - 2014-03-29 22:10 - 00000000 ____D () C:\Users\ck\AppData\Local\GARMIN_Corp
2014-03-29 21:45 - 2014-03-29 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\ck\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\ck\AppData\Local\Temp\hcuninstaller_20130513_220821_2544.exe
C:\Users\ck\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\ck\AppData\Local\Temp\OptimizerPro.exe
C:\Users\ck\AppData\Local\Temp\Quarantine.exe
C:\Users\ck\AppData\Local\Temp\ResetDevice.exe
C:\Users\ck\AppData\Local\Temp\SRLDetectionLibrary7567288046467874810.dll
C:\Users\ck\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\ck\AppData\Local\Temp\UnityWebPlayer4936111406799115466.exe
C:\Users\ck\AppData\Local\Temp\wajam_download.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-20 15:19

==================== End Of Log ============================
das aktuelle Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by ck at 2014-04-23 14:28:57
Running from D:\Sicherung\Eigene Dateien\Downloads\trojaner_board
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.0.0.4080 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 0.7 - Google Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.3.3 - Appcelerator, Inc.)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AutoIt v3.3.6.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.28 - Avanquest Software)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{F4BF0189-CA2D-4A2B-B4EA-E796160E0487}) (Version: 1.1.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6BDEB2BD-7C8B-4734-9E2F-E9EDC9D6C844}) (Version:  - Microsoft)
Der Herr der Ringe Online (HKCU\...\LOTROde) (Version:  - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
DreamBoxEdit -- The one and only settings editor for your Dreambox (HKLM-x32\...\DreamBoxEdit) (Version:  - )
Elevated Installer (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EuroPoker 1.0.0 (HKLM-x32\...\EuroPoker_is1) (Version: 1.0.0 - europoker)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{62E685A3-1E4F-4A12-B77C-9949DE9E7DFB}) (Version: 1.2.3 - AVM Berlin)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Garmin ANT Agent (HKLM\...\{3B589892-1061-48B4-8598-295C80C8573C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50b02c70-f203-47ba-a926-5e4d816688db}) (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Training Center (HKLM-x32\...\{50C913B1-A091-48B8-A434-6C9670284888}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.368 - Happy Cloud, Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 18.0a2 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0a2 (x86 de)) (Version: 18.0a2 - Mozilla)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{a0ba02c9-c4f6-4f37-a8bd-ff82767e4c18}) (Version:  - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.15.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero Recode (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero Recode Help (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.24.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.16.100 - Nero AG) Hidden
Nero Vision Help (x32 Version: 6.4.15.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.27.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )
Oracle VM VirtualBox 4.3.4 (HKLM\...\{5FB568DF-207C-4B21-AC57-FC0CC2A0B113}) (Version: 4.3.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.6.1.39 - Electronic Arts, Inc.)
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version:  - )
PostgreSQL 9.0  (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
PremiumSoft Navicat Lite 9.1 (HKLM-x32\...\PremiumSoft Navicat Lite_is1) (Version:  - PremiumSoft CyberTech Ltd.)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RailsInstaller 2.2.1 (HKCU\...\{613C3EA5-1248-4E35-B61A-6D0B31BBC0DB}_is1) (Version: 2.2.1 - RailsInstaller Team)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SciTE4AutoIt3 2/28/2010 (HKLM-x32\...\SciTE4AutoIt3) (Version: 2/28/2010 - Jos van der Zande)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Update (HKLM-x32\...\{8675339C-128C-44DD-83BF-0A5D6ABD8297}) (Version: 3.14.0031 - Lenovo)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2900 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.52 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.43 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.5 - )
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{651EE0E5-C789-48D8-8B91-F79352B783C9}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2B7EA7DF-B822-4C58-B90A-961B6BAF454B}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{7C189F90-06FE-4D67-AEF7-3BC555E161BD}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {11DA153E-6EC0-41AD-8A5E-5632480FF932} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-04-01] ()
Task: {1238CFB1-6EAD-4579-A8D5-39DFCD0F00C1} - System32\Tasks\{26BB604B-F9DA-412B-A500-DF931D2D2317} => C:\ARENA\A.EXE
Task: {1F80F03D-C434-47BF-9F95-A87FBF8FF6CC} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {20CC583F-C6B6-4A28-9699-3EF268EF1126} - System32\Tasks\{8C0C44A3-8663-4FBF-97F4-585359714345} => D:\Sicherung\Eigene Dateien\Downloads\fut13autobuyer_setup_v1.1 (2).exe
Task: {252490A8-1EE2-494D-A522-C58879AAD81C} - System32\Tasks\{8C156D0A-CFE8-48C5-9A9A-AD415379F807} => D:\Sicherung\Eigene Dateien\Downloads\ca_setup(1).exe
Task: {6E888382-ABBB-413C-BE83-A003447DEBD8} - System32\Tasks\{F3E915E5-45DE-4F34-A3F4-BF5D09EA2AED} => C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe
Task: {6FED11B7-6698-4DC2-9E17-5E5F4E195E39} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2012-04-23] (IObit)
Task: {8AFEF743-6F18-46AA-9DE9-5A39632B4403} - System32\Tasks\{199623F5-2518-4BC7-B932-F4DAB788FA02} => D:\Spiele\CHIP Online Spiele-DVD 6.0 V.1\Retro-Games\Mad TV\MTV.EXE [1991-09-28] ()
Task: {8C442DBA-42E1-4144-B432-D6DBA0658849} - System32\Tasks\{5AD2A44B-30C1-4CB4-B9E5-87CA1FCA062C} => C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe
Task: {9705F4CC-4F48-4AEE-B5F8-E869C86BA079} - System32\Tasks\{311C4AE6-939C-4829-9946-2C443EB2CEDF} => C:\ARENA\INSTALL.EXE
Task: {9A469B28-00DA-47FE-8F5A-3FFBBB79AFF5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {AEB05DB6-09E5-4B4D-8380-80BEEA9924AE} - System32\Tasks\{AAD8B9EB-E22C-438F-81DA-93210651AC46} => C:\ARENA\A.EXE
Task: {C6E5A8B2-9B5D-469C-B9DD-A59E3D034597} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {D027995B-E2BA-4FE6-82DF-D8166DF06317} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-11] (Google Inc.)
Task: {D41742CA-7DED-4FAF-A194-415A7E468823} - System32\Tasks\{D0A92DB4-3692-4500-B0F7-DCF470635777} => D:\Sicherung\Eigene Dateien\Downloads\fut13autobuyer_setup_v1.1 (2).exe
Task: {D6150B8E-970D-4257-BC51-78E94F680860} - System32\Tasks\{D42599C0-3CC9-44DB-85B6-42C10E0CBF5C} => D:\Sicherung\Eigene Dateien\Downloads\wlaninfo.exe [2012-01-16] (Uni Regensburg)
Task: {D693A6B9-AD7C-4076-AA56-33AD4C94F2BD} - System32\Tasks\{FA4A4A32-8244-4989-B93F-C584501C20FC} => D:\Sicherung\Eigene Dateien\Downloads\ca_setup(1).exe
Task: {DF822A4C-DBE4-4A42-95C6-DF8AA5F59D5E} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {E0FB9616-2254-4778-A606-89935047C958} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-11] (Google Inc.)
Task: {E240BA85-D711-4BCA-9159-D55D2F948A56} - System32\Tasks\{1C22FEED-FD5D-4266-B0A1-BB54F7A13C90} => C:\ARENA\A.EXE
Task: {E5E695AD-D7CE-4D9F-AFAD-A8B826E49A84} - System32\Tasks\{585D89F0-6D9E-4EF1-83F0-9F2BF9E974D8} => C:\ARENA\A.EXE
Task: {EB73E8A3-C6D2-48B0-BF1C-74339D06C53B} - System32\Tasks\{50F2802F-4E5C-4FBD-B9DB-FEE248FC07FD} => D:\Sicherung\Eigene Dateien\Downloads\fut13autobuyer_setup_v1.1 (2).exe
Task: {EF2F2CB9-5D72-469C-896A-FF0A5875F89D} - System32\Tasks\{EEAC64B7-65F3-4C39-A294-74CCA456C95F} => D:\Sicherung\Eigene Dateien\Downloads\wlaninfo.exe [2012-01-16] (Uni Regensburg)
Task: {F36B980C-4462-4F7A-BE74-0474723B2656} - System32\Tasks\{A52FE91E-607A-4AC1-9C98-1D0E872C2B80} => D:\Sicherung\Eigene Dateien\Downloads\ca_setup(1).exe
Task: {FAA456BE-4125-4131-BF6B-E2EBDB8587F2} - System32\Tasks\{F5561DE7-9842-4A1E-8AA8-CF866F60EE47} => C:\ARENA\A.EXE
Task: {FCD35316-C523-4DC0-A3F2-95172A36CFE8} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core.job => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA.job => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 16:27 - 2012-11-16 16:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-30 23:35 - 2011-04-19 03:52 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-06-09 23:22 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-02-09 02:56 - 2011-02-09 02:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2010-03-30 12:01 - 2010-03-30 12:01 - 01288056 _____ () C:\Program Files\FRITZ!Fernzugang\LIBEAY32.dll
2013-03-23 19:25 - 2013-03-23 19:25 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-16 23:01 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files (x86)\PostgreSQL\9.0\bin\LIBPQ.dll
2013-03-16 23:02 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files (x86)\PostgreSQL\9.0\bin\libxml2.dll
2011-04-30 23:35 - 2011-04-19 03:52 - 00143360 ____N () C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
2012-11-16 16:27 - 2012-11-16 16:27 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-16 16:09 - 2012-11-16 16:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-04-10 08:56 - 2014-04-02 03:57 - 00065352 _____ () C:\Users\ck\AppData\Local\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2012-11-29 23:59 - 2012-11-29 23:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-10 08:56 - 2014-04-02 03:57 - 00674632 _____ () C:\Users\ck\AppData\Local\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 08:56 - 2014-04-02 03:57 - 00093000 _____ () C:\Users\ck\AppData\Local\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 08:56 - 2014-04-02 03:57 - 04081480 _____ () C:\Users\ck\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 08:56 - 2014-04-02 03:58 - 00390472 _____ () C:\Users\ck\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 08:56 - 2014-04-02 03:57 - 01647432 _____ () C:\Users\ck\AppData\Local\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:iSpring Converter 6
AlternateDataStreams: C:\Users\All Users:iSpring Converter 6
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:iSpring Converter 6
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Converter 6
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\ck\Anwendungsdaten:iSpring Converter 6
AlternateDataStreams: C:\Users\ck\AppData\Roaming:iSpring Converter 6

