Trojaner-Board - Windows 7: Schwieriger Trojaner?

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Windows 7: Schwieriger Trojaner? (https://www.trojaner-board.de/155320-windows-7-schwieriger-trojaner.html)

Windows 7: Schwieriger Trojaner?

also, ich bin mit meinem latein etwas am ende. ich habe schon einiges selbst unternommen. aber am besten der reihe nach.

ich merke, dass irgendwas mit meinem rechner nicht stimmt:

1.)

http://www.youscreen.de/nycqnauf61.jpg

also, dieses _MSBROWSE_ gehört da definitiv nicht hin

2.)

seit einiger zeit bekomme ich ständig meldungen, dass der arbeitsspeicher voll ist und dass etwas geschlossen wird

3.)

das notebook reagiert nicht mehr flüssig, obwohl ich nicht anderes mache

4.)

ich bekomme beim browser (chrome) plötzlich bilder, wo keine hingehören...da ist irgendwas komisch. es werden die falschen grafiken geladen/angezeigt) teilweise ist das html auch verschoben.

5)

vor ein paar tagen ist mir aufgefallen, dass plötzlich durchsichtige temp-backups von word-dateien auf dem desktop auftauchen, die ich seit 2011 nicht geöffnet habe. word war zu dem zeitpunkt auch nicht geöffnet. :eek:

6.) auf meinem desktop ist ein verzeichnis namens "backups" aufgetaucht. in der schnellleiste im explorer taucht zwischen "musik" und "videos" "Subversion" auf...siehe erstes bild...links...das hab ich auch nicht angelegt.

das ist das, was mir im moment auffällt.

ich habe vorher norton internet security installiert gehabt...cbe-edition. bin jetzt auf g-data (auch cbe-edition) umgestiegen. meint ihr, der springer-konzern nutzt diese software, um rechner auszuspähen?

beide sicherheitsoftwares haben aber keine infektion gemeldet.

ich habe malwarebytes antimalware laufen lassen. nichts

dann hijack this:

HiJackthis Logfile:

Code:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 19:09:32, on 16.06.2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17126)

Boot mode: Normal
 

Running processes:

C:\Anwendungen\InternetSecurity\AVKTray\AVKTray.exe

C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe

C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe

C:\Anwendungen\Virtual CD v10\System\VC10Play.exe

C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Anwendungen\Acrobat 11.0\Acrobat\acrotray.exe

C:\Anwendungen\Virtual CD v10\System\VC10Tray.exe

C:\Anwendungen\Skype\Phone\Skype.exe

C:\Users\MarzipanFerkel\Desktop\O-Gaming Stuff\YouScreen.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\Wireless Network Watcher\WNetWatcher.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Anwendungen\SRWare Iron\chrome.exe

C:\Users\MarzipanFerkel\Desktop\Anwendungen\HiJackThis204.exe
 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = www.google.com

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll

O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL

O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll

O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [Gaming Mouse] "C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe" /hide

O4 - HKLM\..\Run: [VC10Player] C:\Anwendungen\Virtual CD v10\System\VC10Play.exe

O4 - HKLM\..\Run: [GDFirewallTray] C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe

O4 - HKLM\..\Run: [G Data ASM] "C:\Anwendungen\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Anwendungen\Acrobat 11.0\Acrobat\Acrotray.exe"

O4 - Startup: Verbatim GREEN BUTTON.lnk = C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe

O8 - Extra context menu item: An OneNote s&enden - res://C:\ANWEND~1\MICROS~1\Office15\ONBttnIE.dll/105

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\ANWEND~1\MICROS~1\Office15\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll

O9 - Extra button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra 'Tools' menuitem: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll

O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Anwendungen\ICQ7.5\ICQ.exe

O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Anwendungen\ICQ7.5\ICQ.exe

O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL

O20 - AppInit_DLLs:  c:\windows\syswow64\nvinit.dll,  C:\Windows\SysWOW64\nvinit.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Anwendungen\InternetSecurity\AVK\AVKService.exe

O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe

O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe

O23 - Service: Dragon Age: Origins - Inhaltsupdater (DAUpdaterSvc) - Unknown owner - C:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe (file missing)

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: G Data Personal Firewall (GDFwSvc) - G Data Software AG - C:\Anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe

O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\Windows\runservice.exe

O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Anwendungen\Defrag\oodag.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Anwendungen\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

O23 - Service: Updater Service - Acer Group - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Virtual CD v10 Management Service (VC10SecS) - H+H Software GmbH - C:\Anwendungen\Virtual CD v10\System\VC10SecS.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 

--

End of file - 15179 bytes

--- --- ---

mich stört eben dieses _MSBROWSE_ was ich gerade entdeckt habe:

hxxp://www.boerse.bz/hard-software/sicherheit-und-anonymitaet/1830819-msbrowse.html

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ich hab mal ein paar persönliche namen und dateien unkenntlich gemacht...da wird ja wirklich alles aufgelistet :eek:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014

Ran by XXX (administrator) on XXX9 on 16-06-2014 20:17:53

Running from C:\Users\XXX\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe

(G Data Software AG) C:\Anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe

(G Data Software AG) C:\Anwendungen\InternetSecurity\AVK\AVKService.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

() C:\Windows\Runservice.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(O&O Software GmbH) C:\Anwendungen\Defrag\oodag.exe

(TuneUp Software) C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe

(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(H+H Software GmbH) C:\Anwendungen\Virtual CD v10\System\VC10SecS.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(G Data Software AG) C:\Anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe

(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(TuneUp Software) C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe

(G Data Software AG) C:\Anwendungen\InternetSecurity\AVKTray\AVKTray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe

(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

(Verbatim) C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

() C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe

(H+H Software GmbH) C:\Anwendungen\Virtual CD v10\System\VC10Play.exe

(G Data Software AG) C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(Adobe Systems Inc.) C:\Anwendungen\Acrobat 11.0\Acrobat\acrotray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(H+H Software GmbH) C:\Anwendungen\Virtual CD v10\System\vc10tray.exe

(Skype Technologies S.A.) C:\Anwendungen\Skype\Phone\Skype.exe

() C:\Users\XXX\Desktop\O-Gaming Stuff\YouScreen.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

(SRWare) C:\Anwendungen\SRWare Iron\chrome.exe

() C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepolisBot2.exe

() C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepolisBot2.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)

HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)

HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1179576 2014-02-05] (NVIDIA Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)

HKLM-x32\...\Run: [Gaming Mouse] => C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe [1306624 2009-09-30] ()

HKLM-x32\...\Run: [VC10Player] => C:\Anwendungen\Virtual CD v10\System\VC10Play.exe [411976 2011-05-20] (H+H Software GmbH)

HKLM-x32\...\Run: [GDFirewallTray] => C:\Anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)

HKLM-x32\...\Run: [G Data ASM] => C:\Anwendungen\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)

HKLM-x32\...\Run: [Adobe ARM] => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Anwendungen\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)

HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Anwendungen\InternetSecurity\AVKTray\AVKTray.exe

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db06e-a5ce-11e0-8e63-1c7508461236} - G:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db075-a5ce-11e0-8e63-1c7508461236} - I:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db0a8-a5ce-11e0-8e63-1c7508461236} - G:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db0aa-a5ce-11e0-8e63-1c7508461236} - G:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {1f1db0ad-a5ce-11e0-8e63-1c7508461236} - H:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {79e9bbea-c377-11e0-97c9-1c7508461236} - H:\LGAutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {a7d8b4f2-5772-11e0-8658-1c7508461236} - E:\setup.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {d10e2075-5cf7-11e0-a02f-1c7508461236} - G:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {d10e2079-5cf7-11e0-a02f-1c7508461236} - G:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {ef337489-ac81-11e0-82fb-1c7508461236} - G:\AutoRun.exe

HKU\S-1-5-21-123853454-3869190695-3295914358-1002\...\MountPoints2: {ef33748d-ac81-11e0-82fb-1c7508461236} - G:\AutoRun.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)

AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

Startup: C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verbatim GREEN BUTTON.lnk

ShortcutTarget: Verbatim GREEN BUTTON.lnk -> C:\Anwendungen\GREEN BUTTON\GREEN BUTTON.exe (Verbatim)

BootExecute: autocheck autochk * OODBS
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.google.de/

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKCU - DefaultScope {43A38C7F-A448-4B05-AB15-E35F48D8AAD1} URL = hxxp://www.google.de/search?q={searchTerms}

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {351619BE-1546-4D08-BF21-9C15FCD0D65B} URL = hxxp://www.computerbild.de/suche/index.html?s_text={searchTerms}

SearchScopes: HKCU - {43A38C7F-A448-4B05-AB15-E35F48D8AAD1} URL = hxxp://www.google.de/search?q={searchTerms}

SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 

SearchScopes: HKCU - {9DD1A6C5-E41C-43E9-B6E4-129A9FEF5DEC} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Anwendungen\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Anwendungen\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Anwendungen\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab

Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Anwendungen\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 

FireFox:

========

FF ProfilePath: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default

FF DefaultSearchEngine: Google Deutschland

FF SelectedSearchEngine: Google Deutschland

FF Keyword.URL: hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q=

FF NetworkProxy: "backup.ftp", "173.201.95.24"

FF NetworkProxy: "backup.ftp_port", 80

FF NetworkProxy: "backup.socks", "173.201.95.24"

FF NetworkProxy: "backup.socks_port", 80

FF NetworkProxy: "backup.ssl", "173.201.95.24"

FF NetworkProxy: "backup.ssl_port", 80

FF NetworkProxy: "ftp", "192.227.139.215"

FF NetworkProxy: "ftp_port", 8080

FF NetworkProxy: "http", "192.227.139.215"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "share_proxy_settings", true

FF NetworkProxy: "socks", "192.227.139.215"

FF NetworkProxy: "socks_port", 8080

FF NetworkProxy: "socks_version", 4

FF NetworkProxy: "ssl", "192.227.139.215"

FF NetworkProxy: "ssl_port", 8080

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\ANWEND~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Anwendungen\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Anwendungen\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Acrobat - C:\Anwendungen\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\XXX\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\XXX\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF user.js: detected! => C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\user.js

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)

FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland---auf-deutsch.xml

FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland---aus-deutschland.xml

FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland---nicht-personalisiert.xml

FF SearchPlugin: C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\searchplugins\google-deutschland.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml

FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\donottrackplus@abine.com [2014-06-12]

FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65} [2012-09-16]

FF Extension: WOT - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-16]

FF Extension: DownloadHelper - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-01]

FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\admin@proxy-listen.de.xpi [2014-05-01]

FF Extension: Firebug - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\firebug@software.joehewitt.com.xpi [2013-08-02]

FF Extension: Flagfox - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-12]

FF Extension: ScrapBook - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{53A03D43-5363-4669-8190-99061B2DEBA5}.xpi [2013-08-02]

FF Extension: NoScript - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-08-02]

FF Extension: Adblock Plus - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-02]

FF Extension: DownThemAll! - C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-02]

FF Extension: Adobe Acrobat - Create PDF - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-08]

FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\html5video

FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\html5video [2011-02-19]

FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\wpa

FF Extension: DivX HiQ - C:\Anwendungen\DivX\DivX Plus Web Player\firefox\wpa [2011-02-19]

FF HKLM-x32\...\Firefox\Extensions: [ocr@babylon.com] - C:\Anwendungen\Babylon-Pro\Utils\ocr@babylon.com

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-06-08]

FF StartMenuInternet: FIREFOX.EXE - C:\Anwendungen\Mozilla Firefox\firefox.exe
 

Chrome: 

=======

CHR DefaultSearchURL: hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t

CHR Plugin: (Shockwave Flash) - C:\Users\XXX\AppData\Local\Google\Chrome\Application\24.0.1312.56\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Anwendungen\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Anwendungen\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Anwendungen\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (Adobe Acrobat) - C:\Anwendungen\Mozilla Firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File

CHR Plugin: (DivX Web Player) - C:\Anwendungen\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL No File

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\XXX\AppData\Local\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\XXX\AppData\Local\Google\Chrome\Application\24.0.1312.56\pdf.dll ()

CHR Plugin: (DivX VOD Helper Plug-in) - C:\Anwendungen\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

CHR Plugin: (VLC Multimedia Plug-in) - C:\Anwendungen\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Users\XXX\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File

CHR Plugin: (Default Plug-in) - default_plugin No File

CHR Extension: (Adblock Plus) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2011-11-21]

CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-06-09]

CHR Extension: (DivX HiQ) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2011-09-15]

CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-09-15]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Anwendungen\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]

CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Anwendungen\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]

CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [2012-09-20]

CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Anwendungen\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]
 

==================== Services (Whitelisted) =================
 

Locked "vdrv1000" service was unlocked successfully. <===== ATTENTION
 

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)

R2 AVKService; C:\Anwendungen\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)

R2 AVKWCtl; C:\Anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)

S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)

R3 GDFwSvc; C:\Anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)

R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)

R2 LicCtrlService; C:\Windows\runservice.exe [2560 2012-11-19] () [File not signed]

S4 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)

S4 nTuneService; C:\Anwendungen\nTune\nTuneService.exe [276584 2010-03-22] (NVIDIA)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)

R2 OODefragAgent; C:\Anwendungen\Defrag\oodag.exe [3140424 2010-09-30] (O&O Software GmbH)

S2 SkypeUpdate; C:\Anwendungen\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

S4 TGCM_ImportWiFiSvc; C:\Anwendungen\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)

R2 TuneUp.UtilitiesSvc; C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [1974080 2010-10-26] (TuneUp Software)

S4 UpdateCenterService; C:\Anwendungen\System Update\UpdateCenterService.exe [282728 2009-11-06] (NVIDIA)

R2 VC10SecS; C:\Anwendungen\Virtual CD v10\System\VC10SecS.exe [144712 2011-05-20] (H+H Software GmbH)

S3 DAUpdaterSvc; C:\Spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [X]
 

==================== Drivers (Whitelisted) ====================
 

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-03-09] ()

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-06-06] (G Data Software AG)

R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-06-06] (G Data Software AG)

R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-06-06] (G Data Software AG)

R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-06-06] (G Data Software AG)

R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-06-07] (G Data Software)

S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)

R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-06-06] (G Data Software AG)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-03-09] ()

S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2009-02-03] (ZTE Incorporated)

R3 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

R3 SjtWinIo; C:\Windows\System32\DRIVERS\SjtWinIo.sys [9216 2011-01-23] (SpeedJet Technology INC.)

