Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Benutzerdienst kann nicht geladen werden bei neuen Benutzern, Syswo64 Ordner öffnet einfach, Ordneransicht geändert (https://www.trojaner-board.de/156603-benutzerdienst-geladen-neuen-benutzern-syswo64-ordner-oeffnet-einfach-ordneransicht-geaendert.html)

Lifebook 18.07.2014 16:28
Benutzerdienst kann nicht geladen werden bei neuen Benutzern, Syswo64 Ordner öffnet einfach, Ordneransicht geändert
 
Hallo liebes Trojaner-Board,

seit einem Scan durch GData CBE Version ging der Benutzerdienst nicht mehr bei neuen Benutzern zu laden bzw. ist es mir zu diesem Zeitpunkt aufgefallen da ich nach dem Scan einen neuen Benutzer angelegt habe und die Ordneransicht war direkt nach dem Scan verändert. Weiterhin öffnet sich nach dem Hochfahren immer der Syswo64-Ordner, hatte einige Programme nach dem Scan deinstalliert.

Das Protokoll von GData
Code:
Virenprüfung mit G Data InternetSecurity CBE
Version 25.0.1.2 (20.03.2014)
Virensignaturen vom 09.07.2014
Startzeit: 10.07.2014 08:57:53
Engine(s): Engine A (AVA 24.3078), Engine B (GD 25.3557)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 10.07.2014 16:12:17
    353676 Dateien überprüft
    5 infizierte Dateien gefunden
    0 verdächtige Dateien gefunden


– Archiv: DTLite4481-0347.exe
    Pfad: C:\Users\Normalbetrieb\Downloads
    Status: Virus, Datei gelöscht
    Virus: NSIS.Application.OpenCandy.B (Engine B)
Objekt: [NSIS].nsi
    In Archiv: C:\Users\Normalbetrieb\Downloads\DTLite4481-0347.exe
    Status: Virus gefunden
    Virus: NSIS.Application.OpenCandy.B

Objekt: WindowsApplication1.exe
    Pfad: D:\softwareentwicklung C# vb java\vb\beispiele_buch_vb_profiwissen\Beispiele\Teil II -Technologien\07 Dateien 1\Praxisbeispiele\01 DirectoryFileInfos\WindowsApplication1\bin\Debug
    Status: Virus entfernt
    Virus: Gen:Variant.Kazy.391648 (Engine A)

Objekt: WindowsApplication1.exe
    Pfad: D:\softwareentwicklung C# vb java\vb\beispiele_buch_vb_profiwissen\Beispiele\Teil II -Technologien\07 Dateien 1\Praxisbeispiele\02 TreeViewDirectory\WindowsApplication1\bin\Debug
    Status: Virus entfernt
    Virus: Gen:Variant.Kazy.391648 (Engine A)

Objekt: WindowsApplication1.exe
    Pfad: D:\softwareentwicklung C# vb java\vb\beispiele_buch_vb_profiwissen\Beispiele\Teil II -Technologien\08 Dateien 2\Kapitel\Textdatei\WindowsApplication1\bin\Debug
    Status: Virus entfernt
    Virus: Gen:Variant.Kazy.391648 (Engine A)

Objekt: WindowsApplication1.exe
    Pfad: D:\softwareentwicklung C# vb java\vb\beispiele_buch_vb_profiwissen\Beispiele\Teil II -Technologien\08 Dateien 2\Kapitel\Textdatei\WindowsApplication1\obj\Debug
    Status: Virus entfernt
    Virus: Gen:Variant.Kazy.391648 (Engine A)

+ Der Zugriff auf die folgenden Dateien wurde verweigert:

+ Die folgenden Dateien sind Passwortgeschützt:
Weil das Problem noch bestand führte ich anschließend einen Scan mit Malewarebytes aus

Code:
<?xml version="1.0" encoding="UTF-8"?>

-<logs>

<record toVersion="2014.7.9.1" name="Rootkit Database" last_modified_tag="c690f849-9bb3-4fe2-b3c8-e17fd90d6072" fromVersion="2014.2.20.1" systemname="LIFEBOOK" username="SYSTEM" type="Update" source="Manual" datetime="2014-07-12T20:58:46.741848+02:00" LoggingEventType="1" severity="debug"/>

<record toVersion="2014.7.12.8" name="Malware Database" last_modified_tag="0cad40d7-dc70-40cf-b2fe-15c08d62fe83" fromVersion="2014.3.4.9" systemname="LIFEBOOK" username="SYSTEM" type="Update" source="Manual" datetime="2014-07-12T21:03:31.998164+02:00" LoggingEventType="1" severity="debug"/>