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ck^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk => C:\Windows\pss\Trillian.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ANT Agent => C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: PokerStrategy.com SideKick => "C:\Users\ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: HP Color LaserJet 2600n
Description: HP Color LaserJet 2600n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 11:10:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/23/2014 10:39:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/23/2014 10:39:04 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (04/23/2014 01:57:09 PM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Programmkompatibilitäts-Assistent-Dienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Sitzungs-Manager für Desktopfenster-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Programmkompatibilitäts-Assistent-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerkverbindungen" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/23/2014 01:56:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/23/2014 11:10:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Sicherung\Eigene Dateien\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2014 10:39:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Sicherung\Eigene Dateien\Downloads\esetsmartinstaller_enu.exe

Error: (04/23/2014 10:39:04 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Sicherung\Eigene Dateien\Downloads\esetsmartinstaller_enu.exe


CodeIntegrity Errors:
===================================
  Date: 2012-03-16 12:30:24.788
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-16 12:30:24.706
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-16 12:30:24.331
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-16 12:30:24.249
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 5886.16 MB
Available physical RAM: 3625.4 MB
Total Pagefile: 14713.34 MB
Available Pagefile: 11270.32 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.09 GB) (Free:26.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HDD) (Fixed) (Total:348.57 GB) (Free:139.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 801BCFF5)
Partition 1: (Active) - (Size=117 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=349 GB) - (Type=07 NTFS)

==================== End Of Log ============================
und das Gmer.txt Log

Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-04-23 14:48:20
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 HITACHI_HTS725050A9A364 rev.PC4ZC70F 465,76GB
Running: gmer.exe; Driver: C:\Users\ck\AppData\Local\Temp\pxldqpoc.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                              fffff800033bb000 42 bytes [00, 00, 76, 00, 49, 72, 62, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 571                              fffff800033bb02b 20 bytes [05, 80, FA, FF, FF, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text    C:\Windows\SysWOW64\PnkBstrA.exe[2456] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322          0000000073901a22 2 bytes [90, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2456] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496          0000000073901ad0 2 bytes [90, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2456] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552          0000000073901b08 2 bytes [90, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2456] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730          0000000073901bba 2 bytes [90, 73]
.text    C:\Windows\SysWOW64\PnkBstrA.exe[2456] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762          0000000073901bda 2 bytes [90, 73]

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffaea0160                     
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffaea0160@6c23b9724a4f        0x8E 0x61 0x04 0x25 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffaea0160@00219e4be3d3        0xD1 0xF1 0x66 0x00 ...
Reg      HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\889ffaea0160@38e7d8c4b8a3        0x83 0x13 0x88 0x04 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffaea0160 (not active ControlSet) 
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffaea0160@6c23b9724a4f            0x8E 0x61 0x04 0x25 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffaea0160@00219e4be3d3            0xD1 0xF1 0x66 0x00 ...
Reg      HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\889ffaea0160@38e7d8c4b8a3            0x83 0x13 0x88 0x04 ...

---- EOF - GMER 2.1 ----

vielen Dank schon einmal im Vorraus und meinen Respekt für eure Leistung, da ich das Teil komplett unterschätzt habe und dachte so: Ach so ein kleiner Fake AV, den haste Ruckzuck wieder entfernt... :headbang::stirn:

:dankeschoen:

Larusso 23.04.2014 15:08
:hallo:

Tritt das Problem mit FF und Chrome auf ? So sehe ich jetzt nichts was mir irgendwie Sorgen machen würde.
kannst du mir sagen, um was es sich hierbei handelt ?
Code:
C:\ARENA\A.EXE

robinarthur 23.04.2014 15:29
Zitat:
Zitat von Larusso (Beitrag 1289531)
:hallo:

Tritt das Problem mit FF und Chrome auf ? So sehe ich jetzt nichts was mir irgendwie Sorgen machen würde.
kannst du mir sagen, um was es sich hierbei handelt ?
Code:
C:\ARENA\A.EXE
Hallo,

Jetzt tritt das Problem nicht mehr aus, sehr komisch.

Nein, dieses Arena sagt mir nichts, ist aber über den explorer auch nicht zu sehen.

Ist der Teil aus der FRST.txt vielleicht besorgniserregend?
Code:
Some content of TEMP:
====================
C:\Users\ck\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\ck\AppData\Local\Temp\hcuninstaller_20130513_220821_2544.exe
C:\Users\ck\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\ck\AppData\Local\Temp\OptimizerPro.exe
C:\Users\ck\AppData\Local\Temp\Quarantine.exe
C:\Users\ck\AppData\Local\Temp\ResetDevice.exe
C:\Users\ck\AppData\Local\Temp\SRLDetectionLibrary7567288046467874810.dll
C:\Users\ck\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\ck\AppData\Local\Temp\UnityWebPlayer4936111406799115466.exe
C:\Users\ck\AppData\Local\Temp\wajam_download.exe
Weil Optimizer Pro war ja gestern diese Ominöse Tool und wo ichs gerade lese war Live Support auch auf dem Desktop, wusste vorhin aber nicht mehr wie es hieß.