R1 SLEE_17_DRIVER; C:\Windows\Sleen1764.sys [108256 2010-02-17] (Softwareentwicklung Remus - ArchiCrypt - )

S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [34040 2011-10-05] (Windows (R) Win 7 DDK provider)

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-01-22] () [File not signed]

R3 TuneUpUtilitiesDrv; C:\Anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-10-07] (TuneUp Software)

R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2011-04-19] (H+H Software GmbH)

S3 ALSysIO; \??\C:\Users\MARZIP~1\AppData\Local\Temp\ALSysIO64.sys [X]

S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]

S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]

S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]

S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]

S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]

S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-06-16 20:17 - 2014-06-16 20:21 - 00032859 _____ () C:\Users\XXX\Downloads\FRST.txt

2014-06-16 20:17 - 2014-06-16 20:18 - 00000000 ____D () C:\FRST

2014-06-16 20:16 - 2014-06-16 20:16 - 02081280 _____ (Farbar) C:\Users\XXX\Downloads\FRST64.exe

2014-06-16 18:32 - 2014-06-16 18:32 - 00000000 ____D () C:\Users\XXX\AppData\Local\Adobe

2014-06-15 15:43 - 2014-06-15 15:43 - 07374613 _____ () C:\Users\XXX\Downloads\sherlock_lost_files_serrated.zip

2014-06-15 15:29 - 2014-06-15 15:30 - 04200000 _____ () C:\Users\XXX\Downloads\holmes.part1.zip

2014-06-15 15:29 - 2014-06-15 15:30 - 02982576 _____ () C:\Users\XXX\Downloads\holmes.part2.zip

2014-06-14 23:51 - 2014-06-14 23:51 - 02380600 _____ () C:\Users\XXX\Downloads\24681_game_extra_1.zip

2014-06-14 23:35 - 2014-06-14 23:35 - 02217975 _____ () C:\Users\XXX\Downloads\Wizzardry7.zip

2014-06-14 21:06 - 2014-06-14 21:06 - 01694763 _____ () C:\Users\XXX\Downloads\civ.zip

2014-06-14 21:00 - 2014-06-14 21:00 - 01802770 _____ () C:\Users\XXX\Downloads\civilization (1).zip

2014-06-14 20:59 - 2014-06-14 20:59 - 01802770 _____ () C:\Users\XXX\Downloads\civilization.zip

2014-06-11 18:33 - 2014-06-11 18:34 - 00000295 _____ () C:\Users\XXX\Downloads\BK_AUME_000495DE_LC_128_44100_ste_A2A7Y020DG6BFH.adh

2014-06-11 14:32 - 2014-06-16 18:21 - 00000357 _____ () C:\Users\XXX\Desktop\CB1314CD (D) 0 Bytes.lnk

2014-06-11 14:23 - 2014-06-11 14:24 - 00000000 ____D () C:\Users\XXX\Desktop\Dokumente 2014

2014-06-11 13:00 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-11 13:00 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-11 13:00 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-11 13:00 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-11 13:00 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-06-11 13:00 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-11 13:00 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-11 13:00 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-11 13:00 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 13:00 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-11 13:00 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-11 13:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-11 13:00 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-11 13:00 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-11 13:00 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-11 13:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-06-11 13:00 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-11 12:59 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-11 12:59 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-11 12:59 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-11 12:59 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-11 12:59 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-11 12:59 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-11 12:59 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-11 12:59 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-11 12:59 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-11 12:59 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-11 12:59 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-11 12:59 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-11 12:59 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-11 12:59 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-11 12:59 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-11 12:59 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-11 12:59 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-11 12:59 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-11 12:59 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-11 12:59 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-11 12:59 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-11 12:59 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-11 12:59 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-11 12:59 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-11 12:59 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-11 12:59 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-11 12:59 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-11 12:59 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-11 12:59 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-11 12:59 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-11 12:59 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-11 12:59 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-11 12:59 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-11 12:59 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-11 12:59 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-11 12:59 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-11 12:59 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-11 12:59 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-11 12:59 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-11 12:59 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-11 12:59 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-11 12:59 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-11 12:59 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-11 12:59 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-11 12:59 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-11 12:59 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-11 12:59 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-11 12:59 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-11 12:59 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-11 12:57 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-11 12:57 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-09 20:35 - 2014-06-09 20:35 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD

2014-06-09 20:34 - 2014-06-09 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD

2014-06-09 00:31 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-06-09 00:31 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-06-09 00:31 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-06-09 00:31 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-06-09 00:30 - 2014-06-09 00:31 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log

2014-06-09 00:24 - 2014-06-09 00:26 - 00918952 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u60.exe

2014-06-08 16:35 - 2014-06-08 16:40 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk

2014-06-08 16:35 - 2014-06-08 16:40 - 00001959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk

2014-06-08 16:35 - 2014-06-08 16:40 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk

2014-06-07 16:51 - 2014-06-07 16:51 - 00272423 _____ () C:\Users\XXX\Downloads\wifiinfoview160.zip

2014-06-07 16:49 - 2014-06-08 12:42 - 00000000 ____D () C:\Users\XXX\Desktop\274_0706

2014-06-07 16:41 - 2014-06-07 16:42 - 00000000 ____D () C:\Users\XXX\AppData\Local\MetaGeek,_LLC

2014-06-07 16:35 - 2014-06-07 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek

2014-06-07 16:14 - 2014-06-07 16:30 - 04767744 _____ () C:\Users\XXX\Downloads\inSSIDer3121-installer.msi

2014-06-07 15:11 - 2014-06-07 15:11 - 00304384 _____ () C:\Users\XXX\Downloads\wnetwatcher_setup.exe

2014-06-07 15:11 - 2014-06-07 15:11 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher

2014-06-07 14:52 - 2014-06-07 14:55 - 00710040 _____ () C:\Users\XXX\Downloads\download-wireless-watch.exe

2014-06-07 14:29 - 2014-06-07 14:29 - 00000000 ____D () C:\Users\XXX\Desktop\backups

2014-06-07 14:23 - 2014-06-07 14:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HiJackThis204 (1).exe

2014-06-07 07:31 - 2014-06-07 07:31 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys

2014-06-07 07:31 - 2014-06-07 07:31 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys

2014-06-06 20:23 - 2014-06-06 20:23 - 00000000 ___HD () C:\MyWinLockerData

2014-06-06 19:33 - 2014-06-06 19:33 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys

2014-06-06 19:33 - 2014-06-06 19:33 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-06-06 19:33 - 2014-06-06 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE

2014-06-06 19:32 - 2014-06-06 19:32 - 00000000 _____ () C:\Users\XXX\AppData\Roaming\gdfw.log

2014-06-06 19:31 - 2014-06-06 19:31 - 00135168 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-06-06 19:31 - 2014-06-06 19:31 - 00065024 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys

2014-06-06 19:31 - 2014-06-06 19:31 - 00057344 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-06-06 19:31 - 2014-06-06 19:31 - 00000779 _____ () C:\Users\XXX\AppData\Roaming\gdscan.log

2014-06-06 19:14 - 2014-06-06 20:15 - 00000000 ____D () C:\ProgramData\G Data

2014-06-05 23:04 - 2014-06-05 23:04 - 05128525 _____ () C:\Users\XXX\Downloads\hexuma_man.7z

2014-06-05 22:51 - 2014-06-05 22:51 - 01792866 _____ () C:\Users\XXX\Downloads\hexuma-das-auge-des-kal.zip

2014-06-05 18:56 - 2014-06-05 22:03 - 00000000 ____D () C:\Users\XXX\Documents\panzertacticshd

2014-06-05 18:06 - 2014-06-05 18:15 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-05 18:02 - 2014-06-05 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games

2014-06-05 12:31 - 2014-06-05 13:24 - 401627384 _____ () C:\Users\XXX\Downloads\XXX

2014-06-03 23:15 - 2014-06-03 23:16 - 07256099 _____ () C:\Users\XXX\Downloads\on-the-ball-world-cup-edition.zip

2014-06-02 23:46 - 2014-06-02 23:48 - 42015633 _____ () C:\Users\XXX\Downloads\ADC_Series_EyeOfTheBeholder.7z

2014-06-02 23:01 - 2014-06-02 23:04 - 55482340 _____ () C:\Users\XXX\Downloads\ADC_Series_Ishar.7z

2014-06-02 15:28 - 2014-06-02 15:31 - 48609097 _____ () C:\Users\XXX\Downloads\ADC_Series_Thalion.7z

2014-06-02 15:26 - 2014-06-02 15:26 - 05672195 _____ () C:\Users\XXX\Downloads\ADC_!base!.7z

2014-06-02 13:06 - 2014-06-02 14:09 - 00000000 ____D () C:\Users\XXX\Desktop\273_0206

2014-06-01 17:34 - 2014-06-01 17:34 - 00000717 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order.lnk

2014-06-01 10:23 - 2014-06-01 10:26 - 00000000 ____D () C:\Users\XXX\Desktop\Bilder

2014-06-01 10:20 - 2014-06-01 10:20 - 00106031 _____ () C:\Users\XXX\Downloads\usbdeview-x64.zip

2014-06-01 01:36 - 2014-06-16 18:19 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS

2014-06-01 01:36 - 2014-06-16 18:19 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job

2014-05-30 13:24 - 2014-05-30 13:24 - 01250152 _____ () C:\Users\XXX\Downloads\Amberstar.zip

2014-05-29 21:40 - 2014-05-29 21:43 - 07355793 _____ () C:\Users\XXX\Downloads\aorCampaignsPack.rar

2014-05-29 21:37 - 2014-05-29 21:43 - 28245690 _____ () C:\Users\XXX\Downloads\aorScenariosPack.rar

2014-05-29 20:38 - 2014-05-29 20:38 - 01821774 _____ () C:\Users\XXX\Downloads\wargame-construction-set-ii-tanks.zip

2014-05-29 19:22 - 2014-05-29 19:23 - 09308413 _____ () C:\Users\XXX\Downloads\sid-meiers-railroad-tycoon-deluxe.zip

2014-05-29 18:34 - 2014-05-29 18:34 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\NVIDIA

2014-05-29 18:32 - 2014-05-29 18:33 - 04857538 _____ () C:\Users\XXX\Downloads\lords-of-the-realm.zip

2014-05-29 16:05 - 2014-05-29 16:05 - 02702643 _____ () C:\Users\XXX\Downloads\empire-deluxe.zip

2014-05-29 12:51 - 2014-05-29 12:52 - 08214483 _____ () C:\Users\XXX\Downloads\empire-ii-the-art-of-war.zip

2014-05-29 12:10 - 2014-05-29 12:10 - 04007747 _____ () C:\Users\XXX\Downloads\dune-ii-the-building-of-a-dynasty.zip

2014-05-29 11:59 - 2014-05-29 12:00 - 13858942 _____ () C:\Users\XXX\Downloads\crusade.zip

2014-05-29 11:27 - 2014-05-29 11:27 - 09658277 _____ () C:\Users\XXX\Downloads\crisis-in-the-kremlin.zip

2014-05-29 11:20 - 2014-05-29 11:20 - 01009024 _____ () C:\Users\XXX\Downloads\clash-of-steel-world-war-ii-europe-1939-45.zip

2014-05-29 11:10 - 2014-05-29 11:10 - 00475637 _____ () C:\Users\XXX\Downloads\bush-buck-global-treasure-hunter.zip

2014-05-29 10:20 - 2014-05-29 10:21 - 14769279 _____ () C:\Users\XXX\Downloads\Windows 3 for DOSBox.rar

2014-05-29 10:09 - 2014-05-29 10:09 - 00134198 _____ () C:\Users\XXX\Downloads\balance-of-power-the-1990-edition.zip