</logs>
Code:
<?xml version="1.0" encoding="UTF-16"?>

-<mbam-log>


-<header>

<date>2014/07/12 21:04:37 +0200</date>

<logfile>mbam-log-2014-07-12 (21-04-37).xml</logfile>

<isadmin>yes</isadmin>

</header>


-<engine>

<version>2.00.2.1012</version>

<malware-database>v2014.07.12.08</malware-database>

<rootkit-database>v2014.07.09.01</rootkit-database>

<license>free</license>

<file-protection>disabled</file-protection>

<web-protection>disabled</web-protection>

<self-protection>disabled</self-protection>

</engine>


-<system>

<osversion>Windows 7 Service Pack 1</osversion>

<arch>x64</arch>

<username>Admin</username>

<filesys>NTFS</filesys>

</system>


-<summary>

<type>threat</type>

<result>completed</result>

<objects>510350</objects>

<time>4808</time>

<processes>0</processes>

<modules>0</modules>

<keys>5</keys>

<values>0</values>

<datas>0</datas>

<folders>7</folders>

<files>58</files>

<sectors>0</sectors>

</summary>


-<options>

<memory>enabled</memory>

<startup>enabled</startup>

<filesystem>enabled</filesystem>

<archives>enabled</archives>

<rootkits>disabled</rootkits>

<deeprootkit>disabled</deeprootkit>

<heuristics>enabled</heuristics>

<pup>enabled</pup>

<pum>enabled</pum>

</options>


-<items>


-<key>

<path>HKU\S-1-5-21-421537991-447429775-1434680778-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>693f6d316f0c86b0092b8fc544beae52</hash>

</key>


-<key>

<path>HKU\S-1-5-21-421537991-447429775-1434680778-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>693f6d316f0c86b0092b8fc544beae52</hash>

</key>


-<key>

<path>HKU\S-1-5-21-421537991-447429775-1434680778-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7a2ed3cb0576290d33020d4710f20ef2</hash>

</key>


-<key>

<path>HKU\S-1-5-21-421537991-447429775-1434680778-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7a2ed3cb0576290d33020d4710f20ef2</hash>

</key>


-<key>

<path>HKU\S-1-5-21-421537991-447429775-1434680778-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>8f197826b0cbee481b3e943b07fb847c</hash>

</key>


-<folder>

<path>C:\Users\Admin\AppData\Roaming\OpenCandy</path>

<vendor>PUP.Optional.OpenCandy</vendor>

<action>success</action>

<hash>c1e7f8a693e8e2549a209a0307fb28d8</hash>

</folder>


-<folder>

<path>C:\Users\Admin\AppData\Roaming\OpenCandy\30CB64D3184E4762AA1E4B3C5C7CA36C</path>

<vendor>PUP.Optional.OpenCandy</vendor>

<action>success</action>

<hash>c1e7f8a693e8e2549a209a0307fb28d8</hash>

</folder>


-<folder>

<path>C:\Users\Admin\AppData\Roaming\OpenCandy\AF88E6571D824761BB41A5E58A072DD5</path>

<vendor>PUP.Optional.OpenCandy</vendor>

<action>success</action>

<hash>c1e7f8a693e8e2549a209a0307fb28d8</hash>

</folder>


-<folder>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</folder>


-<folder>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</folder>


-<folder>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</folder>


-<folder>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</folder>


-<file>

<path>C:\Users\Admin\AppData\Roaming\OpenCandy\AF88E6571D824761BB41A5E58A072DD5\Setupsft_chr_p1v7.exe</path>

<vendor>PUP.Optional.OpenCandy.A</vendor>

<action>success</action>

<hash>7434316d403bbf77b89c63209e666b95</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\Downloads\SoftonicDownloader_fuer_antiplagiarist.exe</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>65432678166577bf2ff7bb6cb8497b85</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\searchplugins\softonic.xml</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>56523c627407d75f4a20e9e920e2d42c</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\OpenCandy\30CB64D3184E4762AA1E4B3C5C7CA36C\Trial-14.0.1000.89_de-DE_1004732_DE-1.exe</path>

<vendor>PUP.Optional.OpenCandy</vendor>

<action>success</action>

<hash>c1e7f8a693e8e2549a209a0307fb28d8</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>7f29722c90ebb680c3828d18768c4ab6</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>success</action>

<hash>6246524c45362313dc697e2707fb19e7</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.admin", false);</baddata>

<gooddata/>

<hash>ccdcabf37b0065d17f12c705fa0a2ed2</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.aflt", "OC");</baddata>

<gooddata/>

<hash>9216adf14f2c2511e9a838949272ee12</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");</baddata>