Larusso 23.04.2014 15:54
Ne, de können wir getrost links liegen lassen.

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


robinarthur 24.04.2014 08:38
Der ADW Cleaner brachte folgendes Ergebnis:

Code:
# AdwCleaner v3.201 - Bericht erstellt am 23/04/2014 um 19:23:56
# Aktualisiert 22/04/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : ck - CK-PC
# Gestartet von : D:\Sicherung\Eigene Dateien\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\Software\Wajam

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\ck\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [3525 octets] - [23/04/2014 08:37:43]
AdwCleaner[R1].txt - [1064 octets] - [23/04/2014 18:41:04]
AdwCleaner[S0].txt - [3326 octets] - [23/04/2014 08:41:47]
AdwCleaner[S1].txt - [987 octets] - [23/04/2014 19:23:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1046 octets] ##########
Malwarebytes Anti Malware findet etwas und hat auch die 2 Dateien, die meine Freundin heruntergeladen hat aus dem Downloadordner in die Quarantäne verschoben. Allerdings bleibt er immer nach knapp 52000 Dateien in der Dateisystemsuche hängen. Ich habe es gestern Abend mehrmals versucht, nach knapp 10 Minuten ist er an der Stelle und macht dann nicht weiter. Ich habe den Laptop auch die ganze Nacht laufen lassen, ohne dass sich etwas am Zustand geändert hat.

Das gefundene Objekt heißt PUP.Optional.Wajam und liegt unter C:\Users\CK\AppData\local\Temp\wajam_download.exe

hier ein Screenshot wo mbam stehen bleibt:
http://s7.directupload.net/images/140424/9v2jzjo2.jpg

und nun die Logs von gestern und heute

mbam gestern
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 23.04.2014 19:31:35, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 23.04.2014 19:31:35, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 23.04.2014 19:31:36, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Update, 23.04.2014 19:31:39, SYSTEM, CK-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1,
Update, 23.04.2014 19:31:56, SYSTEM, CK-PC, Manual, Malware Database, 2014.3.4.9, 2014.4.23.7,
Protection, 23.04.2014 19:31:57, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 23.04.2014 19:32:22, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 23.04.2014 19:32:22, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2014 19:32:22, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2014 19:32:35, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 23.04.2014 19:32:35, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2014 19:32:36, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Detection, 23.04.2014 19:33:55, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, D:\Sicherung\Eigene Dateien\Downloads\Ajile_downloader-5B6w82D7.exe, Quarantine, [705372bb84f7fe38b16902beed166997]
Detection, 23.04.2014 19:34:14, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe, Quarantine, [705372bb84f7fe38b16902beed166997]
Protection, 23.04.2014 19:34:14, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Error, 23.04.2014 19:34:14, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Detection, 23.04.2014 19:34:45, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe, Quarantine, [705372bb84f7fe38b16902beed166997]
Protection, 23.04.2014 19:34:45, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Error, 23.04.2014 19:34:45, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Detection, 23.04.2014 19:35:00, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, D:\Sicherung\Eigene Dateien\Downloads\Ajile_downloader_by_SchriftartenFontsde.exe, Quarantine, [d3f0f53843387cba9542034c38cc8c74]
Detection, 23.04.2014 19:35:07, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe, Quarantine, [705372bb84f7fe38b16902beed166997]
Protection, 23.04.2014 19:35:07, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Error, 23.04.2014 19:35:07, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Detection, 23.04.2014 19:35:07, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, d:\sicherung\eigene dateien\downloads\ajile_downloader_by_schriftartenfontsde.exe, Quarantine, [d3f0f53843387cba9542034c38cc8c74]
Protection, 23.04.2014 19:35:07, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader_by_schriftartenfontsde.exe,
Error, 23.04.2014 19:35:07, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader_by_schriftartenfontsde.exe,
Detection, 23.04.2014 19:35:11, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe, Quarantine, [705372bb84f7fe38b16902beed166997]
Protection, 23.04.2014 19:35:12, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Error, 23.04.2014 19:35:12, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Detection, 23.04.2014 19:35:23, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Somoto, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe, Quarantine, [705372bb84f7fe38b16902beed166997]
Protection, 23.04.2014 19:35:23, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Error, 23.04.2014 19:35:23, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\ajile_downloader-5b6w82d7.exe,
Protection, 23.04.2014 20:17:16, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2014 20:17:16, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2014 20:17:16, SYSTEM, CK-PC, Protection, Malware Protection, Stopping,
Protection, 23.04.2014 20:17:17, SYSTEM, CK-PC, Protection, Malware Protection, Stopped,
Protection, 23.04.2014 20:22:16, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 23.04.2014 20:22:16, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 23.04.2014 20:22:16, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2014 20:24:33, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 23.04.2014 21:12:15, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.23.7, 2014.4.23.8,
Protection, 23.04.2014 21:12:16, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 23.04.2014 21:12:16, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2014 21:12:17, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2014 21:12:26, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 23.04.2014 21:12:26, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2014 21:12:27, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 23.04.2014 21:32:25, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2014 21:32:25, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2014 21:32:25, SYSTEM, CK-PC, Protection, Malware Protection, Stopping,
Protection, 23.04.2014 21:32:26, SYSTEM, CK-PC, Protection, Malware Protection, Stopped,
Protection, 23.04.2014 21:35:07, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 23.04.2014 21:35:07, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 23.04.2014 21:35:08, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2014 21:35:45, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 23.04.2014 22:45:22, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2014 22:45:22, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2014 22:45:22, SYSTEM, CK-PC, Protection, Malware Protection, Stopping,
Protection, 23.04.2014 22:45:34, SYSTEM, CK-PC, Protection, Malware Protection, Stopped,
Protection, 23.04.2014 22:46:19, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 23.04.2014 22:46:19, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 23.04.2014 22:46:19, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2014 22:46:20, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 23.04.2014 22:46:45, SYSTEM, CK-PC, Manual, Malware Database, 2014.4.23.8, 2014.4.23.9,
Protection, 23.04.2014 22:46:49, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 23.04.2014 22:46:49, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 23.04.2014 22:46:49, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 23.04.2014 22:46:58, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 23.04.2014 22:46:58, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 23.04.2014 22:46:59, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,

(end)
mbam heute:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 24.04.2014 03:17:51, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.23.9, 2014.4.24.1,
Protection, 24.04.2014 03:17:52, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 03:17:52, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 03:17:53, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 03:18:01, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 03:18:01, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 03:18:02, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 05:34:48, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.24.1, 2014.4.24.2,
Protection, 24.04.2014 05:34:49, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 05:34:49, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 05:34:50, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 05:34:58, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 05:34:58, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 05:34:59, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 24.04.2014 08:26:50, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 08:26:50, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 08:26:50, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 08:26:51, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,

(end)

Larusso 24.04.2014 16:50
Hy.