2014-05-28 18:53 - 2014-05-28 18:54 - 15259203 _____ () C:\Users\XXX\Downloads\fmc_db_mp_europa (2).exe

2014-05-27 20:03 - 2014-05-27 20:03 - 00000000 ____D () C:\Users\XXX\Documents\FIFA MANAGER 13

2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grandy Games

2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandy Games

2014-05-24 22:01 - 2000-05-16 10:40 - 00083968 _____ () C:\Windows\UnGins.exe

2014-05-24 22:01 - 2000-03-07 00:00 - 00473600 _____ () C:\Windows\SysWOW64\Harmony.dll

2014-05-24 22:01 - 2000-03-07 00:00 - 00237568 _____ () C:\Windows\SysWOW64\Unlha32.dll

2014-05-24 11:59 - 2014-05-24 11:59 - 00196754 _____ () C:\Users\XXX\Downloads\msvcp110.zip

2014-05-23 11:17 - 2014-05-23 11:19 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

2014-05-23 11:11 - 2014-05-23 11:11 - 00921512 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u55.exe

2014-05-18 10:55 - 2014-05-18 10:55 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

2014-05-18 10:48 - 2014-05-18 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo

2014-05-18 10:45 - 2014-05-18 10:46 - 02773664 _____ (Crystal Dew World ) C:\Users\XXX\Downloads\CrystalDiskInfo6_1_12-en.exe

2014-05-17 00:42 - 2014-05-17 00:42 - 02296616 _____ () C:\Users\XXX\Downloads\GrepolisBot2_v2.61.0.1.zip
 

==================== One Month Modified Files and Folders =======
 

2014-06-16 20:22 - 2012-11-24 21:32 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Skype

2014-06-16 20:21 - 2014-06-16 20:17 - 00032859 _____ () C:\Users\XXX\Downloads\FRST.txt

2014-06-16 20:21 - 2011-01-22 17:15 - 00000000 ____D () C:\Users\XXX\AppData\Local\Temp

2014-06-16 20:18 - 2014-06-16 20:17 - 00000000 ____D () C:\FRST

2014-06-16 20:16 - 2014-06-16 20:16 - 02081280 _____ (Farbar) C:\Users\XXX\Downloads\FRST64.exe

2014-06-16 19:27 - 2013-11-08 01:17 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-16 19:09 - 2011-02-05 04:13 - 00000000 ___RD () C:\Users\XXX\Desktop\Anwendungen

2014-06-16 18:32 - 2014-06-16 18:32 - 00000000 ____D () C:\Users\XXX\AppData\Local\Adobe

2014-06-16 18:24 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-16 18:24 - 2009-07-14 06:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-16 18:21 - 2014-06-11 14:32 - 00000357 _____ () C:\Users\XXX\Desktop\CB1314CD (D) 0 Bytes.lnk

2014-06-16 18:21 - 2011-01-04 02:32 - 01190413 _____ () C:\Windows\WindowsUpdate.log

2014-06-16 18:19 - 2014-06-01 01:36 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS

2014-06-16 18:19 - 2014-06-01 01:36 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job

2014-06-16 18:18 - 2012-11-19 03:53 - 00000849 ___SH () C:\Windows\SysWOW64\mmf.sys

2014-06-16 18:18 - 2009-07-14 06:51 - 00130980 _____ () C:\Windows\setupact.log

2014-06-16 18:17 - 2011-03-21 15:22 - 00455918 _____ () C:\Windows\system32\oodbs.lor

2014-06-16 18:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-16 17:59 - 2011-02-11 21:16 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{06B47730-2E11-4EAC-860F-3E454C1893A3}

2014-06-16 15:45 - 2013-10-20 20:32 - 00000000 ____D () C:\Users\XXX\AppData\Local\JDownloader v2.0

2014-06-16 09:55 - 2011-01-04 11:23 - 00710750 _____ () C:\Windows\system32\perfh007.dat

2014-06-16 09:55 - 2011-01-04 11:23 - 00155048 _____ () C:\Windows\system32\perfc007.dat

2014-06-16 09:55 - 2009-07-14 07:13 - 01651678 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-06-16 00:42 - 2013-05-06 01:17 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Spotify

2014-06-15 15:43 - 2014-06-15 15:43 - 07374613 _____ () C:\Users\XXX\Downloads\sherlock_lost_files_serrated.zip

2014-06-15 15:30 - 2014-06-15 15:29 - 04200000 _____ () C:\Users\XXX\Downloads\holmes.part1.zip

2014-06-15 15:30 - 2014-06-15 15:29 - 02982576 _____ () C:\Users\XXX\Downloads\holmes.part2.zip

2014-06-14 23:51 - 2014-06-14 23:51 - 02380600 _____ () C:\Users\XXX\Downloads\24681_game_extra_1.zip

2014-06-14 23:35 - 2014-06-14 23:35 - 02217975 _____ () C:\Users\XXX\Downloads\Wizzardry7.zip

2014-06-14 21:31 - 2011-02-04 13:28 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-06-14 21:06 - 2014-06-14 21:06 - 01694763 _____ () C:\Users\XXX\Downloads\civ.zip

2014-06-14 21:00 - 2014-06-14 21:00 - 01802770 _____ () C:\Users\XXX\Downloads\civilization (1).zip

2014-06-14 20:59 - 2014-06-14 20:59 - 01802770 _____ () C:\Users\XXX\Downloads\civilization.zip

2014-06-13 20:47 - 2011-04-28 16:31 - 00000000 ____D () C:\Users\XXX\Desktop\XXX

2014-06-12 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-06-11 19:34 - 2013-01-12 05:54 - 00000000 ____D () C:\Windows\rescache

2014-06-11 18:48 - 2013-01-07 02:19 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\vlc

2014-06-11 18:34 - 2014-06-11 18:33 - 00000295 _____ () C:\Users\XXX\Downloads\BK_AUME_000495DE_LC_128_44100_ste_A2A7Y020DG6BFH.adh

2014-06-11 14:24 - 2014-06-11 14:23 - 00000000 ____D () C:\Users\XXX\Desktop\Dokumente 2014

2014-06-11 14:06 - 2013-09-16 03:54 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-11 14:00 - 2014-04-24 01:07 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

2014-06-11 14:00 - 2011-05-15 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-06-11 14:00 - 2011-02-11 12:55 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-06-11 13:51 - 2014-04-27 10:33 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-06-11 13:36 - 2012-11-02 17:41 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Canon

2014-06-10 20:25 - 2011-03-16 00:43 - 00000000 ____D () C:\Users\XXX\Documents\DAModder

2014-06-09 20:39 - 2011-02-05 04:13 - 00000000 ___RD () C:\Users\XXX\Desktop\Spiele

2014-06-09 20:35 - 2014-06-09 20:35 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD

2014-06-09 20:34 - 2014-06-09 20:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD

2014-06-09 11:59 - 2012-10-29 01:08 - 00000000 ____D () C:\Users\XXX\AppData\Local\CrashDumps

2014-06-09 10:47 - 2009-07-14 06:45 - 04998952 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-06-09 10:42 - 2011-01-04 02:29 - 02261914 _____ () C:\Windows\PFRO.log

2014-06-09 00:32 - 2013-10-27 10:52 - 00000000 ____D () C:\ProgramData\Oracle

2014-06-09 00:31 - 2014-06-09 00:30 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log

2014-06-09 00:31 - 2013-07-04 19:42 - 00000000 ____D () C:\Program Files (x86)\Java

2014-06-09 00:26 - 2014-06-09 00:24 - 00918952 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u60.exe

2014-06-08 21:25 - 2011-01-22 17:16 - 00112720 _____ () C:\Users\XXX\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-08 16:51 - 2011-05-30 22:38 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-06-08 16:40 - 2014-06-08 16:35 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk

2014-06-08 16:40 - 2014-06-08 16:35 - 00001959 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk

2014-06-08 16:40 - 2014-06-08 16:35 - 00001798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk

2014-06-08 16:34 - 2011-01-22 23:46 - 00000000 ____D () C:\Anwendungen

2014-06-08 16:23 - 2010-08-30 11:26 - 00000000 ____D () C:\ProgramData\Adobe

2014-06-08 14:13 - 2014-04-16 09:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-08 14:06 - 2010-08-30 11:25 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-08 12:42 - 2014-06-07 16:49 - 00000000 ____D () C:\Users\XXX\Desktop\274_0706

2014-06-08 11:13 - 2014-06-11 12:57 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-06-08 11:08 - 2014-06-11 12:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-06-08 10:19 - 2012-11-24 21:31 - 00000000 ____D () C:\ProgramData\Skype

2014-06-07 22:29 - 2011-03-20 04:07 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\TuneUp Software

2014-06-07 21:06 - 2013-08-18 02:09 - 00000000 ____D () C:\Users\XXX\Documents\Calibre-Bibliothek

2014-06-07 16:51 - 2014-06-07 16:51 - 00272423 _____ () C:\Users\XXX\Downloads\wifiinfoview160.zip

2014-06-07 16:42 - 2014-06-07 16:41 - 00000000 ____D () C:\Users\XXX\AppData\Local\MetaGeek,_LLC

2014-06-07 16:36 - 2014-06-07 16:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek

2014-06-07 16:30 - 2014-06-07 16:14 - 04767744 _____ () C:\Users\XXX\Downloads\inSSIDer3121-installer.msi

2014-06-07 15:11 - 2014-06-07 15:11 - 00304384 _____ () C:\Users\XXX\Downloads\wnetwatcher_setup.exe

2014-06-07 15:11 - 2014-06-07 15:11 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher

2014-06-07 14:55 - 2014-06-07 14:52 - 00710040 _____ () C:\Users\XXX\Downloads\download-wireless-watch.exe

2014-06-07 14:29 - 2014-06-07 14:29 - 00000000 ____D () C:\Users\XXX\Desktop\backups

2014-06-07 14:23 - 2014-06-07 14:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\XXX\Downloads\HiJackThis204 (1).exe

2014-06-07 07:37 - 2011-06-01 18:38 - 00000000 ____D () C:\ProgramData\Rosetta Stone

2014-06-07 07:31 - 2014-06-07 07:31 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys

2014-06-07 07:31 - 2014-06-07 07:31 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys

2014-06-07 07:16 - 2013-12-22 22:05 - 00000000 ____D () C:\Program Files (x86)\Mobogenie

2014-06-06 21:45 - 2011-11-28 19:35 - 00000000 ____D () C:\Users\XXX\AppData\Local\Audible

2014-06-06 20:23 - 2014-06-06 20:23 - 00000000 ___HD () C:\MyWinLockerData

2014-06-06 20:23 - 2010-08-30 11:24 - 00000000 ____D () C:\Program Files (x86)\EgisTec MyWinLocker

2014-06-06 20:15 - 2014-06-06 19:14 - 00000000 ____D () C:\ProgramData\G Data

2014-06-06 19:33 - 2014-06-06 19:33 - 00068608 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys

2014-06-06 19:33 - 2014-06-06 19:33 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys

2014-06-06 19:33 - 2014-06-06 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE

2014-06-06 19:32 - 2014-06-06 19:32 - 00000000 _____ () C:\Users\XXX\AppData\Roaming\gdfw.log

2014-06-06 19:31 - 2014-06-06 19:31 - 00135168 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys

2014-06-06 19:31 - 2014-06-06 19:31 - 00065024 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys

2014-06-06 19:31 - 2014-06-06 19:31 - 00057344 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys

2014-06-06 19:31 - 2014-06-06 19:31 - 00000779 _____ () C:\Users\XXX\AppData\Roaming\gdscan.log

2014-06-06 19:31 - 2011-01-04 02:49 - 00006754 _____ () C:\Windows\DPINST.LOG

2014-06-06 18:26 - 2011-10-25 17:19 - 00000000 ____D () C:\ProgramData\Norton

2014-06-05 23:04 - 2014-06-05 23:04 - 05128525 _____ () C:\Users\XXX\Downloads\hexuma_man.7z

2014-06-05 22:51 - 2014-06-05 22:51 - 01792866 _____ () C:\Users\XXX\Downloads\hexuma-das-auge-des-kal.zip

2014-06-05 22:03 - 2014-06-05 18:56 - 00000000 ____D () C:\Users\XXX\Documents\panzertacticshd

2014-06-05 18:56 - 2011-03-24 21:37 - 00000000 ____D () C:\Users\XXX\AppData\Local\SKIDROW

2014-06-05 18:15 - 2014-06-05 18:06 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-05 18:02 - 2014-06-05 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bitComposer Games

2014-06-05 13:24 - 2014-06-05 12:31 - 401627384 _____ () C:\Users\XXX\Downloads\XXX

2014-06-04 22:06 - 2014-04-16 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-03 23:16 - 2014-06-03 23:15 - 07256099 _____ () C:\Users\XXX\Downloads\on-the-ball-world-cup-edition.zip

2014-06-03 02:43 - 2013-09-11 17:29 - 00000000 ____D () C:\Users\XXX\Desktop\O-Gaming Stuff