<gooddata/>

<hash>06a2f1ad463596a01a7722aa9470c33d</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.autoRvrt", "false");</baddata>

<gooddata/>

<hash>1d8baaf4d1aac76fbdd4d1fb23e1df21</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.dfltLng", "de");</baddata>

<gooddata/>

<hash>14945747bbc0db5b7120e4e828dca25e</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.dfltSrch", true);</baddata>

<gooddata/>

<hash>3771ecb2ec8fa591118016b6d72de41c</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.dnsErr", true);</baddata>

<gooddata/>

<hash>7e2a316daecd74c2a0f110bcf90b57a9</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.excTlbr", false);</baddata>

<gooddata/>

<hash>3d6b3b63ceadd0666f22fecebc4838c8</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.ffxUnstlRst", false);</baddata>

<gooddata/>

<hash>4f59fba3a1da003688090ac2eb197c84</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.hmpg", true);</baddata>

<gooddata/>

<hash>1e8a6d31611af1457d14666650b4a858</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=c850cda40000000000007ae9d31451ae");</baddata>

<gooddata/>

<hash>6e3ad1cd1467e74f365ba725cd37c739</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.id", "c850cda40000000000007ae9d31451ae");</baddata>

<gooddata/>

<hash>b6f2b6e883f836003958814b4eb63bc5</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.instlDay", "16023");</baddata>

<gooddata/>

<hash>7e2a8519d3a87abca4eddcf01be944bc</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.instlRef", "MOY00621");</baddata>

<gooddata/>

<hash>604856482556a98d9bf63b91ae56ab55</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.newTab", true);</baddata>

<gooddata/>

<hash>08a08915bfbcad89c3ce0cc0a4609070</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=c850cda40000000000007ae9d31451ae");</baddata>

<gooddata/>

<hash>80281e80b1ca2115c9c8913b3cc8fa06</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.prdct", "Softonic");</baddata>

<gooddata/>

<hash>693f1d812b50ff37880993396e961be5</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.prtnrId", "softonic");</baddata>

<gooddata/>

<hash>8721900e34474ee82c65f2da7c883bc5</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.rvrt", "false");</baddata>

<gooddata/>

<hash>3177b3eb582369cdf39ee6e65ca8d12f</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.smplGrp", "none");</baddata>

<gooddata/>

<hash>e6c20599fa811b1b751cc4088b79956b</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");</baddata>

<gooddata/>

<hash>13952b73cfac2f0778193b9113f1639d</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.tlbrId", "opencandy2013");</baddata>

<gooddata/>

<hash>4e5abbe3bac100360d8439936b99b14f</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=c850cda40000000000007ae9d31451ae&q=");</baddata>

<gooddata/>

<hash>7b2d465899e21a1c375a4e7e857f5ea2</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.vrsn", "1.8.21.14");</baddata>

<gooddata/>

<hash>9315425c5328ed49b6dba9238480cd33</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:29:56");</baddata>

<gooddata/>

<hash>4464f1ad8cef24122170e3e9ec18f010</hash>

</file>


-<file>

<path>C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js</path>

<vendor>PUP.Optional.Softonic.A</vendor>

<action>replaced</action>

<baddata>user_pref("extensions.Softonic.vrsni", "1.8.21.14");</baddata>

<gooddata/>

<hash>3771623c67142511850c993330d4ed13</hash>

</file>

</items>

</mbam-log>
Nach Malewarbytes machte ich einen Scan mit Avira Rescue welcher keine Bedrohung gefunden hat.

Weiterhin habe ich heute einen Scan mit Farbar Recovery gemacht (siehe Anhang).

Ein Scan mit GMER konnte leider nicht ausgeführt werden. Der PC startet nach einer Weile einfach neu.

Ich hoffe es hat jemand einen Tipp für mich was ich noch machen kann und ob es ein Virus oder Malware sein könnte bezüglich der Datensicherung.

Für Hilfe bin ich sehr dankbar.

schrauber 18.07.2014 16:37
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Lifebook 18.07.2014 18:36
Hallo,

danke für den Hinweis mit der Verteilung auf mehrere Post's.