Könntest du bitte den Scan wiederholen, aber diesmal den Haken bei Suche nach Rootkits entfernen ( ist auch standardmäßig nicht ausgewählt )

robinarthur 25.04.2014 07:44
gesagt getan:


mbam gestern: Scan wurde Abends gestartet
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 24.04.2014 03:17:51, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.23.9, 2014.4.24.1,
Protection, 24.04.2014 03:17:52, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 03:17:52, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 03:17:53, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 03:18:01, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 03:18:01, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 03:18:02, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 05:34:48, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.24.1, 2014.4.24.2,
Protection, 24.04.2014 05:34:49, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 05:34:49, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 05:34:50, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 05:34:58, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 05:34:58, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 05:34:59, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 24.04.2014 08:26:50, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 08:26:50, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 08:26:50, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 08:26:51, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 09:52:42, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.24.2, 2014.4.24.5,
Protection, 24.04.2014 09:52:44, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 09:52:44, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 09:52:44, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 09:53:10, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 09:53:10, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 09:53:11, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Detection, 24.04.2014 12:09:02, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Softonic.A, D:\Sicherung\Eigene Dateien\Downloads\SoftonicDownloader_fuer_buddi-portable.exe, Quarantine, [b57082ac15669c9ac6c2ee2de31e867a]
Detection, 24.04.2014 12:14:27, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Softonic.A, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe, Quarantine, [b57082ac15669c9ac6c2ee2de31e867a]
Protection, 24.04.2014 12:14:27, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe,
Error, 24.04.2014 12:14:28, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe,
Detection, 24.04.2014 12:14:39, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Softonic.A, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe, Quarantine, [b57082ac15669c9ac6c2ee2de31e867a]
Protection, 24.04.2014 12:14:39, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe,
Error, 24.04.2014 12:14:39, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe,
Detection, 24.04.2014 12:16:41, SYSTEM, CK-PC, Protection, Malware Protection, File, PUP.Optional.Softonic.A, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe, Quarantine, [b57082ac15669c9ac6c2ee2de31e867a]
Protection, 24.04.2014 12:16:41, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe,
Error, 24.04.2014 12:16:41, SYSTEM, CK-PC, Protection, SDKQuarantine, 2, Failed, d:\sicherung\eigene dateien\downloads\softonicdownloader_fuer_buddi-portable.exe,
Update, 24.04.2014 13:57:09, SYSTEM, CK-PC, Scheduler, Malware Database, 2014.4.24.5, 2014.4.24.6,
Protection, 24.04.2014 13:57:14, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 13:57:14, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 13:57:15, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 13:57:27, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 13:57:27, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 13:57:28, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 24.04.2014 20:04:39, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 20:04:39, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 20:04:39, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 20:06:10, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 20:13:11, SYSTEM, CK-PC, Manual, Malware Database, 2014.4.24.6, 2014.4.24.8,
Protection, 24.04.2014 20:13:14, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 20:13:14, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 20:13:15, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 20:13:22, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 20:13:22, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 20:13:24, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Protection, 24.04.2014 22:46:24, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 24.04.2014 22:46:24, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 24.04.2014 22:46:25, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 22:47:05, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,
Update, 24.04.2014 22:53:41, SYSTEM, CK-PC, Manual, Malware Database, 2014.4.24.8, 2014.4.24.9,
Protection, 24.04.2014 22:53:46, SYSTEM, CK-PC, Protection, Refresh, Starting,
Protection, 24.04.2014 22:53:46, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopping,
Protection, 24.04.2014 22:53:48, SYSTEM, CK-PC, Protection, Malicious Website Protection, Stopped,
Protection, 24.04.2014 22:54:48, SYSTEM, CK-PC, Protection, Refresh, Success,
Protection, 24.04.2014 22:54:48, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 24.04.2014 22:54:51, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,

(end)
mbam heute vormittag

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 25.04.2014 08:18:47, SYSTEM, CK-PC, Protection, Malware Protection, Starting,
Protection, 25.04.2014 08:18:47, SYSTEM, CK-PC, Protection, Malware Protection, Started,
Protection, 25.04.2014 08:18:47, SYSTEM, CK-PC, Protection, Malicious Website Protection, Starting,
Protection, 25.04.2014 08:19:06, SYSTEM, CK-PC, Protection, Malicious Website Protection, Started,

(end)
und hier noch der screenshot der Quarantäne

http://s7.directupload.net/images/140425/kd4ttmmg.jpg

Larusso 25.04.2014 14:16
Das ist immer noch nicht die Logfile, die ich hier bräuchte.

Nach dem Scan Rechts Oben auf "Logdatei exportieren" und unter mbam.txt auf dem Desktop speichern.
Die Funde sind harmlos. Lief der Scan diesesmal durch ?

robinarthur 26.04.2014 08:25
so, jetzt aber! :singsing:

mbam Scan Protokoll

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 26.04.2014
Suchlauf-Zeit: 09:18:27
Logdatei: mbam_scan.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.25.11
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ck

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 1081324
Verstrichene Zeit: 9 Std, 43 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.Wajam, C:\Users\ck\AppData\Local\Temp\wajam_download.exe, , [404f042a116a290da8bbe23cb94737c9],

Physische Sektoren: 0
(No malicious items detected)


(end)
ja Scan lief durch, hatte nur vergessen direkt nach dem Scannen das Logfile zu eportieren und nach einem Neustart war das Protokoll dann nicht unter Verlauf zu finden. Jetzt allerdings schon

:wink:

Larusso 26.04.2014 10:06
Die Dateien sind alle im temporären Verzeichnis, also nichts tragisches.
Entfernen wir hiermit gleich mit

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {1238CFB1-6EAD-4579-A8D5-39DFCD0F00C1} - System32\Tasks\{26BB604B-F9DA-412B-A500-DF931D2D2317} => C:\ARENA\A.EXE
Task: {9705F4CC-4F48-4AEE-B5F8-E869C86BA079} - System32\Tasks\{311C4AE6-939C-4829-9946-2C443EB2CEDF} => C:\ARENA\INSTALL.EXE
Task: {AEB05DB6-09E5-4B4D-8380-80BEEA9924AE} - System32\Tasks\{AAD8B9EB-E22C-438F-81DA-93210651AC46} => C:\ARENA\A.EXE
Task: {E240BA85-D711-4BCA-9159-D55D2F948A56} - System32\Tasks\{1C22FEED-FD5D-4266-B0A1-BB54F7A13C90} => C:\ARENA\A.EXE
Task: {E5E695AD-D7CE-4D9F-AFAD-A8B826E49A84} - System32\Tasks\{585D89F0-6D9E-4EF1-83F0-9F2BF9E974D8} => C:\ARENA\A.EXE
Task: {FAA456BE-4125-4131-BF6B-E2EBDB8587F2} - System32\Tasks\{F5561DE7-9842-4A1E-8AA8-CF866F60EE47} => C:\ARENA\A.EXE
C:\Users\ck\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\ck\AppData\Local\Temp\hcuninstaller_20130513_220821_2544.exe
C:\Users\ck\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\ck\AppData\Local\Temp\OptimizerPro.exe
C:\Users\ck\AppData\Local\Temp\Quarantine.exe
C:\Users\ck\AppData\Local\Temp\ResetDevice.exe
C:\Users\ck\AppData\Local\Temp\SRLDetectionLibrary7567288046467874810.dll
C:\Users\ck\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\ck\AppData\Local\Temp\UnityWebPlayer4936111406799115466.exe
C:\Users\ck\AppData\Local\Temp\wajam_download.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


robinarthur 27.04.2014 08:52
hier ist schon mal die fixlog.txt

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-04-2014 03
Ran by ck at 2014-04-26 15:57:14 Run:1
Running from D:\Sicherung\Eigene Dateien\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: {1238CFB1-6EAD-4579-A8D5-39DFCD0F00C1} - System32\Tasks\{26BB604B-F9DA-412B-A500-DF931D2D2317} => C:\ARENA\A.EXE
Task: {9705F4CC-4F48-4AEE-B5F8-E869C86BA079} - System32\Tasks\{311C4AE6-939C-4829-9946-2C443EB2CEDF} => C:\ARENA\INSTALL.EXE
Task: {AEB05DB6-09E5-4B4D-8380-80BEEA9924AE} - System32\Tasks\{AAD8B9EB-E22C-438F-81DA-93210651AC46} => C:\ARENA\A.EXE
Task: {E240BA85-D711-4BCA-9159-D55D2F948A56} - System32\Tasks\{1C22FEED-FD5D-4266-B0A1-BB54F7A13C90} => C:\ARENA\A.EXE
Task: {E5E695AD-D7CE-4D9F-AFAD-A8B826E49A84} - System32\Tasks\{585D89F0-6D9E-4EF1-83F0-9F2BF9E974D8} => C:\ARENA\A.EXE
Task: {FAA456BE-4125-4131-BF6B-E2EBDB8587F2} - System32\Tasks\{F5561DE7-9842-4A1E-8AA8-CF866F60EE47} => C:\ARENA\A.EXE
C:\Users\ck\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\ck\AppData\Local\Temp\hcuninstaller_20130513_220821_2544.exe
C:\Users\ck\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ck\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\ck\AppData\Local\Temp\OptimizerPro.exe
C:\Users\ck\AppData\Local\Temp\Quarantine.exe
C:\Users\ck\AppData\Local\Temp\ResetDevice.exe
C:\Users\ck\AppData\Local\Temp\SRLDetectionLibrary7567288046467874810.dll
C:\Users\ck\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\ck\AppData\Local\Temp\UnityWebPlayer4936111406799115466.exe
C:\Users\ck\AppData\Local\Temp\wajam_download.exe
*****************