2014-06-02 23:48 - 2014-06-02 23:46 - 42015633 _____ () C:\Users\XXX\Downloads\ADC_Series_EyeOfTheBeholder.7z

2014-06-02 23:47 - 2013-05-06 01:22 - 00000000 ____D () C:\Users\XXX\AppData\Local\Spotify

2014-06-02 23:04 - 2014-06-02 23:01 - 55482340 _____ () C:\Users\XXX\Downloads\ADC_Series_Ishar.7z

2014-06-02 15:31 - 2014-06-02 15:28 - 48609097 _____ () C:\Users\XXX\Downloads\ADC_Series_Thalion.7z

2014-06-02 15:26 - 2014-06-02 15:26 - 05672195 _____ () C:\Users\XXX\Downloads\ADC_!base!.7z

2014-06-02 14:09 - 2014-06-02 13:06 - 00000000 ____D () C:\Users\XXX\Desktop\273_0206

2014-06-01 17:34 - 2014-06-01 17:34 - 00000717 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wolfenstein The New Order.lnk

2014-06-01 16:59 - 2011-01-22 22:20 - 00000000 ____D () C:\Spiele

2014-06-01 10:27 - 2011-02-05 04:14 - 00000000 ___RD () C:\Users\XXX\Desktop\XXX

2014-06-01 10:26 - 2014-06-01 10:23 - 00000000 ____D () C:\Users\XXX\Desktop\Bilder

2014-06-01 10:20 - 2014-06-01 10:20 - 00106031 _____ () C:\Users\XXX\Downloads\usbdeview-x64.zip

2014-05-30 13:24 - 2014-05-30 13:24 - 01250152 _____ () C:\Users\XXX\Downloads\Amberstar.zip

2014-05-30 12:21 - 2014-06-11 12:59 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-30 12:02 - 2014-06-11 12:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-30 12:02 - 2014-06-11 12:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-05-30 11:45 - 2014-06-11 12:59 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-05-30 11:39 - 2014-06-11 12:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-05-30 11:39 - 2014-06-11 12:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-05-30 11:38 - 2014-06-11 12:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-05-30 11:28 - 2014-06-11 12:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-05-30 11:27 - 2014-06-11 12:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-05-30 11:24 - 2014-06-11 12:59 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-05-30 11:21 - 2014-06-11 12:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-05-30 11:21 - 2014-06-11 12:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-05-30 11:20 - 2014-06-11 12:59 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-05-30 11:18 - 2014-06-11 12:59 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-30 11:11 - 2014-06-11 12:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-05-30 11:08 - 2014-06-11 12:59 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-05-30 11:06 - 2014-06-11 12:59 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-05-30 11:02 - 2014-06-11 12:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-30 10:55 - 2014-06-11 12:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-05-30 10:49 - 2014-06-11 12:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-05-30 10:46 - 2014-06-11 12:59 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-30 10:44 - 2014-06-11 12:59 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-05-30 10:44 - 2014-06-11 12:59 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-05-30 10:43 - 2014-06-11 12:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-05-30 10:42 - 2014-06-11 13:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-05-30 10:38 - 2014-06-11 12:59 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-05-30 10:35 - 2014-06-11 12:59 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-05-30 10:34 - 2014-06-11 12:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-05-30 10:33 - 2014-06-11 12:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-05-30 10:30 - 2014-06-11 12:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-05-30 10:29 - 2014-06-11 12:59 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-05-30 10:28 - 2014-06-11 12:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-05-30 10:27 - 2014-06-11 13:00 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-05-30 10:24 - 2014-06-11 12:59 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-05-30 10:23 - 2014-06-11 12:59 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-05-30 10:16 - 2014-06-11 12:59 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-05-30 10:10 - 2014-06-11 12:59 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-05-30 10:06 - 2014-06-11 12:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-05-30 10:04 - 2014-06-11 13:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-30 10:02 - 2014-06-11 12:59 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-05-30 09:56 - 2014-06-11 12:59 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-05-30 09:56 - 2014-06-11 12:59 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-05-30 09:54 - 2014-06-11 12:59 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-05-30 09:50 - 2014-06-11 12:59 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-05-30 09:49 - 2014-06-11 12:59 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-05-30 09:43 - 2014-06-11 12:59 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-05-30 09:40 - 2014-06-11 12:59 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-05-30 09:30 - 2014-06-11 12:59 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-05-30 09:21 - 2014-06-11 12:59 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-05-30 09:15 - 2014-06-11 12:59 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-05-30 09:13 - 2014-06-11 12:59 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-05-30 09:13 - 2014-06-11 12:59 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-05-29 21:43 - 2014-05-29 21:40 - 07355793 _____ () C:\Users\XXX\Downloads\aorCampaignsPack.rar

2014-05-29 21:43 - 2014-05-29 21:37 - 28245690 _____ () C:\Users\XXX\Downloads\aorScenariosPack.rar

2014-05-29 20:38 - 2014-05-29 20:38 - 01821774 _____ () C:\Users\XXX\Downloads\wargame-construction-set-ii-tanks.zip

2014-05-29 19:23 - 2014-05-29 19:22 - 09308413 _____ () C:\Users\XXX\Downloads\sid-meiers-railroad-tycoon-deluxe.zip

2014-05-29 18:34 - 2014-05-29 18:34 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\NVIDIA

2014-05-29 18:33 - 2014-05-29 18:32 - 04857538 _____ () C:\Users\XXX\Downloads\lords-of-the-realm.zip

2014-05-29 16:05 - 2014-05-29 16:05 - 02702643 _____ () C:\Users\XXX\Downloads\empire-deluxe.zip

2014-05-29 12:52 - 2014-05-29 12:51 - 08214483 _____ () C:\Users\XXX\Downloads\empire-ii-the-art-of-war.zip

2014-05-29 12:10 - 2014-05-29 12:10 - 04007747 _____ () C:\Users\XXX\Downloads\dune-ii-the-building-of-a-dynasty.zip

2014-05-29 12:00 - 2014-05-29 11:59 - 13858942 _____ () C:\Users\XXX\Downloads\crusade.zip

2014-05-29 11:27 - 2014-05-29 11:27 - 09658277 _____ () C:\Users\XXX\Downloads\crisis-in-the-kremlin.zip

2014-05-29 11:20 - 2014-05-29 11:20 - 01009024 _____ () C:\Users\XXX\Downloads\clash-of-steel-world-war-ii-europe-1939-45.zip

2014-05-29 11:10 - 2014-05-29 11:10 - 00475637 _____ () C:\Users\XXX\Downloads\bush-buck-global-treasure-hunter.zip

2014-05-29 10:21 - 2014-05-29 10:20 - 14769279 _____ () C:\Users\XXX\Downloads\Windows 3 for DOSBox.rar

2014-05-29 10:09 - 2014-05-29 10:09 - 00134198 _____ () C:\Users\XXX\Downloads\balance-of-power-the-1990-edition.zip

2014-05-28 20:12 - 2013-02-20 20:10 - 00000000 ____D () C:\Users\XXX\Documents\FUSSBALL MANAGER 13

2014-05-28 18:54 - 2014-05-28 18:53 - 15259203 _____ () C:\Users\XXX\Downloads\fmc_db_mp_europa (2).exe

2014-05-28 00:00 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-05-27 23:59 - 2012-09-16 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com

2014-05-27 20:07 - 2013-07-03 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts

2014-05-27 20:03 - 2014-05-27 20:03 - 00000000 ____D () C:\Users\XXX\Documents\FIFA MANAGER 13

2014-05-27 19:50 - 2011-01-04 02:59 - 00663779 _____ () C:\Windows\DirectX.log

2014-05-26 22:53 - 2011-01-29 05:01 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grandy Games

2014-05-24 22:05 - 2014-05-24 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grandy Games

2014-05-24 16:54 - 2012-10-09 15:39 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\dvdcss

2014-05-24 11:59 - 2014-05-24 11:59 - 00196754 _____ () C:\Users\XXX\Downloads\msvcp110.zip

2014-05-23 11:19 - 2014-05-23 11:17 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log

2014-05-23 11:11 - 2014-05-23 11:11 - 00921512 _____ (Oracle Corporation) C:\Users\XXX\Downloads\chromeinstall-7u55.exe

2014-05-23 01:17 - 2014-04-27 14:55 - 00000000 ____D () C:\Users\XXX\AppData\Local\NVIDIA

2014-05-20 22:08 - 2011-01-22 17:17 - 00000000 ___RD () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-20 22:08 - 2011-01-22 17:17 - 00000000 ___RD () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-20 21:10 - 2009-07-14 04:34 - 00000489 _____ () C:\Windows\win.ini

2014-05-20 21:05 - 2012-06-26 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron

2014-05-18 11:00 - 2013-01-09 14:14 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\.minecraft

2014-05-18 10:55 - 2014-05-18 10:55 - 00000000 ____D () C:\Users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

2014-05-18 10:48 - 2014-05-18 10:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo

2014-05-18 10:46 - 2014-05-18 10:45 - 02773664 _____ (Crystal Dew World ) C:\Users\XXX\Downloads\CrystalDiskInfo6_1_12-en.exe

2014-05-18 10:36 - 2011-01-04 02:54 - 00000000 ____D () C:\ProgramData\Temp

2014-05-17 00:42 - 2014-05-17 00:42 - 02296616 _____ () C:\Users\XXX\Downloads\GrepolisBot2_v2.61.0.1.zip
 

Some content of TEMP:

====================

C:\Users\XXX\AppData\Local\Temp\card_setup.exe

C:\Users\XXX\AppData\Local\Temp\FileSystemView.dll

C:\Users\XXX\AppData\Local\Temp\gkc.exe

C:\Users\XXX\AppData\Local\Temp\ICReinstall_download-wireless-watch.exe

C:\Users\XXX\AppData\Local\Temp\install_flashplayer13x32_mssd_aaa_aih.exe

C:\Users\XXX\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\XXX\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\XXX\AppData\Local\Temp\ose00000.exe

C:\Users\XXX\AppData\Local\Temp\ose00001.exe

C:\Users\XXX\AppData\Local\Temp\proxy_vole3428219837783867902.dll

C:\Users\XXX\AppData\Local\Temp\proxy_vole6236970837631536634.dll

C:\Users\XXX\AppData\Local\Temp\sfamcc00001.dll

C:\Users\XXX\AppData\Local\Temp\sfextra.dll

C:\Users\XXX\AppData\Local\Temp\Uninstall.exe

C:\Users\XXX\AppData\Local\Temp\vlc-2.1.2-win32.exe

C:\Users\XXX\AppData\Local\Temp\xd510mtr.dll

C:\Users\XXX\AppData\Local\Temp\_isF848.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-06-09 07:06
 

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2014

Ran by XXX at 2014-06-16 20:22:56

Running from C:\Users\XXX\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}

AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
 

==================== Installed Programs ======================
 

7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version:  - )

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

9kw.eu - Installer - Java Plugin für JDownloader (HKLM-x32\...\9kw.eu Java Plugin für JDownloader) (Version:  - 9kw.eu - Captcha Service for the user - captcha solver)

AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)

Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)

Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.5 - Liteon)

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)

Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)

Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden

Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader X (10.1.4) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)

Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)

ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)

Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{75104836-CAC7-444E-A39E-3F54151942F5}) (Version: 4.0.0.97 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arsenal of Democracy 1.04 (HKLM-x32\...\Arsenal of Democracy_is1) (Version:  - GamersGate)

Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)

Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.01 - Ubisoft)

Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)

Assassin's Creed III (HKLM-x32\...\{8B8E431A-A079-4D81-A353-D64BC01E209D}_is1) (Version: 1.01 - RAF)

Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2004368638.48.56.33426802 - Audible, Inc.)

Avira UnErase Personal (HKLM-x32\...\Avira UnErase Personal) (Version:  - )

AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )

Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

BayDesigner - Deinstallation (HKLM-x32\...\BayDesigner_is1) (Version: 1.35 - Mathias Gerlach [aborange.de])

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)

BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden

calibre 64bit (HKLM\...\{AB95F102-936F-4AF5-81AC-6E65E1ED4278}) (Version: 0.9.44 - Kovid Goyal)

Call of Warhammer: Øòîðì Õàîñà 1.4.4 ENG with music (HKLM-x32\...\Call of Warhammer: Total War_is1) (Version:  - Call of Warhammer Team. Ïîðòàë Ñi×ú Total WarS.)

Canon MP Navigator 3.0 (HKLM-x32\...\MP Navigator 3.0) (Version:  - )

Capitalism II (HKLM-x32\...\{75B9B1F8-0F07-11D6-A801-0050FC209733}) (Version:  - )

Civilization.V.GOTY.incl.Gods.and.Kings (HKLM-x32\...\Civilization.V.GOTY.incl.Gods.and.Kings_is1) (Version:  - )

ComicRack v0.9.142 (HKLM\...\ComicRack) (Version: v0.9.142 - cYo Soft)

CoreAVC Professional Edition (remove only) (HKLM-x32\...\CoreAVC Professional Edition) (Version:  - )

CPUID CPU-Z 1.68 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )

Crysis WARHEAD(R) (HKLM-x32\...\Crysis WARHEAD(R)) (Version:  - Electronic Arts)

Crysis WARHEAD(R) (x32 Version: 1.0 - Crytek) Hidden

Crysis® 2 (HKLM-x32\...\{6033673D-2530-4587-8AD0-EB059FC263F9}) (Version: 1.0.0.0 - Electronic Arts)

CrystalDiskInfo 6.1.12 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.12 - Crystal Dew World)

Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)

CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version:  - CyberGhost S.R.L.)

Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AD09282B-E878-4C2C-914D-E67475E4729C}) (Version:  - Microsoft)

Deus Ex (HKLM-x32\...\Deus Ex) (Version:  - )

Deus.Ex.Human.Revolution.Directors.Cut (HKLM-x32\...\RGV1c0V4SHVtYW5SZXZvbHV0aW9uRGlyZWN0b3JzQ3V0_is1) (Version: 1 - )

D-Fend Reloaded 1.0.3 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.3 - Alexander Herzog)

DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)

Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)

Die Gilde Gold Update v. 2.06  (HKLM-x32\...\Die Gilde Gold Update v. 2.06 ) (Version:  - )

Die Gilde Gold-Edition (HKLM-x32\...\Die Gilde Gold-Edition) (Version:  - )

Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.50.56 - Electronic Arts)

Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)

Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)

Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)

Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)

Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)

Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)

Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)

Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)

Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)

Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)

Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)

Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)

Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)

Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)

Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)

Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)

Die*Sims™*3 Erstelle einen Sim (HKLM-x32\...\{89173B88-384A-459B-B687-9C0BBC934EF4}) (Version: 1.0.25 - Electronic Arts)

DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.3.1.2 - DivX, LLC)

Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)

DsaEditor (HKLM-x32\...\DsaEditor) (Version: 0.0.5 - UNKNOWN)

DsaEditor (x32 Version: 0.0.5 - UNKNOWN) Hidden

Duke Nukem Forever (HKLM-x32\...\Duke Nukem Forever_is1) (Version:  - )

Dungeon Keeper 2 (HKLM\...\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb) (Version:  - )

DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)

Eador Masters of the Broken World (HKCU\...\Eador Masters of the Broken World) (Version:  - )

Epub reader (HKLM-x32\...\{739126B3-1C80-4F1F-8D59-312A19633E1A}_is1) (Version:  - )

ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)

Europa Universalis - Rome (HKLM-x32\...\{7FD14A8A-FBCC-4442-ACAC-A0E9EC223AED}) (Version:  - )

Europa Universalis III (HKLM-x32\...\{59C80C5E-8C92-40FF-B910-2BB5C7281F61}) (Version:  - )

Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )

Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)

Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden

Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden

Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)

Fallout New Vegas Ultimate Edition (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version:  - )

FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version:  - )

FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.5.0.0 - Electronic Arts)

Freecom GREEN BUTTON 1.47 (HKLM-x32\...\Freecom GREEN BUTTON_is1) (Version:  - Freecom)

FreeCommander 2009.02b (HKLM-x32\...\FreeCommander_is1) (Version: 2009.02 - Marek Jasinski)

FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.0.0 - Electronic Arts)

G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)

Gaming Mouse (HKLM-x32\...\Gaming Mouse 3) (Version:  - )

GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden

Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)

Google Chrome (HKCU\...\Google Chrome) (Version: 24.0.1312.56 - Google Inc.)

GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)

Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )

HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )

Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)

Heroes of Might and Magic V - Tribes of the East (HKLM-x32\...\{66FF4C48-0083-4E60-8556-B883AB200092}) (Version:  - )

Heroes of Might and Magic V Collector Edition (HKLM-x32\...\{DDB68A90-340C-42B9-B42B-D2CBED1B91DC}) (Version:  - )

HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)

Hitchcock (HKLM-x32\...\{4154A302-1301-1023-2001-415258454C01}) (Version:  - Arxel Tribe)

Honorbuddy (HKCU\...\{69519df4-3d85-4b10-b09a-a1a7a64ab470}) (Version: 2.5.7496.650 - Bossland GmbH)

Honorbuddy (x32 Version: 2.5.7496.650 - Bossland GmbH) Hidden

HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )

HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Ihr Firmenname)

ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)

inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)

iTunes (HKLM\...\{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}) (Version: 10.5.1.42 - Apple Inc.)

Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden

Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.290 - Oracle)

JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

JDownloader (HKLM-x32\...\JDownloader) (Version:  - AppWork UG (haftungsbeschränkt))

JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)

Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

King's Bounty Crossworlds (HKLM-x32\...\{A3DA7AB8-4A9A-4F86-BA33-9C61B6CE082A}) (Version: 1.31 - 1C Company)

Lands Of Lore 1 and 2 (HKLM-x32\...\Lands Of Lore 1 and 2_is1) (Version:  - GOG.com)

Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.14 - Acer Inc.)

LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)

LogiEdit (remove only) (HKLM-x32\...\LogiEdit) (Version:  - )

Lotto-Check (HKCU\...\022f67d83d91b1c6) (Version: 1.1.0.19 - LottoCheck)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Maniac Mansion Deluxe (HKLM-x32\...\Maniac Mansion Deluxe) (Version:  - )

Mantronic´s KaiserII (Version 2.2) (HKLM-x32\...\Mantronic´s Kaiser II_is1) (Version: 2.2.0 - Mantronic Software)

MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)

Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)

Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)

Metro: Last Light (HKLM-x32\...\{33E91A0A-2450-47F4-A5E8-3DFE99F73BA4}_is1) (Version: 1.0 - RAF)

Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Access MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft DCF MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Excel MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Groove MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Lync MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office 32-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)

Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft OneNote MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Outlook MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Publisher MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden

Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)

Microsoft Word MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 1.1.500.0 - Microsoft Corporation)

Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0 - Microsoft Corporation) Hidden

Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.7.1 - Ubisoft)

Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )

Minutor (HKLM-x32\...\{0300BFF4-33A2-4DFB-979D-79AE9D324E81}) (Version: 1.6.3 - Sean Kasun)

mirkes.de Tiny Hexer (HKLM-x32\...\{CC399A03-4695-432E-AE6E-BB450DDE5248}_is1) (Version: 1.8 - markus stephany)

Mit Erfolg bewerben v1.0 (HKLM-x32\...\Mit Erfolg bewerben) (Version: 1.0 - S.A.D)

Mobile Connection Manager (HKLM-x32\...\o2DE) (Version:  - Mobile Connection Manager)

Mozilla Firefox (3.6.14) (HKLM-x32\...\Mozilla Firefox (3.6.14)) (Version: 3.6.14 (de) - Mozilla)

Mozilla Firefox 29.0.1 (x86 de) (HKCU\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)

mp3splt-gtk (HKLM-x32\...\mp3splt-gtk) (Version:  - )

MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)

MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )

MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)

MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden

NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )

NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)

NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden

NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)

NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)

NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden

NVIDIA Performance (HKLM-x32\...\InstallShield_{7C7F30F4-94E7-4AA8-8941-90C4A80C68BF}) (Version: 6.5 - NVIDIA Corporation)

NVIDIA Performance (x32 Version: 6.5 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden

NVIDIA System Monitor (HKLM-x32\...\InstallShield_{E9CFBE78-ED91-4FCF-9E6F-210E477E527D}) (Version: 6.5 - NVIDIA Corporation)

NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden

NVIDIA System Update (HKLM-x32\...\InstallShield_{65A92AAA-3D05-4C94-9F70-731C05E60C16}) (Version: 3.00 - NVIDIA Corporation)

NVIDIA System Update (x32 Version: 3.00 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden

NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden

NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)

O&O Defrag Professional (HKLM\...\{DF54E1D5-B4A3-4F94-B018-75529AB97682}) (Version: 14.0.205 - O&O Software GmbH)

O&O DiskRecovery (HKLM\...\{663A0073-D1FD-42B8-899F-AA5FA8359704}) (Version: 8.0.335 - O&O Software GmbH)

O&O UnErase (HKLM\...\{16EC1499-8B35-431A-B55D-3EE4558C1385}) (Version: 6.0.1899 - O&O Software GmbH)

Oblivion - Horse Armor Pack (HKLM-x32\...\{3ABEBD00-299D-4DCA-967F-B912163AB5EA}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Orrery (HKLM-x32\...\{EC425CFC-EE78-4A91-AA25-3BFA65B75364}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Spell Tomes (HKLM-x32\...\{16D919E6-F019-4E15-BFBE-4A85EF19DA57}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Thieves Den (HKLM-x32\...\{FFFFFD17-B460-41EB-93F1-C48ABAD63828}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)

Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden

Panzer Corps (HKLM-x32\...\Panzer Corps1.00) (Version: 1.00 - Slitherine)

PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version:  - PopCap Games)

Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)

Proxy Searcher (HKLM-x32\...\{0A9DA43D-DFEB-43D8-BB0A-1145AF5E99E6}) (Version: 3.00.0000 - Proxy Searcher)

QuickTime (HKLM-x32\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)

Realms of Arkania Pack (HKLM-x32\...\Realms of Arkania Pack_is1) (Version:  - GOG.com)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.49 - Piriform)

Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)

Rock Manager (HKLM-x32\...\{4241D2E3-7499-49A5-B92C-F26054427F5A}) (Version:  - )

Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)

Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)

ScummVM 1.5.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)

SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden

Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden

Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden

Sid Meier's Civilization IV Colonization (HKLM-x32\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )

Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)

SRWare Iron Version SRWare Iron 34.0.1850.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 34.0.1850.0 - SRWare)

State of Decay - Breakdown (HKLM-x32\...\State of Decay - Breakdown_is1) (Version:  - )

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Steganos Online-Banking 2012 (HKLM-x32\...\{BF72DD91-089A-43A0-A18E-57BC67E2B8A5}) (Version: 2.0.3 - Steganos Software GmbH)

StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )

STREET FIGHTER IV (HKLM-x32\...\{59ABBDF0-E1E5-48AF-85FB-F523A08C3490}) (Version: 1.00.3013 - CAPCOM U.S.A., INC.)

System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )

Tales of Monkey Island (HKLM-x32\...\Tales of Monkey Island) (Version: 3.0.0.0 - Daedalic Entertainment)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)

The Complete Ultima VII (HKLM-x32\...\The Complete Ultima VII_is1) (Version:  - GOG.com)

The Elder Scrolls V - Dragonborn DLC 1.00 (HKLM-x32\...\The Elder Scrolls V - Dragonborn DLC 1.00) (Version: 1.00 - Ecos)

The Elder Scrolls V Skyrim - Dawnguard 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Dawnguard 1.00) (Version: 1.00 - Ecos)

The Elder Scrolls V Skyrim - Hearthfire 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Hearthfire 1.00) (Version: 1.00 - Ecos)

The Elder Scrolls V Skyrim - Update 11 11.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Update 11 11.00) (Version: 11.00 - Ecos)

The Movies(TM) Stunts & Spezialeffekte (x32 Version: 1.0 - Ihr Firmenname) Hidden

The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)

The Witcher Enhanced Edition (HKLM-x32\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)

Third Age - Total War 2.0 (Part1of2) (HKCU\...\Third Age - Total War 2.0 (Part1of2)) (Version:  - )

Third Age - Total War 3.0 (Part 1of2) (HKCU\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )

Third Age - Total War 3.0 (Part 2of2) (HKCU\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )

Total War: ROME II Caesar in Gaul (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )

Trade Empires (nur Deinstallieren) (HKLM-x32\...\Trade Empires) (Version:  - )

TSDoctor (HKLM-x32\...\{40F95BFE-36CF-481F-B7D9-8D8F2F3369F9}) (Version: 1.2.66 - Cypheros)

TuneUp Utilities 2011 (HKLM-x32\...\TuneUp Utilities 2011) (Version: 10.0.2011.48 - TuneUp Software)

TuneUp Utilities 2011 (x32 Version: 10.0.2011.48 - TuneUp Software) Hidden

TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.2011.48 - TuneUp Software) Hidden

Turbo Lister 2 (HKLM-x32\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)

Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)

Ultima VIII - Pagan (HKLM-x32\...\Ultima VIII - Pagan_is1) (Version:  - GOG.com)

Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)

Update for Microsoft Excel 2013 (KB2881014) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D8C78DED-3543-449A-8E3E-9391643EBB0E}) (Version:  - Microsoft)