Addition von Farbar Recovery:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Normalbetrieb at 2014-07-18 09:49:28
Running from C:\Users\Normalbetrieb\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

 Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Atmel USB (HKLM-x32\...\{E8F8861D-98E0-43FF-9E48-AC236CC3BE4E}) (Version: 10.6 - Atmel)
AutoIt v3.3.8.1 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.14 - CSR Plc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.4003 - CDBurnerXP)
Cerberus (x32 Version: 8.0 - Adapted Solutions) Hidden
Cerberus (x32 Version: 9.0 - Adapted Solutions) Hidden
Cerberus 8.0 (HKLM-x32\...\Cerberus 8.0) (Version: 8.0 - Adapted Solutions)
Cerberus 9.0 (HKLM-x32\...\Cerberus 9.0) (Version: 9.0 - Adapted Solutions)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.02040 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.02040 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{341FFD7F-3127-466D-88F7-CE4DE78A48F1}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{341FFD7F-3127-466D-88F7-CE4DE78A48F1}) (Version:  - Microsoft)
DeskUpdate (HKLM-x32\...\DeskUpdate_is1) (Version: 4.14.0118 - Fujitsu Technology Solutions)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
Enterprise Architect 10 (HKLM-x32\...\{CC98E8B3-FAAA-4D09-A813-A44C9FA1A3EE}) (Version: 10.00.1007.14 - Sparx Systems)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{AFA4B0BF-3289-495A-B949-BA91F39B1A44}) (Version: 11.1.21009.00 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Flat Trader (HKCU\...\InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}) (Version: 2.38.56.7.2.1 - FX Flat)
Flat Trader (x32 Version: 2.38.56.7.2.1 - FX Flat) Hidden
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Fujitsu Display Manager (HKLM-x32\...\InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}) (Version:  - )
Fujitsu Display Manager (Version: 7.01.00.210 - Ihr Firmenname) Hidden
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (HKLM-x32\...\InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}) (Version:  - )
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000 - Ihr Firmenname) Hidden
Fujitsu System Extension Utility (HKLM-x32\...\InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}) (Version:  - )
Fujitsu System Extension Utility (Version: 3.1.1.0 - FUJITSU LIMITED) Hidden
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
GTS  (HKLM-x32\...\{B734ED5C-25BD-4F00-8DAF-F1A0860310E8}) (Version: 1.00.17 - vwd AG)
Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2890573) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2529927) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2548139) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2549864) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2890573) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2890573) (Version: 1 - Microsoft Corporation)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2025 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
JLink OB CDC Driver Package (HKLM\...\{CD0E9FFE-70DD-47E3-A7A5-750E9DE6F40B}) (Version: 1.2.1 - SEGGER)
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LifeBook Application Panel (HKLM-x32\...\InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}) (Version:  - )
LifeBook Application Panel (Version: 8.1.0.0 - FUJITSU LIMITED) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Access 2013 (HKLM-x32\...\Office15.AccessR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Access 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising SDK for Windows Phone - DEU (HKLM-x32\...\{1B97BB75-7EBB-4F0D-845F-9A63E8CA72C4}) (Version: 5.2.819.0 - Microsoft Corporation)
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - DEU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - DEU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.0 (x32 Version: 15.0.516.14 - Microsoft Corporation) Hidden
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{B006B9E9-41DD-4479-9177-3743A53B7735}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.30816.0) (Version: 4.0.30816.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (x32 Version: 4.0.30816.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{B2D1A01F-82CC-4025-B539-FE62D11C8EC8}) (Version: 1.0.20817.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20621.0 - Microsoft Corporation) Hidden
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{B0682940-6FFB-4850-80BA-B2FEF0D64BA8}) (Version: 2.0.20621.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{1762BA00-6EBE-4430-9FBB-16F516B4A46D}) (Version: 2.0.20901.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone OS 7.1 (HKLM-x32\...\{0688DA81-103D-4FEA-B953-FC8F0915A8E2}) (Version: 2.0.30816.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.0 ToolsRes - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch für Visual Studio 2013 CoreRes - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.0 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools für Microsoft Visual Studio (x64) - DEU Sprachpaket (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On für Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools für Visual Studio DEU Sprachpaket (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM-x32\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM-x32\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0D432429-C79C-462D-ABD8-4D82B83A954B}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visio MUI (German) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio Professional 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Visual Basic Power Packs 3.0 (HKLM-x32\...\{7B4D193B-D76D-308B-8B12-5D9BB1CBCE6C}) (Version: 9.0.30214 - Microsoft)
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{95A2AD24-BD44-3E39-A31F-CE928276577E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{681F4E9F-34E0-36BD-BF2C-100554E403A5}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express for Windows Phone 7.1 - DEU (x32 Version: 10.1.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Professional - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Leistungserfassungstools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{3ea69e8e-ae6e-445b-bc1d-809ecb789ec4}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{2e8b5d3e-04b1-40c7-ade4-487d5357ba8c}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Developer Tools 2013 - Visual Studio 2013 - deu (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft Web Developer Tools 2013 - Visual Studio 2013 (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Refresh (ARP entry) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Refresh (HKLM-x32\...\XNA Game Studio 4.0) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 Refresh (Redists) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Refresh (Shared Components) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Refresh (Visual Studio) (x32 Version: 4.0.30901.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Refresh Language Pack (de-DE) (HKLM-x32\...\{3A089FFA-C018-4E47-8CE9-6A82731E0E3A}) (Version: 4.0.30912.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{89690B51-2E21-4E93-914E-F9CAC5B24A84}) (Version: 1.4.0.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.8 - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.211.0 - Tracker Software Products Ltd)