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1238CFB1-6EAD-4579-A8D5-39DFCD0F00C1} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1238CFB1-6EAD-4579-A8D5-39DFCD0F00C1} => Key deleted successfully.
C:\Windows\System32\Tasks\{26BB604B-F9DA-412B-A500-DF931D2D2317} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26BB604B-F9DA-412B-A500-DF931D2D2317} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9705F4CC-4F48-4AEE-B5F8-E869C86BA079} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9705F4CC-4F48-4AEE-B5F8-E869C86BA079} => Key deleted successfully.
C:\Windows\System32\Tasks\{311C4AE6-939C-4829-9946-2C443EB2CEDF} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{311C4AE6-939C-4829-9946-2C443EB2CEDF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AEB05DB6-09E5-4B4D-8380-80BEEA9924AE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AEB05DB6-09E5-4B4D-8380-80BEEA9924AE} => Key deleted successfully.
C:\Windows\System32\Tasks\{AAD8B9EB-E22C-438F-81DA-93210651AC46} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{AAD8B9EB-E22C-438F-81DA-93210651AC46} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E240BA85-D711-4BCA-9159-D55D2F948A56} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E240BA85-D711-4BCA-9159-D55D2F948A56} => Key deleted successfully.
C:\Windows\System32\Tasks\{1C22FEED-FD5D-4266-B0A1-BB54F7A13C90} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1C22FEED-FD5D-4266-B0A1-BB54F7A13C90} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5E695AD-D7CE-4D9F-AFAD-A8B826E49A84} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5E695AD-D7CE-4D9F-AFAD-A8B826E49A84} => Key deleted successfully.
C:\Windows\System32\Tasks\{585D89F0-6D9E-4EF1-83F0-9F2BF9E974D8} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{585D89F0-6D9E-4EF1-83F0-9F2BF9E974D8} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FAA456BE-4125-4131-BF6B-E2EBDB8587F2} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FAA456BE-4125-4131-BF6B-E2EBDB8587F2} => Key deleted successfully.
C:\Windows\System32\Tasks\{F5561DE7-9842-4A1E-8AA8-CF866F60EE47} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F5561DE7-9842-4A1E-8AA8-CF866F60EE47} => Key deleted successfully.
C:\Users\ck\AppData\Local\Temp\DataCard_Setup64.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\hcuninstaller_20130513_220821_2544.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\LiveSupport_setup.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\OptimizerPro.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\ResetDevice.exe => Moved successfully.
C:\Users\ck\AppData\Local\Temp\SRLDetectionLibrary7567288046467874810.dll => Moved successfully.
C:\Users\ck\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
C:\Users\ck\AppData\Local\Temp\UnityWebPlayer4936111406799115466.exe => Moved successfully.
"C:\Users\ck\AppData\Local\Temp\wajam_download.exe" => File/Directory not found.

==== End of Fixlog ====

der eset scan läuft noch.

und das eset Log

Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=9d8e0a45ecc37448be8bdd93a3773aa0
# engine=18042
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-27 04:54:26
# local_time=2014-04-27 06:54:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 20947316 150204316 0 0
# scanned=1170059
# found=2
# cleaned=2
# scan_time=52826
sh=F35EAF1A474133A62A273E3439968E6FD402A792 ft=1 fh=9a8d70b2044ea452 vn="a variant of Win32/Skintrim.MH trojan (cleaned by deleting - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\ck\AppData\Local\genesis\Genesis.exe.vir"
sh=2E773666C7E1DE8B735F4C00AAB945ABBE8C1A92 ft=1 fh=dbc95b404fe862ff vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\Temp\RegistryOptimizer.exe"

Larusso 28.04.2014 15:44
Hy und sorry. War gestern nicht fähig um mich an den PC zu setzen.


Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Bitte starte FRST erneut. Setze einen Haken bei additions.txt und drücke auf Scan.

Post bitte die FRST.txt sowie die Additions.txt hier

robinarthur 29.04.2014 09:16
hier einmal die tfc.txt

Code:
Getting user folders.
 
Stopping running processes.
 
Emptying Temp folders.
 
 
User: All Users
 
User: ck
->Temp folder emptied: 571847972 bytes
->Temporary Internet Files folder emptied: 110597224 bytes
->Java cache emptied: 3691719 bytes
->FireFox cache emptied: 166178424 bytes
->Google Chrome cache emptied: 17508428 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 100103 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: postgres
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56475 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 647480101 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36398 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 755 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43291205 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 734 bytes
 
Emptying RecycleBin. Do not interrupt.
 
RecycleBin emptied: 415000987 bytes
Process complete!
 
Total Files Cleaned = 1.884,00 mb

dann die FRST.txt


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by ck (administrator) on CK-PC on 29-04-2014 09:49:30
Running from D:\Sicherung\Eigene Dateien\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Lenovo) C:\Windows\system32\ibmpmsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
() C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files (x86)\PostgreSQL\9.0\bin\postgres.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Lenovo Group Limited) C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2399632 2011-04-13] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-04-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [TVT Scheduler Proxy] => C:\Program Files (x86)\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [487424 2008-03-04] (Lenovo Group Limited)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641704 2012-11-16] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [20992 2012-03-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\Run: [Google Update] => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: {3a296be8-645f-11e2-8fbe-60eb69e8e4d2} - E:\KDMElite.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: {5de3ccaa-c07a-11e3-a72f-60eb69e8e4d2} - E:\AutoRun.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000\...\MountPoints2: {cb935517-7327-11e0-9b20-889ffaea0160} - E:\autorun.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Google Update] => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [118104 2014-04-01] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1252287902-2085468925-378308179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {3a296be8-645f-11e2-8fbe-60eb69e8e4d2} - E:\KDMElite.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {5de3ccaa-c07a-11e3-a72f-60eb69e8e4d2} - E:\AutoRun.exe
HKU\S-1-5-21-1252287902-2085468925-378308179-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cb935517-7327-11e0-9b20-889ffaea0160} - E:\autorun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF441C6FE6BCCCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=205
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\ck\AppData\Roaming\Mozilla\Firefox\D:\Sicherung\Firefoxprofil\Profiles\w5is9oru.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\ck\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\ck\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-10]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-08-15]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-05-10]