Update for Microsoft Lync 2013 (KB2850074) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CE9A9D7C-B6FB-4F6C-8BDE-9A1ADBBAC1EE}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760344) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EF77B4A6-DFEC-4010-A87D-9B6BF87FABEC}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2760544) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{62857CDD-2985-4939-91BA-19ED0B0031A5}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2768012) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0814662C-FD28-4DE0-ACE5-EE50D1D6C8FB}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2817302) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E79EFFDB-192A-4D9E-A2DB-C0F774E6EC32}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2826040) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4AEA56A-0759-4D08-9FAB-31A92137D0B8}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2837644) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D692E9FF-84BF-4F44-A0EA-D58ECE0D538E}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2863843) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{290D80DE-03AB-47EC-9402-108AF4CE4F66}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2878313) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{98821750-2C79-4A07-9AE9-D2536FD9491D}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880457) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{EC2AF602-2730-4B05-9438-06CDE43153F2}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880462) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{24584DD4-C680-4FEB-A464-D760C7A5B041}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880464) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{88B29AA5-71EE-4692-91E2-E89407F0B783}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880476) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3FC5B59-0F86-4B9A-94DF-FC213DF4FA63}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880478) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8116ED50-F1E7-49E1-9D8D-421497D34B0F}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B386BAA9-7D92-450E-B43E-BD96B01ADEC0}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{F6CE638B-5A06-4EDD-A1FA-BFA827D14071}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{927B47DF-91B2-4EBF-9B66-43B2C95E41BF}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2880991) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{7BD6AF81-49D4-482A-8CDD-90B4031627F2}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft Office 2013 (KB2881035) 64-Bit Edition (HKLM\...\{90150000-0090-0407-1000-0000000FF1CE}_Office15.PROPLUS_{885C981B-F1E3-430A-A099-31CA9D28C251}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)

Update for Microsoft OneDrive for Business (KB2881018) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{F0B3B3E0-40AC-4339-83F7-735DD302ADDE}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)

Update for Microsoft OneNote 2013 (KB2880458) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D2CD59AB-CA83-44D4-AEF8-E49A3FE8FD7F}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft Outlook 2013 (KB2880470) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34A169EC-990A-4DAE-AC65-9F981158B7DB}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2013 (KB2881000) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D3F7B995-360E-406A-B74B-5EA682159985}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)

Update for Microsoft Publisher 2013 (KB2726952) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{03B2C707-503D-4979-8322-CA92C45AD6B4}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2013 (KB2817301) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{8E5CD68A-CDF8-4930-88DF-B7778B1871A9}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2878319) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BC51FE30-3A56-4802-8D9E-E9BC05B56B49}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)

Update for Microsoft Word 2013 (KB2881005) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{125BAFEC-EB26-45C3-B97A-475162C6BDC0}) (Version:  - Microsoft)

Vampire - The Masquerade Bloodlines (HKLM-x32\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)

Vampire - The Masquerade Bloodlines (x32 Version: 1.00.0000 - Activision) Hidden

VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden

Verbatim GREEN BUTTON 1.69 (HKLM-x32\...\Verbatim GREEN BUTTON_is1) (Version:  - Verbatim)

Vermeer 2 (HKLM-x32\...\Vermeer 2_is1) (Version:  - Ascaron Entertainment GmbH)

Victoria 2 (HKLM-x32\...\{9C3B7F54-C6E2-4A74-9937-9C6EBA10C4A2}) (Version:  - )

Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.13 - H+H Software GmbH)

VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)

VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)

WebTemp 3.37 (kostenlose Version) (HKLM-x32\...\WebTemp_is1) (Version:  - Visualize CPU temperature meter readings measured by SpeedFan and other tools using WebTemp)

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3004 - Acer Incorporated)

WiMP 2.1.3 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.1.3 - Aspiro AS)

WiMP 2.1.3 (x32 Version: 2.1.3 - Aspiro AS) Hidden

Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

Wolfenstein: The New Order (HKLM-x32\...\V29sZmVuc3RlaW5UaGVOZXdPcmRlcg==_is1) (Version: 1 - )

Worlds of Ultima - Martian Dreams (HKLM-x32\...\GOGPACKWORLDSOFULTIMAMARTIAN_is1) (Version: 2.0.0.17 - GOG.com)

x64 Components v2.7.9 (HKLM\...\x64 Components_is1) (Version: 2.7.9 - Shark007)

XMedia Recode Version 3.1.4.0 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.4.0 - XMedia Recode)

Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
 

==================== Restore Points  =========================
 

14-06-2014 00:20:38 Geplanter Prüfpunkt
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2014-06-08 16:50 - 00003410 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 209.34.83.73:443

127.0.0.1 209.34.83.73:43

127.0.0.1 209.34.83.73

127.0.0.1 209.34.83.67:443

127.0.0.1 209.34.83.67:43

127.0.0.1 209.34.83.67

127.0.0.1 ood.opsource.net

127.0.0.1 199.7.52.190:80

127.0.0.1 199.7.52.190

127.0.0.1 OCSP.SPO1.VERISIGN.COM

127.0.0.1 199.7.54.72:80

127.0.0.1 199.7.54.72

127.0.0.1 192.150.14.69

127.0.0.1 192.150.18.101

127.0.0.1 192.150.18.108

127.0.0.1 192.150.22.40

127.0.0.1 192.150.8.100

127.0.0.1 192.150.8.118

127.0.0.1 209-34-83-73.ood.opsource.net

127.0.0.1 3dns-1.adobe.com

127.0.0.1 3dns-2.adobe.com

127.0.0.1 3dns-2.adobe.com

127.0.0.1 3dns-3.adobe.com

127.0.0.1 3dns-3.adobe.com

127.0.0.1 3dns-4.adobe.com

127.0.0.1 3dns.adobe.com

127.0.0.1 activate-sea.adobe.com

127.0.0.1 activate-sea.adobe.com

127.0.0.1 activate-sjc0.adobe.com
 

There are 55 more lines.
 
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0A1EDA7A-E4D9-4AAE-96CA-B1783EF906FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Anwendungen\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {172CDFA4-BC11-49BE-9ED7-690833A0DA6A} - System32\Tasks\APM_off => C:\hdparm\hdparm.exe [2007-02-24] ()

Task: {23AC33A6-71D1-426B-83B7-A4CEF91835F0} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe [2012-06-26] (Microsoft)

Task: {2A64F115-3A86-4ACD-8FA8-2A36F935872E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)

Task: {490FA879-8515-4106-AF3C-E3BBF962F1B2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Anwendungen\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

Task: {57F1BEA6-3BF4-4719-A699-6BD496FA779A} - System32\Tasks\{E87F3025-2748-40B5-BC6F-7D05BCF35CE0} => Firefox.exe Downloading

Task: {7C0EBBC9-E939-4EA4-A99A-F84646A1B5CC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002Core => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {8023B071-3019-4ED4-BCDA-0D40A056B5C0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)

Task: {841B145F-F28E-49C2-8E2B-EAD7C4B74F86} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002UA => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {8B7FF60C-4E64-4734-95B7-3919F9B10B19} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)

Task: {9365234C-08C5-4202-B0E7-D6E38BB97F64} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2010-06-24] (Acer)

Task: {A4C86112-6CF0-4E78-A00D-1CB9820F104A} - System32\Tasks\AutoKMSCustom => C:\Windows\AutoKMS\AutoKMS.exe [2012-07-05] ()

Task: {AD2E6C75-7654-44DE-8A73-6ADC0A5B8998} - System32\Tasks\{356B8E7B-AE66-4203-B49F-6236AAD8D8B4} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype

Task: {B9306D00-ACB7-4DE9-BECE-9255739EFFAB} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-07-05] ()

Task: {CB82C90B-D235-4A4C-B108-5EF475D3D8FF} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)

Task: {DD585CB6-C834-47F3-823E-119930CB48AB} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Anwendungen\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe

Task: {DF9D207A-52BF-4122-B356-08D3962EA37E} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Anwendungen\Norton Internet Security CBE\Engine\21.1.0.18\SymErr.exe

Task: {EEC0E1CF-5884-45FA-9203-FB669F38E6D4} - \SidebarExecute No Task File <==== ATTENTION

Task: {F713C9F8-714A-4B8B-ADB2-E52846D080F9} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002Core.job => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002UA.job => C:\Users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-27 14:34 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll

2014-04-27 14:52 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2012-11-19 03:53 - 2012-11-19 03:53 - 00002560 _____ () C:\Windows\runservice.exe

2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll

2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2009-09-30 03:05 - 2009-09-30 03:05 - 01306624 _____ () C:\Anwendungen\Gaming Mouse\Gaming Mouse.exe

2014-04-13 14:57 - 2014-04-13 14:58 - 00429568 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\YouScreen.exe

2014-06-03 02:43 - 2014-05-14 22:55 - 00432128 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepolisBot2.exe

2014-05-17 00:43 - 2014-05-14 22:55 - 00432128 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepolisBot2.exe

2012-11-19 03:53 - 2012-11-19 03:53 - 00048640 _____ () C:\Windows\mmfs.dll

2014-02-24 21:07 - 2014-02-24 21:07 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\29335dc88d799664dcd97362bcb687e9\IsdiInterop.ni.dll

2010-08-30 11:03 - 2010-04-13 18:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2014-04-27 14:34 - 2014-02-08 20:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll

2010-08-30 11:45 - 2009-05-20 08:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll

2012-09-28 02:51 - 2008-08-18 16:08 - 00050688 _____ () C:\Anwendungen\Virtual CD v10\System\ogg.dll

2012-09-28 02:51 - 2008-08-18 16:11 - 01237504 _____ () C:\Anwendungen\Virtual CD v10\System\vorbis.dll

2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Anwendungen\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu

2014-05-20 21:04 - 2014-04-11 15:19 - 00104448 _____ () C:\Anwendungen\SRWare Iron\chrome_elf.dll

2012-06-26 22:36 - 2014-01-30 00:38 - 00902144 _____ () C:\Anwendungen\SRWare Iron\libglesv2.dll

2012-06-26 22:36 - 2014-04-11 15:19 - 00128512 _____ () C:\Anwendungen\SRWare Iron\libegl.dll

2013-09-26 03:46 - 2014-04-11 15:22 - 00950272 _____ () C:\Anwendungen\SRWare Iron\ffmpegsumo.dll

2014-05-14 10:58 - 2014-05-14 21:59 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

2014-06-03 02:43 - 2012-12-14 19:12 - 00194560 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepUnits.dll

2014-06-03 02:43 - 2014-02-12 23:26 - 00161280 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepBuildings.dll

2014-06-03 02:43 - 2012-08-10 00:57 - 00059392 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepCulture.dll

2014-06-03 02:43 - 2012-08-10 00:58 - 00039424 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepFarmers.dll

2014-06-03 02:43 - 2012-08-21 20:11 - 00017408 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\1\GrepSchedulerSmall.dll

2014-05-17 00:43 - 2012-12-14 19:12 - 00194560 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepUnits.dll

2014-05-17 00:43 - 2014-02-12 23:26 - 00161280 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepBuildings.dll

2014-05-17 00:43 - 2012-08-10 00:57 - 00059392 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepCulture.dll

2014-05-17 00:43 - 2012-08-10 00:58 - 00039424 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepFarmers.dll

2014-05-17 00:43 - 2012-08-21 20:11 - 00017408 _____ () C:\Users\XXX\Desktop\O-Gaming Stuff\GrepoNEW26101\GrepSchedulerSmall.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\Temp:2BE9FEFC

AlternateDataStreams: C:\ProgramData\Temp:55B41E6A
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/16/2014 03:24:26 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.

Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.

Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 

Error: (06/15/2014 01:59:10 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.

Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.

Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 

Error: (06/14/2014 03:42:19 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.

Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.

Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 

Error: (06/14/2014 01:16:21 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.2.2.0, Zeitstempel: 0x4e32f719

Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86

Ausnahmecode: 0xe0434352

Fehleroffset: 0x0000c42d

ID des fehlerhaften Prozesses: 0x3a04

Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0

Pfad der fehlerhaften Anwendung: AutoKMS.exe1

Pfad des fehlerhaften Moduls: AutoKMS.exe2

Berichtskennung: AutoKMS.exe3
 

Error: (06/14/2014 01:16:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Anwendung: AutoKMS.exe

Frameworkversion: v4.0.30319

Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.

Ausnahmeinformationen: System.IO.IOException

Stapel:

   bei System.IO.__Error.WinIOError(Int32, System.String)

   bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)

   bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)

   bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean)

   bei AutoKMS.AutoKMS.RunAutoKMS()

   bei AutoKMS.Program.Main()
 

Error: (06/13/2014 02:39:18 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.

Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.

Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 

Error: (06/13/2014 01:16:17 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: AutoKMS.exe, Version: 2.2.2.0, Zeitstempel: 0x4e32f719

Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86

Ausnahmecode: 0xe0434352

Fehleroffset: 0x0000c42d

ID des fehlerhaften Prozesses: 0xe38

Startzeit der fehlerhaften Anwendung: 0xAutoKMS.exe0

Pfad der fehlerhaften Anwendung: AutoKMS.exe1

Pfad des fehlerhaften Moduls: AutoKMS.exe2

Berichtskennung: AutoKMS.exe3
 

Error: (06/13/2014 01:16:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Anwendung: AutoKMS.exe

Frameworkversion: v4.0.30319

Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.

Ausnahmeinformationen: System.IO.IOException

Stapel:

   bei System.IO.__Error.WinIOError(Int32, System.String)

   bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)

   bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)

   bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean)

   bei AutoKMS.AutoKMS.RunAutoKMS()

   bei AutoKMS.Program.Main()
 

Error: (06/12/2014 02:59:53 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.

Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.

Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".

Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".

Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 

Error: (06/11/2014 09:15:59 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Programm Manager.exe, Version 5.5.0.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
 

Prozess-ID: 79c
 

Startzeit: 01cf8594829fd106
 

Endzeit: 241
 

Anwendungspfad: C:\Anwendungen\Audible\Bin\Manager.exe
 

Berichts-ID: b1f3f67d-f19c-11e3-ba41-1c7508461236
 
 

System errors:

=============

Error: (06/16/2014 06:23:16 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (06/16/2014 06:22:04 PM) (Source: bowser) (EventID: 8016) (User: )

Description: Der Suchdiensttreiber erhielt zu viele nicht erlaubte Datagramme vom Remotecomputer "O2BOX" zum Namen "XXX9" auf Transport "NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}". Das Datagramm steht in den Daten.

Es werden keine weiteren Ereignisse erzeugt, solange die Rücksetzfrequenz nicht abgelaufen ist.
 

Error: (06/16/2014 06:21:44 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 

%%1058
 

Error: (06/16/2014 06:16:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "G Data Personal Firewall" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (06/16/2014 06:16:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst G Data Personal Firewall erreicht.
 

Error: (06/16/2014 06:16:15 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053GDFwSvc-Service{1DED95CA-C567-464A-B405-087EDDF0B095}
 

Error: (06/16/2014 06:15:38 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 

Error: (06/16/2014 05:17:15 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (06/16/2014 04:54:14 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 

Error: (06/16/2014 02:54:10 PM) (Source: bowser) (EventID: 8003) (User: )

Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2BOX",

der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3DE1FAC4-B916-448F-A747-E5A362D2FC66}-Transport zu sein scheint.

Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
 
 

Microsoft Office Sessions:

=========================

Error: (06/16/2014 03:24:26 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 

Error: (06/15/2014 01:59:10 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 

Error: (06/14/2014 03:42:19 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 

Error: (06/14/2014 01:16:21 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: AutoKMS.exe2.2.2.04e32f719KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d3a0401cf875d732f05b9C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\syswow64\KERNELBASE.dllba8a19ad-f350-11e3-ba41-1c7508461236
 

Error: (06/14/2014 01:16:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Anwendung: AutoKMS.exe

Frameworkversion: v4.0.30319

Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.

Ausnahmeinformationen: System.IO.IOException

Stapel:

   bei System.IO.__Error.WinIOError(Int32, System.String)

   bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)

   bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)

   bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean)

   bei AutoKMS.AutoKMS.RunAutoKMS()

   bei AutoKMS.Program.Main()
 

Error: (06/13/2014 02:39:18 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 

Error: (06/13/2014 01:16:17 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: AutoKMS.exe2.2.2.04e32f719KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42de3801cf869448beee11C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\syswow64\KERNELBASE.dll8df8371b-f287-11e3-ba41-1c7508461236
 

Error: (06/13/2014 01:16:14 AM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Anwendung: AutoKMS.exe

Frameworkversion: v4.0.30319

Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.

Ausnahmeinformationen: System.IO.IOException

Stapel:

   bei System.IO.__Error.WinIOError(Int32, System.String)

   bei System.IO.FileStream.Init(System.String, System.IO.FileMode, System.IO.FileAccess, Int32, Boolean, System.IO.FileShare, Int32, System.IO.FileOptions, SECURITY_ATTRIBUTES, System.String, Boolean, Boolean, Boolean)

   bei System.IO.FileStream..ctor(System.String, System.IO.FileMode, System.IO.FileAccess, System.IO.FileShare, Int32, System.IO.FileOptions, System.String, Boolean, Boolean, Boolean)

   bei System.IO.StreamWriter.CreateFile(System.String, Boolean, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean, System.Text.Encoding, Int32, Boolean)

   bei System.IO.StreamWriter..ctor(System.String, Boolean)

   bei AutoKMS.AutoKMS.RunAutoKMS()

   bei AutoKMS.Program.Main()
 

Error: (06/12/2014 02:59:53 AM) (Source: SideBySide) (EventID: 35) (User: )

Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8
 

Error: (06/11/2014 09:15:59 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Manager.exe5.5.0.579c01cf8594829fd106241C:\Anwendungen\Audible\Bin\Manager.exeb1f3f67d-f19c-11e3-ba41-1c7508461236
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 78%

Total physical RAM: 3766.71 MB

Available physical RAM: 820.07 MB

Total Pagefile: 6209.91 MB

Available Pagefile: 1417.2 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: (Acer) (Fixed) (Total:452.66 GB) (Free:3.41 GB) NTFS

Drive d: (CB1314CD) (CDROM) (Total:0.57 GB) (Free:0 GB) UDF
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 092EC1A5)

Partition 1: (Not Active) - (Size=13 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

tja, da geht gar nix...ich krieg die meldung, dass diese datei nicht mit der ausgeführten windows version kompatibel ist.

ich hab es mal von da runtergeladen:

hxxp://www.bleepingcomputer.com/download/combofix/dl/12/

nach dem scan und einem neustart hab ich jetzt blöderweise das problem, dass das taskleistensymbol von g-data security nicht mehr da ist :confused:

Combofix Logfile:

Code:

ComboFix 14-06-16.01 - XXX 17.06.2014  16:54:20.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3767.1195 [GMT 2:00]

ausgeführt von:: c:\users\XXX\Desktop\ComboFix.exe

AV: G Data InternetSecurity CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}

FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

SP: G Data InternetSecurity CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\END

c:\users\XXX\4.0

c:\windows\isRS-000.tmp

c:\windows\IsUn0407.exe

c:\windows\SysWow64\ESPI11.dll

c:\windows\SysWow64\start.exe

c:\windows\wininit.ini

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-05-17 bis 2014-06-17  ))))))))))))))))))))))))))))))

.

.

2014-06-17 15:16 . 2014-06-17 15:16        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-06-17 12:10 . 2014-06-17 12:10        --------        d-----w-        c:\users\XXX\AppData\Local\gtk-2.0

2014-06-16 22:30 . 2014-06-16 22:30        --------        d-----w-        c:\users\XXX\.thumbnails

2014-06-16 22:27 . 2014-06-16 22:27        --------        d-----w-        c:\users\XXX\AppData\Local\fontconfig

2014-06-16 22:26 . 2014-06-17 13:38        --------        d-----w-        c:\users\XXX\.gimp-2.8

2014-06-16 22:26 . 2014-06-16 22:26        --------        d-----w-        c:\users\XXX\AppData\Local\gegl-0.2

2014-06-16 18:17 . 2014-06-16 18:24        --------        d-----w-        C:\FRST

2014-06-16 16:32 . 2014-06-16 20:47        --------        d-----w-        c:\users\XXX\AppData\Local\Adobe

2014-06-11 11:58 . 2014-05-19 23:18        10702536        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{9DF4F435-B9C2-4960-A5B0-3770945DCEEE}\mpengine.dll

2014-06-11 10:59 . 2014-06-02 06:03        810200        ----a-w-        c:\program files\Internet Explorer\iexplore.exe

2014-06-11 10:57 . 2014-06-08 09:13        506368        ----a-w-        c:\windows\system32\aepdu.dll

2014-06-11 10:57 . 2014-06-08 09:08        424448        ----a-w-        c:\windows\system32\aeinv.dll

2014-06-08 22:31 . 2014-06-08 22:31        --------        d-----w-        c:\program files (x86)\Common Files\Java

2014-06-08 22:31 . 2014-05-07 13:02        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-06-08 08:19 . 2014-06-08 08:19        --------        d-----w-        c:\program files (x86)\Common Files\Skype

2014-06-07 14:41 . 2014-06-07 14:42        --------        d-----w-        c:\users\XXX\AppData\Local\MetaGeek,_LLC

2014-06-07 05:31 . 2014-06-07 05:31        18160        ----a-w-        c:\windows\system32\drivers\GdPhyMem.sys

2014-06-07 05:31 . 2014-06-07 05:31        106272        ----a-w-        c:\windows\system32\drivers\GRD.sys

2014-06-06 18:23 . 2014-06-06 18:23        --------        d-----w-        C:\MyWinLockerData

2014-06-06 17:33 . 2014-06-06 17:33        68608        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys

2014-06-06 17:33 . 2014-06-06 17:33        64000        ----a-w-        c:\windows\system32\drivers\gdwfpcd64.sys

2014-06-06 17:31 . 2014-06-06 17:31        65024        ----a-w-        c:\windows\system32\drivers\HookCentre.sys

2014-06-06 17:31 . 2014-06-06 17:31        57344        ----a-w-        c:\windows\system32\drivers\GDBehave.sys

2014-06-06 17:31 . 2014-06-06 17:31        135168        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys

2014-06-06 17:29 . 2014-06-06 17:29        --------        d-----w-        c:\program files (x86)\Common Files\G Data

2014-06-06 17:14 . 2014-06-06 18:15        --------        d-----w-        c:\programdata\G Data

2014-06-05 16:06 . 2014-06-05 16:15        --------        d-----w-        c:\programdata\Package Cache

2014-05-29 16:34 . 2014-05-29 16:34        --------        d-----w-        c:\users\XXX\AppData\Roaming\NVIDIA

2014-05-24 20:01 . 2000-05-16 08:40        83968        ----a-w-        c:\windows\UnGins.exe

2014-05-24 20:01 . 2000-03-06 22:00        237568        ----a-w-        c:\windows\SysWow64\Unlha32.dll

2014-05-24 20:01 . 2000-03-06 22:00        473600        ----a-w-        c:\windows\SysWow64\Harmony.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-06-11 12:00 . 2011-02-11 10:55        95414520        ----a-w-        c:\windows\system32\MRT.exe

2014-06-08 12:13 . 2014-04-16 07:48        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-05-14 19:59 . 2012-06-26 21:39        692400        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2014-05-14 19:59 . 2011-05-28 17:51        70832        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-05-14 08:27 . 2014-05-14 08:27        17938608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe

2014-05-12 05:26 . 2014-04-16 07:48        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys

2014-05-12 05:26 . 2014-04-16 07:48        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2014-05-12 05:25 . 2014-04-16 07:48        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys

2014-04-14 16:10 . 2014-04-14 16:10        255352        ----a-w-        c:\windows\SysWow64\awrdscdc.ax

2014-04-12 02:22 . 2014-05-14 21:51        155072        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys

2014-04-12 02:22 . 2014-05-14 21:51        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys

2014-04-12 02:19 . 2014-05-14 21:51        136192        ----a-w-        c:\windows\system32\sspicli.dll

2014-04-12 02:19 . 2014-05-14 21:51        29184        ----a-w-        c:\windows\system32\sspisrv.dll

2014-04-12 02:19 . 2014-05-14 21:51        28160        ----a-w-        c:\windows\system32\secur32.dll

2014-04-12 02:19 . 2014-05-14 21:51        1460736        ----a-w-        c:\windows\system32\lsasrv.dll

2014-04-12 02:19 . 2014-05-14 21:51        31232        ----a-w-        c:\windows\system32\lsass.exe

2014-04-12 02:12 . 2014-05-14 21:51        22016        ----a-w-        c:\windows\SysWow64\secur32.dll

2014-04-12 02:10 . 2014-05-14 21:51        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll

2014-03-31 07:35 . 2011-02-12 23:29        270496        ------w-        c:\windows\system32\MpSigStub.exe

2014-03-25 02:43 . 2014-05-14 21:52        14175744        ----a-w-        c:\windows\system32\shell32.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2014-05-14 06:18        1730264        ----a-w-        c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2014-05-14 06:18        1730264        ----a-w-        c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2014-05-14 06:18        1730264        ----a-w-        c:\progra~2\MICROS~3\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-05-27 02:40        120176        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]

"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]

"Gaming Mouse"="c:\anwendungen\Gaming Mouse\Gaming Mouse.exe" [2009-09-30 1306624]

"VC10Player"="c:\anwendungen\Virtual CD v10\System\VC10Play.exe" [2011-05-20 411976]

"GDFirewallTray"="c:\anwendungen\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-12-19 1724728]

"G Data ASM"="c:\anwendungen\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" [2013-12-19 431224]

"Acrobat Assistant 8.0"="c:\anwendungen\Acrobat 11.0\Acrobat\Acrotray.exe" [2014-05-08 3499896]

.

c:\users\XXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Verbatim GREEN BUTTON.lnk - c:\anwendungen\GREEN BUTTON\GREEN BUTTON.exe /a [2013-5-22 508176]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute        REG_MULTI_SZ           autocheck autochk *\0OODBS

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"

"Adobe Acrobat Speed Launcher"="c:\anwendungen\Acrobat 9.0\Acrobat\Acrobat_sl.exe"

"Acrobat Assistant 8.0"="c:\anwendungen\Acrobat 9.0\Acrobat\Acrotray.exe"

"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin

"SwitchBoard"=c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

"Wondershare Helper Compact.exe"=c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

"QuickTime Task"="c:\anwendungen\QuickTime\QTTask.exe" -atboottime

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 LicCtrlService;LicCtrl Service;c:\windows\runservice.exe;c:\windows\runservice.exe [x]

R2 SkypeUpdate;Skype Updater;c:\anwendungen\Skype\Updater\Updater.exe;c:\anwendungen\Skype\Updater\Updater.exe [x]