Plugfree NETWORK (HKLM\...\{7BA64D21-EE46-4a9a-8145-52B0175C3F86}) (Version: 5.3.0.1 - FUJITSU LIMITED)
Plugfree NETWORK (Version: 5.3.001 - FUJITSU LIMITED) Hidden
Portunus 5.2 (HKLM-x32\...\Portunus 5.2 5.2.6) (Version: 5.2.6 - Adapted Solutions)
Portunus 5.2 (x32 Version: 5.2.6 - Adapted Solutions) Hidden
Portunus 6.1 (HKLM-x32\...\Portunus 6.1 6.1.0) (Version: 6.1.0 - Adapted Solutions)
Portunus 6.1 (x32 Version: 6.1.0 - Adapted Solutions) Hidden
Power Saving Utility (HKLM-x32\...\InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}) (Version:  - )
Power Saving Utility (Version: 31.01.11.013 - FUJITSU LIMITED) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30087 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Secure Download Manager (HKLM-x32\...\{E98D115E-D621-4723-8AF0-147BADA9A466}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2645410) (Version: 1 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sparx Systems Keystore Service (HKLM-x32\...\{F2043888-7783-4936-9B63-3B33FDB9EC4D}) (Version: 2.0.0.10 - Sparx Systems Pty Ltd)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2880475) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.AccessR_{830E5E0C-B48A-4FBE-83BE-28418740DED5}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2880475) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{830E5E0C-B48A-4FBE-83BE-28418740DED5}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2880980) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.AccessR_{A10C00F8-0A83-4A74-86C5-3D0F9879E101}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2880980) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{A10C00F8-0A83-4A74-86C5-3D0F9879E101}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.AccessR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PRJPROR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PRJPROR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.AccessR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.AccessR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.AccessR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880476) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{DDF64A37-8E32-406E-A94C-9F5B03661A21}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2880480) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.AccessR_{7655E7AA-268C-4F74-AC05-8D56F75C664A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2880480) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{7655E7AA-268C-4F74-AC05-8D56F75C664A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2880480) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.AccessR_{7655E7AA-268C-4F74-AC05-8D56F75C664A}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2880480) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0407-1000-0000000FF1CE}_Office15.VISPROR_{7655E7AA-268C-4F74-AC05-8D56F75C664A}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.AccessR_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 32-Bit Edition (HKLM-x32\...\{90150000-0054-0407-0000-0000000FF1CE}_Office15.VISPROR_{6D8F4981-88A1-4386-8B3C-A51021FD8395}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2837632) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{6D8F4981-88A1-4386-8B3C-A51021FD8395}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.AccessR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0407-0000-0000000FF1CE}_Office15.VISPROR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0015-0000-0000-0000000FF1CE}_Office15.AccessR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Visual C++ Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-9A47-7777FBE60C9F}) (Version: 10.00.800.228 - Nuance Communications Inc.)
Visual F# 3.1 SDK (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 SDK Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual F# 3.1 VS Language Pack - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2013 Prerequisites - DEU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services SDK for Windows Phone (HKLM-x32\...\{6F33C2E2-5E02-4344-90BC-ED55C48341D2}) (Version: 4.7.6.0 - Microsoft Corporation)
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Wichtiges Update für Microsoft Visual Studio 2010 Professional - DEU (KB2938807) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2938807) (Version: 1 - Microsoft Corporation)
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools für Visual Studio 2013 Preview Language Pack - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Azure Tools für LightSwitch für Visual Studio 2013 - $(var.OOBPublishVersion) (DEU) (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Windows Phone Emulator x64 - DEU (HKLM\...\{EAF1B5AF-AAA8-3EC4-8D4C-7595B70E9760}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Add-in for Visual Studio 2010 - DEU (HKLM-x32\...\{57577803-E361-32E2-B33D-ADCE7016AFFF}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Assemblies - deu (HKLM-x32\...\{3F75341E-8E48-3E06-9569-D2DCCB931253}) (Version: 10.0.40219 - Microsoft Corporation)
Windows Phone SDK 7.1 Extensions for XNA Game Studio 4.0 (HKLM-x32\...\{A4CC18F6-DB05-4B03-B724-4128322FA85F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Windows Runtime Intellisense Content - de-de (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Segger (jlink_ob_x64) USB  (03/13/2012 2.6.6.2) (HKLM\...\6D4C34D12E9233ABADF9D04ADF9E288A7ECF3B5B) (Version: 03/13/2012 2.6.6.2 - Segger)
Windows-Treiberpaket - SEGGER (usbser) Ports  (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-421537991-447429775-1434680778-1001.job => C:\Users\Normalbetrieb\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000Core.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000UA.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001Core.job => C:\Users\Normalbetrieb\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001UA.job => C:\Users\Normalbetrieb\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\temp:0FF263E8
AlternateDataStreams: C:\ProgramData\temp:F35A93AD