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "tabs":{"use_compact_navigation_bar":false,"use_vertical_tabs":false},"translate_accepted_count":{"en":0},"translate_blocked_languages":["de"],"translate_denied_count":{"en":4},"translate_whitelists":{},"webkit":{"webprefs":{"allow_running_insecure_content":true}},"homepage":""
CHR DefaultSearchKeyword: mystart.incredibar.com/mb143
CHR DefaultSearchURL: hxxp://mystart.incredibar.com/mb143/?loc=IB_DS&search={searchTerms}&a=6OyBXjq6eU&i=26
CHR Extension: (Google Wallet) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\ck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-08-15]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-16] (Advanced Micro Devices, Inc.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [335224 2010-03-30] (AVM Berlin)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143224 2010-03-30] (AVM Berlin)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [431960 2014-04-01] (Garmin Ltd or its subsidiaries)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [189304 2010-03-30] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-03-23] ()
R2 PwmEWSvc; C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [143360 2011-04-19] ()
R2 ThinkVantage Registry Monitor Service; C:\Program Files (x86)\Common Files\Lenovo\tvt_reg_monitor_svc.exe [644408 2007-09-26] (Lenovo Group Limited)
R2 TVT Scheduler; C:\Program Files (x86)\Common Files\Lenovo\Scheduler\tvtsched.exe [1122304 2008-03-04] (Lenovo Group Limited)
R2 postgresql-x64-9.0; C:/Program Files (x86)/PostgreSQL/9.0/bin/pg_ctl.exe runservice -N "postgresql-x64-9.0" -D "C:/Program Files/PostgreSQL/9.0/data" -w [X]

==================== Drivers (Whitelisted) ====================

S2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2013-09-23] (hxxp://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2010-03-30] (AVM Berlin)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [19496 2008-10-21] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [152616 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [34856 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-09-06] (Oracle Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 fxusfssd; \??\C:\Windows\system32\drivers\fxusfssd.sys [X]
S3 PCDSRVC{127174DC-C366ED8B-06020200}_0; \??\c:\program files\pc-doctor\pcdsrvc_x64.pkms [X]
S3 X6va005; \??\C:\Users\ck\AppData\Local\Temp\005AE16.tmp [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 19:31 - 2014-04-29 08:53 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 19:31 - 2014-04-23 19:31 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-23 19:31 - 2014-04-23 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-23 19:30 - 2014-04-23 19:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-23 19:30 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-23 19:30 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-23 19:30 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-23 14:54 - 2014-04-23 14:54 - 716398708 _____ () C:\Windows\MEMORY.DMP
2014-04-23 14:54 - 2014-04-23 14:54 - 00275056 _____ () C:\Windows\Minidump\042314-24398-01.dmp
2014-04-23 14:24 - 2014-04-23 14:24 - 00000000 _____ () C:\Users\ck\defogger_reenable
2014-04-23 11:11 - 2014-04-29 09:49 - 00000000 ____D () C:\FRST
2014-04-23 10:28 - 2014-04-23 10:28 - 00000000 ____D () C:\swshare
2014-04-23 08:20 - 2014-04-23 19:23 - 00000000 ____D () C:\AdwCleaner
2014-04-23 08:18 - 2014-04-23 08:18 - 00000757 _____ () C:\Users\ck\Desktop\JRT.txt
2014-04-22 21:50 - 2014-04-22 21:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-04-17 20:32 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 20:32 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 20:32 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 20:32 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 20:31 - 2014-04-17 20:32 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-13 21:14 - 2014-04-19 16:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-12 10:07 - 2014-04-12 10:07 - 00851288 _____ () C:\Windows\Minidump\041214-17316-01.dmp
2014-04-10 16:38 - 2014-04-19 21:23 - 00000607 _____ () C:\Windows\wiso.ini
2014-04-10 16:38 - 2014-04-19 17:38 - 00000000 ____D () C:\Users\ck\AppData\Local\Buhl
2014-04-10 16:37 - 2014-04-10 16:37 - 00002095 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-04-10 16:29 - 2014-04-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-04-10 16:27 - 2014-04-10 16:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-04-10 16:14 - 2014-04-10 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-04-10 16:14 - 2014-04-10 16:14 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-10 08:48 - 2014-04-10 08:48 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin

==================== One Month Modified Files and Folders =======

2014-04-29 09:49 - 2014-04-23 11:11 - 00000000 ____D () C:\FRST
2014-04-29 09:48 - 2011-05-11 21:31 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA.job
2014-04-29 09:38 - 2011-04-29 08:34 - 01875720 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 09:32 - 2012-09-25 14:00 - 00089432 _____ () C:\Windows\setupact.log
2014-04-29 08:53 - 2014-04-23 19:31 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-29 08:53 - 2009-07-14 13:12 - 00707712 _____ () C:\Windows\system32\perfh007.dat
2014-04-29 08:53 - 2009-07-14 13:12 - 00153272 _____ () C:\Windows\system32\perfc007.dat
2014-04-29 08:53 - 2009-07-14 07:13 - 01642876 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-29 08:49 - 2009-07-14 06:45 - 00015264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-29 08:49 - 2009-07-14 06:45 - 00015264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-29 08:41 - 2012-09-26 09:46 - 00163488 _____ () C:\Windows\PFRO.log
2014-04-29 08:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 20:56 - 2011-05-04 16:58 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-04-28 14:00 - 2011-05-04 16:58 - 00003480 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2014-04-28 14:00 - 2011-05-04 16:58 - 00003448 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2014-04-28 09:35 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-26 18:48 - 2011-05-11 21:31 - 00001056 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core.job
2014-04-26 15:13 - 2009-07-14 13:30 - 00000000 ____D () C:\Windows\CSC
2014-04-24 11:49 - 2012-05-08 18:41 - 00000000 ____D () C:\ProgramData\Origin
2014-04-24 11:16 - 2012-05-08 18:40 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-04-24 10:48 - 2013-06-06 14:16 - 00000000 ____D () C:\Users\ck\AppData\Local\Aptana Studio 3
2014-04-23 19:31 - 2014-04-23 19:31 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-23 19:31 - 2014-04-23 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-23 19:30 - 2014-04-23 19:30 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-23 19:30 - 2014-02-20 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 19:23 - 2014-04-23 08:20 - 00000000 ____D () C:\AdwCleaner
2014-04-23 14:54 - 2014-04-23 14:54 - 716398708 _____ () C:\Windows\MEMORY.DMP
2014-04-23 14:54 - 2014-04-23 14:54 - 00275056 _____ () C:\Windows\Minidump\042314-24398-01.dmp
2014-04-23 14:54 - 2011-05-03 12:54 - 00000000 ____D () C:\Windows\Minidump
2014-04-23 14:24 - 2014-04-23 14:24 - 00000000 _____ () C:\Users\ck\defogger_reenable
2014-04-23 14:24 - 2011-04-29 08:35 - 00000000 ____D () C:\Users\ck
2014-04-23 12:34 - 2012-09-21 15:49 - 00000000 ____D () C:\Windows\pss
2014-04-23 12:34 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-23 10:31 - 2011-08-18 19:00 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-04-23 10:29 - 2012-10-06 17:41 - 00000000 ____D () C:\Users\ck\AppData\Local\Unity
2014-04-23 10:28 - 2014-04-23 10:28 - 00000000 ____D () C:\swshare
2014-04-23 10:19 - 2012-12-04 08:11 - 00000000 ____D () C:\ProgramData\Skype
2014-04-23 10:17 - 2013-03-13 09:24 - 00000000 ____D () C:\Poker
2014-04-23 09:46 - 2013-05-03 11:14 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-04-23 09:43 - 2012-05-08 18:41 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-04-23 09:43 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-23 09:41 - 2013-07-19 07:37 - 00000060 _____ () C:\Windows\Sierra.ini
2014-04-23 09:41 - 2011-04-29 18:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-23 08:47 - 2012-12-04 08:12 - 00000000 ____D () C:\Users\ck\AppData\Roaming\Skype
2014-04-23 08:44 - 2011-08-09 10:07 - 00000432 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-23 08:18 - 2014-04-23 08:18 - 00000757 _____ () C:\Users\ck\Desktop\JRT.txt
2014-04-23 07:31 - 2009-07-14 06:45 - 00432920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-22 22:08 - 2011-04-29 17:27 - 00117176 _____ () C:\Users\ck\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-22 21:50 - 2014-04-22 21:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-04-22 15:09 - 2014-04-22 15:09 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-04-21 14:45 - 2013-05-18 15:12 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-04-20 16:24 - 2011-04-29 17:42 - 00000000 ____D () C:\Users\ck\AppData\Local\Adobe
2014-04-20 16:09 - 2012-04-16 19:56 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-20 16:09 - 2011-05-22 21:06 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-20 14:27 - 2012-02-09 08:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-19 21:23 - 2014-04-10 16:38 - 00000607 _____ () C:\Windows\wiso.ini
2014-04-19 17:38 - 2014-04-10 16:38 - 00000000 ____D () C:\Users\ck\AppData\Local\Buhl
2014-04-19 16:54 - 2014-04-13 21:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-17 20:32 - 2014-04-17 20:31 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 20:32 - 2013-12-01 20:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 20:32 - 2013-07-01 21:20 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-14 20:13 - 2014-04-17 20:32 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-17 20:32 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-17 20:32 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-17 20:32 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-12 10:07 - 2014-04-12 10:07 - 00851288 _____ () C:\Windows\Minidump\041214-17316-01.dmp
2014-04-12 10:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-04-10 16:38 - 2012-03-29 00:53 - 00000000 ____D () C:\ProgramData\Buhl Data Service GmbH
2014-04-10 16:37 - 2014-04-10 16:37 - 00002095 _____ () C:\Users\Public\Desktop\WISO Steuer-Sparbuch 2014.lnk
2014-04-10 16:29 - 2014-04-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO Steuer-Sparbuch 2014
2014-04-10 16:27 - 2014-04-10 16:27 - 00000000 ____D () C:\Program Files (x86)\WISO
2014-04-10 16:14 - 2014-04-10 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-04-10 16:14 - 2014-04-10 16:14 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-10 08:48 - 2014-04-10 08:48 - 00001888 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-04-10 08:48 - 2014-04-10 08:48 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-04-10 08:48 - 2014-02-21 10:39 - 00003556 _____ () C:\Windows\System32\Tasks\GarminUpdaterTask
2014-04-10 08:48 - 2014-02-21 10:39 - 00000000 ____D () C:\ProgramData\Package Cache
2014-04-10 08:48 - 2014-02-03 11:42 - 00000000 ____D () C:\ProgramData\Garmin
2014-04-10 08:48 - 2014-02-01 12:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-04-10 08:48 - 2014-02-01 12:54 - 00000000 ____D () C:\Program Files (x86)\Garmin
2014-04-03 09:51 - 2014-04-23 19:30 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 19:30 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 19:30 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 18:43 - 2011-05-11 21:31 - 00004072 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA
2014-04-01 18:43 - 2011-05-11 21:31 - 00003676 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core
2014-03-31 23:22 - 2011-05-04 16:58 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-03-31 09:57 - 2011-05-04 16:58 - 00004220 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2014-03-30 11:59 - 2014-02-15 03:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 00:37