R3 ALSysIO;ALSysIO;c:\users\MARZIP~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\MARZIP~1\AppData\Local\Temp\ALSysIO64.sys [x]

R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]

R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\CyberGhost VPN\CGVPNCliService.exe;c:\program files\CyberGhost VPN\CGVPNCliService.exe [x]

R3 DAUpdaterSvc;Dragon Age: Origins - Inhaltsupdater;c:\spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe;c:\spiele\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe [x]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]

R3 HH10Help.sys;HH10Help.sys;c:\windows\system32\drivers\HH10Help.sys;c:\windows\SYSNATIVE\drivers\HH10Help.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\DRIVERS\lgbtpt64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtpt64.sys [x]

R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbs64.sys;c:\windows\SYSNATIVE\DRIVERS\lgbtbs64.sys [x]

R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\DRIVERS\lgvmdm64.sys;c:\windows\SYSNATIVE\DRIVERS\lgvmdm64.sys [x]

R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]

R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

R3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]

R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys;c:\windows\SYSNATIVE\drivers\SndTAudio.sys [x]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R4 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]

R4 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]

R4 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\anwendungen\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\anwendungen\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]

R4 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]

S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]

S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]

S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]

S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]

S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]

S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]

S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]

S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]

S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]

S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]

S1 SLEE_17_DRIVER;Steganos Live Encryption Engine 17 [Driver];c:\windows\Sleen1764.sys;c:\windows\Sleen1764.sys [x]

S1 vdrv1000;vdrv1000;c:\windows\system32\DRIVERS\vdrv1000.sys;c:\windows\SYSNATIVE\DRIVERS\vdrv1000.sys [x]

S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]

S2 AVKService;G Data Scheduler;c:\anwendungen\InternetSecurity\AVK\AVKService.exe;c:\anwendungen\InternetSecurity\AVK\AVKService.exe [x]

S2 AVKWCtl;G Data Dateisystem Wächter;c:\anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe;c:\anwendungen\InternetSecurity\AVK\AVKWCtlx64.exe [x]

S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]

S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 OODefragAgent;O&O Defrag;c:\anwendungen\Defrag\oodag.exe;c:\anwendungen\Defrag\oodag.exe [x]

S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [x]

S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]

S2 VC10SecS;Virtual CD v10 Management Service;c:\anwendungen\Virtual CD v10\System\VC10SecS.exe;c:\anwendungen\Virtual CD v10\System\VC10SecS.exe [x]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]

S3 GDFwSvc;G Data Personal Firewall;c:\anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\anwendungen\InternetSecurity\Firewall\GDFwSvcx64.exe [x]

S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]

S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]

S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 SjtWinIo;SJT I/O Driver;c:\windows\system32\DRIVERS\SjtWinIo.sys;c:\windows\SYSNATIVE\DRIVERS\SjtWinIo.sys [x]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys;c:\anwendungen\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [x]

S3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2014-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 19:59]

.

2014-06-16 c:\windows\Tasks\AutoKMS.job

- c:\windows\AutoKMS\AutoKMS.exe [2012-07-04 22:56]

.

2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002Core.job

- c:\users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 00:49]

.

2013-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-123853454-3869190695-3295914358-1002UA.job

- c:\users\XXX\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 00:49]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]

@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"

[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]

2014-05-14 06:15        2335960        ----a-w-        c:\anwend~1\MICROS~1\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]

@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"

[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]

2014-05-14 06:15        2335960        ----a-w-        c:\anwend~1\MICROS~1\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]

@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"

[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]

2014-05-14 06:15        2335960        ----a-w-        c:\anwend~1\MICROS~1\Office15\GROOVEEX.DLL

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]

@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"

[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]

2010-05-27 02:42        137584        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-06-11 12503184]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]

"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-02-05 2234144]

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-02-05 1179576]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=c:\windows\System32\nvinitx.dll

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

UxTuneUp

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = about:blank

uLocal Page = c:\windows\system32\blank.htm

mStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

mSearchAssistant = www.google.com

IE: An OneNote s&enden - c:\anwend~1\MICROS~1\Office15\ONBttnIE.dll/105

IE: Nach Microsoft E&xcel exportieren - c:\anwend~1\MICROS~1\Office15\EXCEL.EXE/3000

IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\anwendungen\ICQ7.5\ICQ.exe

TCP: DhcpNameServer = 192.168.1.1

Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL

FF - ProfilePath - c:\users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\mbjxv0se.default\

FF - prefs.js: browser.search.selectedEngine - Google Deutschland

FF - prefs.js: keyword.URL - hxxp://search.sweetim.com/search.asp?src=2&crg=3.1010000.10001&q=

FF - prefs.js: network.proxy.ftp - 192.227.139.215

FF - prefs.js: network.proxy.ftp_port - 8080

FF - prefs.js: network.proxy.http - 192.227.139.215

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.socks - 192.227.139.215

FF - prefs.js: network.proxy.socks_port - 8080

FF - prefs.js: network.proxy.ssl - 192.227.139.215

FF - prefs.js: network.proxy.ssl_port - 8080

FF - prefs.js: network.proxy.type - 0

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKLM-Run-Adobe ARM - c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe

AddRemove-Die Gilde Gold Update v. 2.06 - f:\spiele\DIEGIL~1\UNWISE.EXE

AddRemove-Die Gilde Gold-Edition - f:\spiele\DIEGIL~1\UNWISE.EXE

AddRemove-Vampire - c:\windows\IsUn0407.exe

AddRemove-Eador Masters of the Broken World - e:\spiele\Eador Masters of the Broken World\Uninstal.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\vdrv1000]

"ImagePath"="system32\DRIVERS\vdrv1000.sys"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.13"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]

@="?????????????????? v1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]

@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]

@="?????????????????? v2"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]

@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]

"OODEFRAG14.00.00.01PROFESSIONAL"="F7A844294C437EF34CC7F8B526D7829EA242FB7393845D3EC04AC3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B98089DB7CE019D40AA5C5D575E7D6A3B9808C038D530D6EB34525AB4ECDE9C442A25A33408B82052C5BC531AF98D0657FE8F65284A42A429AB000566CDA62E69D91AF36E2E56761B7E0137CD46B311CDF8EEA7FD446B445ADE403A60A80C3AA82398AED3882E18907F8AFB59ACA9D23FB9DA994475576134B24912F813F333C9C6F8E948907605D4FD5350C72D94F4C50E8E274FFEC0F36C28B855707445003D9CD86D1092E6312FC7191C09962019A1570AF5D7D861E95B556E8666086DF7138D99B458AF3F820A3ADEF66E90F9D13608905B7A4D78257E628D58E1DEDE6B0297DFF12E5B3FD4F4496AAFB09456A88CA8A8E1B67B4C79760D7FB0CA5B8B9B63CE1408825F2EF423FB44C76B6FEA9850579D47F256A0B00827EEAC6E366EBF3558E412AE5955A96B6E3DF31E457291D0C1FEFE7523C4861D944D9B7FFA8200996E43596BB881A6474EE51F2B09AAF7822E9E2FEAFD852DC0D04D811388C8FA565F63E0D6430419D6E015645A06D824FD7495B26555B8CAA4E66994229446C2558D3FDB7490351EDDFB6497585AC061FC80BD97576C35F41F795B410A2504DDA56F13B3A90E6B4AC08B313EB3F62E71E0D237219AD955BBA63DA4260C968DC5768E618341FC87240D8DA08F5E2170052E7F6345EA07FA205A7B0A984F19F4E8200AEE9E6AF167A67097167B32F4D8478A2F6B2EE8B50994F992121EDA30CC291C154406365574C0BCCEBB2269DDBED3C39D393B97756605E9F18A749C3430DC07F32EF41B641655EA6F815A231EFDB8C99A7CFDE1AE7F4C3420810867CEB9CCA401BE56F4AEB93C154998AC624C73FB300CA7BE929BC33D85364D7F6E020B39D82C4B4B809A523FF93F76D610518295ADE9F2755A4CA61CAE618431CDA0C952AF76EB29E0DFD59F7C48D5C9F6EB116F203F59534DA19F21246204A700539C3ED577FEF61D0C3C0E236F362C472D8BEB86AC19B864D32C79FE10ECA3E815B0181DD7A5F11F7E05329954D6D6127A5EDD0567B63DFBECC8C77CD12199CBB438ECFBD5C38B346EAFA62E2A4158500FFD8EE23777AB554C7B20FC26C92E54D7653F8A4582E59062C3FB54B83DF05D76E0380B7768029225CB8B071DD43F8E7573048A8C505CC9B7CA34235BD816F815800C111A57733DFBC30641DDEEDAEBD99D275AA3DDF85A2051475400E7F1C59EDC2D2522D864C2ADF403F89F10C64224A385019A207EA09E699D47AB7FE1CA1EF635A0A842F1F168F1E421326DF74AC7CBF1A813D0DF5E8EA9198074F9F775F057AE7FD9AF6A012F5286CB74049BA10EDEB01F44EBC63B1AA98C2485757893C8871B"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB]

"1"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,d6,9f,52,ce,23,dc,1a,

   c2

"2"=hex:d1,c8,c3,5e,08,10,b9,8f,1e,fd,a6,7c,f5,6d,b0,f3,a6,71,8f,f8,ab,bd,bd,

   76,64,10,04,f0,92,77,f9,20

"3"=hex:47,af,e3,b9,38,4b,f6,e6,cb,8b,59,0c,3a,af,c5,a2,ac,98,11,9b,be,95,83,

   07,ae,ba,7e,d8,e6,d6,56,50,c4,dc,bb,7b,18,78,a4,de,04,5c,25,4e,9f,d7,39,6d

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LicCtrl\LicCtrl\LicCtrl\LicCtrl*lkzs$i&#&y@^t! #^$ g9^$&pgb SDB36o \F93383AA3238BCCB\7BF9E831E71B650D9FD9ADA9E13AF2CA]

"1"=hex:47,e4,6c,02,68,b4,3b,2b,30,11,db,3c,35,63,21,d4,11,b1,7e,c5,ed,aa,8e,

   1a,3b,92,af,55,30,f0,da,a7

"2"=hex:14,ce,87,8d,79,74,ee,b2

"3"=hex:81,20,8f,ab,28,6a,52,9c

"4"=hex:2f,ad,a2,e7,8a,bf,05,5e

"5"=hex:bf,e5,23,7b,b0,66,d6,fc,b8,e8,6b,a0,96,52,f7,32,80,09,8f,24,b7,b3,55,

   1a,98,d1,47,16,02,43,61,1c,b9,d5,8f,2a,7b,81,b1,fb,95,22,f8,b3,2c,53,9d,ae,\

"6"=hex:bf,e5,23,7b,b0,66,d6,fc,bc,64,22,fb,7e,d3,39,3e,a3,00,33,13,c0,21,f4,

   51,6c,4e,0c,96,e2,dd,ad,8a,b6,c4,05,e8,5a,bd,9a,e9,d4,1a,3d,68,9d,00,32,20

"7"=hex:3b,e8,2f,01,6c,32,33,d8,e1,d7,f3,f6,0e,0a,fa,46,62,39,09,43,d3,da,73,

   d4,4e,db,d0,f9,b1,fb,0a,f1,d3,99,57,af,7d,98,93,fd,a5,1e,64,b6,5b,35,28,e1,\

"8"=hex:4e,ca,d8,2b,00,91,07,cb,e5,4a,79,1c,34,13,96,23,d7,94,76,0d,ab,15,c7,

   2b,c2,02,7b,d4,4f,57,b3,69

"9"=hex:81,20,8f,ab,28,6a,52,9c

"18"=hex:70,56,26,33,e3,20,f8,ab

"10"=hex:81,20,8f,ab,28,6a,52,9c

"11"=hex:81,20,8f,ab,28,6a,52,9c

"12"=hex:81,20,8f,ab,28,6a,52,9c

"13"=hex:81,20,8f,ab,28,6a,52,9c

"14"=hex:81,20,8f,ab,28,6a,52,9c

"24"=hex:81,20,8f,ab,28,6a,52,9c

"26"=hex:81,20,8f,ab,28,6a,52,9c

"27"=hex:81,20,8f,ab,28,6a,52,9c

"19"=hex:81,20,8f,ab,28,6a,52,9c

"22"=hex:81,20,8f,ab,28,6a,52,9c

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2014-06-17  17:21:14

ComboFix-quarantined-files.txt  2014-06-17 15:21

.

Vor Suchlauf: 15 Verzeichnis(se), 16.654.204.928 Bytes frei

Nach Suchlauf: 27 Verzeichnis(se), 17.442.680.832 Bytes frei

.

- - End Of File - - DD12D8BD0E5B44E80D856D6E8F1522B2

--- --- ---

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

hallo,

mir ist gerade etwas sehr verdächtiges aufgefallen...meine firewall hat eine datei geblockt

http://www.youscreen.de/cnqhmbty08.jpg

die firefox starten wollte...das ziel war eine ip von telefonica.de :balla:

http://www.youscreen.de/uinzzlon88.jpg

Jo, mach trotzdem bitte obiges.