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2014 01:32:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Lifebook)
Description: Sie konnten nicht angemeldet werden, da das lokal gespeicherte Profil nicht geladen werden konnte. Überprüfen Sie, ob eine Netzwerkverbindung besteht und das Netzwerk ordnungsgemäß funktioniert.

 Details - Nur ein Teil der ReadProcessMemory- oder WriteProcessMemory-Anforderung wurde abgeschlossen.

Error: (07/13/2014 01:32:05 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lifebook)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (07/13/2014 01:19:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: cdbxpp.exe, Version: 4.5.1.4003, Zeitstempel: 0x5174b5e8
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ce753
ID des fehlerhaften Prozesses: 0x7744
Startzeit der fehlerhaften Anwendung: 0xcdbxpp.exe0
Pfad der fehlerhaften Anwendung: cdbxpp.exe1
Pfad des fehlerhaften Moduls: cdbxpp.exe2
Berichtskennung: cdbxpp.exe3

Error: (07/12/2014 11:08:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: Lifebook)
Description: Sie konnten nicht angemeldet werden, da das lokal gespeicherte Profil nicht geladen werden konnte. Überprüfen Sie, ob eine Netzwerkverbindung besteht und das Netzwerk ordnungsgemäß funktioniert.

 Details - Nur ein Teil der ReadProcessMemory- oder WriteProcessMemory-Anforderung wurde abgeschlossen.

Error: (07/12/2014 11:08:22 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Lifebook)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (07/12/2014 08:54:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: )
Description: Sie konnten nicht angemeldet werden, da das lokal gespeicherte Profil nicht geladen werden konnte. Überprüfen Sie, ob eine Netzwerkverbindung besteht und das Netzwerk ordnungsgemäß funktioniert.

 Details - Nur ein Teil der ReadProcessMemory- oder WriteProcessMemory-Anforderung wurde abgeschlossen.

Error: (07/12/2014 08:54:13 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: )
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (07/12/2014 00:09:34 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/12/2014 10:12:02 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1500) (User: )
Description: Sie konnten nicht angemeldet werden, da das lokal gespeicherte Profil nicht geladen werden konnte. Überprüfen Sie, ob eine Netzwerkverbindung besteht und das Netzwerk ordnungsgemäß funktioniert.

 Details - Nur ein Teil der ReadProcessMemory- oder WriteProcessMemory-Anforderung wurde abgeschlossen.

Error: (07/12/2014 10:12:01 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: )
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.


System errors:
=============
Error: (07/18/2014 09:34:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/17/2014 02:25:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/17/2014 01:12:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/13/2014 02:50:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/13/2014 01:33:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/13/2014 01:31:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎07.‎2014 um 13:29:09 unerwartet heruntergefahren.

Error: (07/13/2014 10:22:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/12/2014 11:08:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/12/2014 08:50:39 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (07/12/2014 08:45:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================
Error: (10/13/2013 09:42:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 234 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (10/13/2013 09:36:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 82 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (10/13/2013 09:26:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/13/2013 09:25:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 49 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/13/2013 09:24:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 104 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/13/2013 09:22:20 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 139 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (05/28/2013 01:03:41 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 3395 seconds with 120 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Percentage of memory in use: 32%
Total physical RAM: 7988.55 MB
Available physical RAM: 5369.12 MB
Total Pagefile: 15975.29 MB
Available Pagefile: 13164.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:270.35 GB) (Free:153.27 GB) NTFS
Drive d: () (Fixed) (Total:195.31 GB) (Free:158.29 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================