==================== End Of Log ============================
--- --- ---



und die addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 03
Ran by ck at 2014-04-29 09:50:30
Running from D:\Sicherung\Eigene Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.0.0.4080 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.7.700.169 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1116.1515.27190 - Ihr Firmenname) Hidden
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 0.7 - Google Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.3.3 - Appcelerator, Inc.)
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
AutoIt v3.3.6.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.28 - Avanquest Software)
B110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{F4BF0189-CA2D-4A2B-B4EA-E796160E0487}) (Version: 1.1.0 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1116.1514.27190 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{6BDEB2BD-7C8B-4734-9E2F-E9EDC9D6C844}) (Version:  - Microsoft)
Der Herr der Ringe Online (HKCU\...\LOTROde) (Version:  - )
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden
DreamBoxEdit -- The one and only settings editor for your Dreambox (HKLM-x32\...\DreamBoxEdit) (Version:  - )
Elevated Installer (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.1.13904 - Landesfinanzdirektion Thüringen)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.1.0.0 - Electronic Arts)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{A79408B0-345D-42E8-8EB6-00597320B9E0}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{62E685A3-1E4F-4A12-B77C-9949DE9E7DFB}) (Version: 1.2.3 - AVM Berlin)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Garmin ANT Agent (HKLM\...\{3B589892-1061-48B4-8598-295C80C8573C}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries)
Garmin BaseCamp (HKLM-x32\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{50b02c70-f203-47ba-a926-5e4d816688db}) (Version: 3.1.7.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.1.7.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Training Center (HKLM-x32\...\{50C913B1-A091-48B8-A434-6C9670284888}) (Version: 3.6.5 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.368 - Happy Cloud, Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{014E482A-0C27-47E3-BA82-307E9DCA2F47}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417005FF}) (Version: 7.0.50 - Oracle)
JDiskReport 1.4.0 (HKLM-x32\...\JDiskReport 1.4.0) (Version: 1.4.0 (2012-01-20 11:38:43) - JGoodies Karsten Lentzsch)
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0 - Microsoft) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 18.0a2 (x86 de) (HKLM-x32\...\Mozilla Firefox 18.0a2 (x86 de)) (Version: 18.0a2 - Mozilla)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{a0ba02c9-c4f6-4f37-a8bd-ff82767e4c18}) (Version:  - Nero AG)
Nero BurnRights (x32 Version: 3.4.13.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.15.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden
Nero Disc Copy Gadget (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero Disc Copy Gadget Help (x32 Version: 2.4.34.0 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.13.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.12.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.27.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.12.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero PhotoSnap (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero PhotoSnap Help (x32 Version: 2.4.28.0 - Nero AG) Hidden
Nero Recode (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero Recode Help (x32 Version: 4.4.38.1 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden
Nero ShowTime (x32 Version: 5.4.24.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.19.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
Nero Vision (x32 Version: 6.4.16.100 - Nero AG) Hidden
Nero Vision Help (x32 Version: 6.4.15.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.27.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )
Oracle VM VirtualBox 4.3.4 (HKLM\...\{5FB568DF-207C-4B21-AC57-FC0CC2A0B113}) (Version: 4.3.4 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.6.1.39 - Electronic Arts, Inc.)
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version:  - )
PostgreSQL 9.0  (HKLM\...\PostgreSQL 9.0) (Version: 9.0 - PostgreSQL Global Development Group)
PremiumSoft Navicat Lite 9.1 (HKLM-x32\...\PremiumSoft Navicat Lite_is1) (Version:  - PremiumSoft CyberTech Ltd.)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RailsInstaller 2.2.1 (HKCU\...\{613C3EA5-1248-4E35-B61A-6D0B31BBC0DB}_is1) (Version: 2.2.1 - RailsInstaller Team)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SciTE4AutoIt3 2/28/2010 (HKLM-x32\...\SciTE4AutoIt3) (Version: 2/28/2010 - Jos van der Zande)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Update (HKLM-x32\...\{8675339C-128C-44DD-83BF-0A5D6ABD8297}) (Version: 3.14.0031 - Lenovo)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.16642 - TeamViewer)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.2900 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.52 - )
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.43 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad Wireless LAN Adapter Software (HKLM-x32\...\{9D3D2C60-A55F-4fed-B2B9-17311226DF01}) (Version: 1.00.0029.5 - )
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Trillian (HKLM-x32\...\Trillian) (Version:  - Cerulean Studios, LLC)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{651EE0E5-C789-48D8-8B91-F79352B783C9}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2B7EA7DF-B822-4C58-B90A-961B6BAF454B}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom (BTHUSB) Bluetooth  (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{7C189F90-06FE-4D67-AEF7-3BC555E161BD}) (Version: 21.00.8480 - Buhl Data Service GmbH)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {11DA153E-6EC0-41AD-8A5E-5632480FF932} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-04-01] ()
Task: {1F80F03D-C434-47BF-9F95-A87FBF8FF6CC} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {20CC583F-C6B6-4A28-9699-3EF268EF1126} - System32\Tasks\{8C0C44A3-8663-4FBF-97F4-585359714345} => D:\Sicherung\Eigene Dateien\Downloads\fut13autobuyer_setup_v1.1 (2).exe
Task: {252490A8-1EE2-494D-A522-C58879AAD81C} - System32\Tasks\{8C156D0A-CFE8-48C5-9A9A-AD415379F807} => D:\Sicherung\Eigene Dateien\Downloads\ca_setup(1).exe
Task: {6E888382-ABBB-413C-BE83-A003447DEBD8} - System32\Tasks\{F3E915E5-45DE-4F34-A3F4-BF5D09EA2AED} => C:\Program Files (x86)\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe
Task: {6FED11B7-6698-4DC2-9E17-5E5F4E195E39} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2012-04-23] (IObit)
Task: {8AFEF743-6F18-46AA-9DE9-5A39632B4403} - System32\Tasks\{199623F5-2518-4BC7-B932-F4DAB788FA02} => D:\Spiele\CHIP Online Spiele-DVD 6.0 V.1\Retro-Games\Mad TV\MTV.EXE [1991-09-28] ()
Task: {8C442DBA-42E1-4144-B432-D6DBA0658849} - System32\Tasks\{5AD2A44B-30C1-4CB4-B9E5-87CA1FCA062C} => C:\Program Files (x86)\dm\dm-Fotowelt\dm-Fotowelt.exe
Task: {9A469B28-00DA-47FE-8F5A-3FFBBB79AFF5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {C6E5A8B2-9B5D-469C-B9DD-A59E3D034597} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-04-13] (Microsoft Corporation)
Task: {D027995B-E2BA-4FE6-82DF-D8166DF06317} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-11] (Google Inc.)
Task: {D41742CA-7DED-4FAF-A194-415A7E468823} - System32\Tasks\{D0A92DB4-3692-4500-B0F7-DCF470635777} => D:\Sicherung\Eigene Dateien\Downloads\fut13autobuyer_setup_v1.1 (2).exe
Task: {D6150B8E-970D-4257-BC51-78E94F680860} - System32\Tasks\{D42599C0-3CC9-44DB-85B6-42C10E0CBF5C} => D:\Sicherung\Eigene Dateien\Downloads\wlaninfo.exe [2012-01-16] (Uni Regensburg)
Task: {D693A6B9-AD7C-4076-AA56-33AD4C94F2BD} - System32\Tasks\{FA4A4A32-8244-4989-B93F-C584501C20FC} => D:\Sicherung\Eigene Dateien\Downloads\ca_setup(1).exe
Task: {DF822A4C-DBE4-4A42-95C6-DF8AA5F59D5E} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {E0FB9616-2254-4778-A606-89935047C958} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-11] (Google Inc.)
Task: {EB73E8A3-C6D2-48B0-BF1C-74339D06C53B} - System32\Tasks\{50F2802F-4E5C-4FBD-B9DB-FEE248FC07FD} => D:\Sicherung\Eigene Dateien\Downloads\fut13autobuyer_setup_v1.1 (2).exe
Task: {EF2F2CB9-5D72-469C-896A-FF0A5875F89D} - System32\Tasks\{EEAC64B7-65F3-4C39-A294-74CCA456C95F} => D:\Sicherung\Eigene Dateien\Downloads\wlaninfo.exe [2012-01-16] (Uni Regensburg)
Task: {F36B980C-4462-4F7A-BE74-0474723B2656} - System32\Tasks\{A52FE91E-607A-4AC1-9C98-1D0E872C2B80} => D:\Sicherung\Eigene Dateien\Downloads\ca_setup(1).exe
Task: {FCD35316-C523-4DC0-A3F2-95172A36CFE8} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000Core.job => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1252287902-2085468925-378308179-1000UA.job => C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2012-11-16 16:27 - 2012-11-16 16:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2010-03-30 12:01 - 2010-03-30 12:01 - 01288056 _____ () C:\Program Files\FRITZ!Fernzugang\LIBEAY32.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-04-30 23:35 - 2011-04-19 03:52 - 00054272 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2011-06-09 23:22 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-02-09 02:56 - 2011-02-09 02:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
2013-03-23 19:25 - 2013-03-23 19:25 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-16 23:01 - 2012-09-21 09:55 - 00217600 _____ () C:\Program Files (x86)\PostgreSQL\9.0\bin\LIBPQ.dll
2013-03-16 23:02 - 2012-08-14 14:02 - 02258432 _____ () C:\Program Files (x86)\PostgreSQL\9.0\bin\libxml2.dll
2011-04-30 23:35 - 2011-04-19 03:52 - 00143360 ____N () C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
2012-11-16 16:27 - 2012-11-16 16:27 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-11-16 16:09 - 2012-11-16 16:09 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-29 21:44 - 2014-03-29 21:45 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 16:09 - 2014-04-20 16:09 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:iSpring Converter 6
AlternateDataStreams: C:\Users\All Users:iSpring Converter 6
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:iSpring Converter 6
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Converter 6
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\Users\ck\Anwendungsdaten:iSpring Converter 6
AlternateDataStreams: C:\Users\ck\AppData\Roaming:iSpring Converter 6