Lifebook 18.07.2014 18:37
FRST von Farbar Recovery:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01
Ran by Normalbetrieb (ATTENTION: The logged in user is not administrator) on LIFEBOOK on 18-07-2014 09:55:27
Running from C:\Users\Normalbetrieb\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\Normalbetrieb\AppData\Local\Google\Update\GoogleUpdate.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] => C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-23] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [BthSyncServ] => "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [LoadFUJ02E3] => C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [701872 2013-01-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
HKU\S-1-5-21-421537991-447429775-1434680778-1001\...\Run: [Google Update] => C:\Users\Normalbetrieb\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-22] (Google Inc.)
HKU\S-1-5-21-421537991-447429775-1434680778-1001\...\MountPoints2: {36274d64-4d04-11e3-a88c-e0ca94af503e} - G:\SETUP.EXE
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0B7927443F4FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Normalbetrieb\AppData\Roaming\Mozilla\Firefox\Profiles\6x1p8acs.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin - C:\Users\Normalbetrieb\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Normalbetrieb\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Normalbetrieb\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-04]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-03-08]

Chrome:
=======
CHR StartupUrls: "hxxp://www.wellenreiter-invest.de/CoT/web/sp.coms.price.htm", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=8941848&timeSpan=SE&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=31.12.1969&toDate=30.05.2011&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=#timeSpan=5Y&e&", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=325104&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=12.09.2007&toDate=11.09.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=324977&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=12.09.2007&toDate=11.09.2012&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=324913&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=20735&timeSpan=SE&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=29.12.1987&toDate=30.05.2011&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=#timeSpan=5Y&e&", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=324933&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=1918069&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=30.05.2006&toDate=30.05.2011&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=324965&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=30.05.2006&toDate=30.05.2011&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=7385442&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=8384722&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=#timeSpan=5Y&e&", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=8313419&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=8313421&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=8313426&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=14.03.2007&toDate=13.03.2012&interactivequotes=true&useFixAverage=true&fixAverage0=0&fixAverage1=200&freeAverage0=&freeAverage1=&freeAverage2=&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=92866&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=12.09.2007&toDate=11.09.2012&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=1555183&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=12.09.2007&toDate=11.09.2012&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=324911&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=12.09.2007&toDate=11.09.2012&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.comdirect.de/inf/indizes/detail/chart_big.html?ID_NOTATION=324912&timeSpan=5Y&chartType=CONNECTLINE&openerPageId=indizes.detail.chart.middle&BRANCHEN_FILTER=false&ID_NOTATION_INDEX=&fromDate=12.09.2007&toDate=11.09.2012&interactivequotes=true&fixAverage0=0&fixAverage1=0&useFixAverage=false&freeAverage0=&freeAverage1=&freeAverage2=220&chartIndicator=&indicatorsBelowChart=VOLUME&indicatorsBelowChart=", "hxxp://www.finanzen.net/ifo/"
CHR Plugin: (Shockwave Flash) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Google Update) - C:\Users\Normalbetrieb\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22]
CHR Extension: (Google Drive) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-22]
CHR Extension: (YouTube) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22]
CHR Extension: (Google-Suche) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22]
CHR Extension: (Session Manager) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghenlmbmjcpehccoangkdpagbcbkdpc [2013-08-14]
CHR Extension: (Google Wallet) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-11]
CHR Extension: (Google Mail) - C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-03-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-23] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 Sparx Keystore; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [435712 2012-04-26] () [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [File not signed]
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-05] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-05-05] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-05-05] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-05-05] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-05] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-05-05] (G Data Software AG)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-18 09:55 - 2014-07-18 09:55 - 00030631 _____ () C:\Users\Normalbetrieb\Downloads\FRST.txt