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GamersFirst LIVE!.lnk => C:\Windows\pss\GamersFirst LIVE!.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ck^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk => C:\Windows\pss\Trillian.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ANT Agent => C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Google Update => "C:\Users\ck\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: PokerStrategy.com SideKick => "C:\Users\ck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerStrategy.com\PokerStrategy.com SideKick.appref-ms"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Faulty Device Manager Devices =============

Name: HP Color LaserJet 2600n
Description: HP Color LaserJet 2600n
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/29/2014 00:43:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/28/2014 09:38:21 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/28/2014 01:06:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/27/2014 01:39:10 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/27/2014 09:48:32 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/26/2014 04:05:02 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/26/2014 04:04:39 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/26/2014 06:16:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (04/26/2014 06:09:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/25/2014 04:50:08 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (04/29/2014 08:42:57 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/29/2014 08:42:22 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (04/29/2014 08:41:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/28/2014 09:53:44 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/28/2014 08:57:20 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/28/2014 08:56:58 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (04/28/2014 08:56:14 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (04/28/2014 09:36:37 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (04/28/2014 09:35:53 AM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
cdrom

Error: (04/28/2014 09:35:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (04/29/2014 00:43:13 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (04/28/2014 09:38:21 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Sicherung\Eigene Dateien\Downloads\esetsmartinstaller_enu (1).exe

Error: (04/28/2014 01:06:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (04/27/2014 01:39:10 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (04/27/2014 09:48:32 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/26/2014 04:05:02 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Sicherung\Eigene Dateien\Downloads\esetsmartinstaller_enu (1).exe

Error: (04/26/2014 04:04:39 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestD:\Sicherung\Eigene Dateien\Downloads\esetsmartinstaller_enu (1).exe

Error: (04/26/2014 06:16:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest

Error: (04/26/2014 06:09:26 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (04/25/2014 04:50:08 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest


CodeIntegrity Errors:
===================================
  Date: 2012-03-16 12:30:24.788
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-16 12:30:24.706
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-16 12:30:24.331
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-03-16 12:30:24.249
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\RMClock\RTCore64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info ===========================

Percentage of memory in use: 34%
Total physical RAM: 5886.16 MB
Available physical RAM: 3838.74 MB
Total Pagefile: 14713.34 MB
Available Pagefile: 11272.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:117.09 GB) (Free:27.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HDD) (Fixed) (Total:348.57 GB) (Free:137.66 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 801BCFF5)
Partition 1: (Active) - (Size=117 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=349 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Larusso 29.04.2014 16:48
Hy. Sieht alles OK aus :)

Bitte deinstallieren
Java(TM) 7 Update 5 (64-bit)

Noch Fragen oder Probleme ?

robinarthur 30.04.2014 11:46
Okay, Java habe ich deinstalliert, also das alte.

Sonst fällt mir derzeit nichts ein. Vielen Dank für deine Hilfe!

Thema kann geschlossen werden, ich empfehle euch weiter ;-)


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27