2014-07-18 09:49 - 2014-07-18 09:49 - 00080847 _____ () C:\Users\Normalbetrieb\Downloads\Addition.txt
2014-07-18 09:47 - 2014-07-18 09:55 - 00000000 ____D () C:\FRST
2014-07-18 09:46 - 2014-07-18 09:46 - 00000472 _____ () C:\Users\Normalbetrieb\Downloads\defogger_disable.log
2014-07-18 09:46 - 2014-07-18 09:46 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-07-18 09:45 - 2014-07-18 09:45 - 02086912 _____ (Farbar) C:\Users\Normalbetrieb\Downloads\FRST64.exe
2014-07-18 09:45 - 2014-07-18 09:45 - 00380416 _____ () C:\Users\Normalbetrieb\Downloads\Gmer-19357.exe
2014-07-18 09:44 - 2014-07-18 09:44 - 00050477 _____ () C:\Users\Normalbetrieb\Downloads\Defogger.exe
2014-07-17 13:50 - 2014-07-17 13:50 - 00000000 ____D () C:\wiederherstellung
2014-07-17 13:27 - 2014-07-17 14:23 - 00000000 ____D () C:\Program Files\Recuva
2014-07-17 13:27 - 2014-07-17 13:27 - 00001658 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-17 13:27 - 2014-07-17 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-07-17 13:19 - 2014-07-17 13:20 - 03161056 _____ (Piriform Ltd) C:\Users\Normalbetrieb\Downloads\rcsetup151_slim.exe
2014-07-13 14:18 - 2014-07-13 14:18 - 02086912 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-13 14:02 - 2014-07-13 14:02 - 00011387 _____ () C:\Users\Admin\Downloads\hijackthis.log
2014-07-13 13:56 - 2014-07-13 14:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HiJackThis204.exe
2014-07-13 13:53 - 2014-07-13 14:24 - 00000000 ____D () C:\Users\Admin\Desktop\Mutti
2014-07-13 00:32 - 2014-07-13 01:02 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-07-12 20:56 - 2014-07-12 21:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 20:55 - 2014-07-12 20:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-12 20:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-12 20:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-12 20:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-12 12:03 - 2014-07-12 12:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Normalbetrieb\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-12 11:50 - 2014-07-12 11:55 - 00011291 _____ () C:\Users\Normalbetrieb\Downloads\hijackthis.log
2014-07-12 11:50 - 2014-07-12 11:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Normalbetrieb\Downloads\HiJackThis204.exe
2014-07-11 23:55 - 2014-07-11 23:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-07-11 23:52 - 2014-07-11 23:52 - 00007980 _____ () C:\Users\Admin\Desktop\Windows-Kompatibilitätsbericht.htm
2014-07-11 23:25 - 2014-07-11 23:55 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-07-11 23:25 - 2014-07-11 23:55 - 00001908 _____ () C:\Windows\diagerr.xml
2014-07-11 15:56 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\TEMP
2014-07-11 15:43 - 2014-07-11 15:43 - 00653824 _____ () C:\Users\Admin\Downloads\MicrosoftFixit50446.msi
2014-07-11 13:00 - 2014-07-13 13:56 - 00000000 ____D () C:\Users\Admin\Documents\Citavi 4
2014-07-11 13:00 - 2014-07-11 13:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Swiss Academic Software
2014-07-11 13:00 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FLEXnet
2014-07-11 11:15 - 2014-07-11 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-11 11:15 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 11:15 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 11:15 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 11:15 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-11 11:14 - 2014-07-11 11:15 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-11 11:08 - 2014-07-11 11:08 - 00918952 _____ (Oracle Corporation) C:\Users\Normalbetrieb\Downloads\jxpiinstall(2).exe
2014-07-09 18:33 - 2014-07-09 18:33 - 00000832 _____ () C:\Users\Normalbetrieb\AppData\Local\recently-used.xbel
2014-07-08 12:53 - 2014-07-08 12:53 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Microsoft FxCop
2014-06-28 15:32 - 2014-06-28 15:32 - 00002799 _____ () C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.5.lnk
2014-06-28 15:32 - 2014-06-28 15:32 - 00002787 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Dragon NaturallySpeaking 12.5.lnk
2014-06-28 15:32 - 2014-06-28 15:32 - 00001866 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2014-06-28 15:32 - 2014-06-28 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.5
2014-06-28 15:23 - 2014-06-28 15:23 - 00000000 ____D () C:\ProgramData\Macrovision
2014-06-28 15:23 - 2014-06-28 15:23 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-06-28 15:23 - 2014-06-28 15:23 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-06-18 08:15 - 2014-06-18 08:15 - 00137982 _____ () C:\Users\Normalbetrieb\Downloads\HashMyFiles-2.02.zip
2014-06-18 08:15 - 2014-06-18 08:15 - 00000000 ____D () C:\Users\Normalbetrieb\Downloads\HashMyFiles-2.02
2014-06-18 07:47 - 2014-06-18 07:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-07-18 09:55 - 2014-07-18 09:55 - 00030631 _____ () C:\Users\Normalbetrieb\Downloads\FRST.txt
2014-07-18 09:55 - 2014-07-18 09:47 - 00000000 ____D () C:\FRST
2014-07-18 09:49 - 2014-07-18 09:49 - 00080847 _____ () C:\Users\Normalbetrieb\Downloads\Addition.txt
2014-07-18 09:46 - 2014-07-18 09:46 - 00000472 _____ () C:\Users\Normalbetrieb\Downloads\defogger_disable.log
2014-07-18 09:46 - 2014-07-18 09:46 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-07-18 09:46 - 2013-03-11 12:35 - 00000000 ____D () C:\Users\Admin
2014-07-18 09:46 - 2013-03-11 12:30 - 01708984 _____ () C:\Windows\WindowsUpdate.log
2014-07-18 09:45 - 2014-07-18 09:45 - 02086912 _____ (Farbar) C:\Users\Normalbetrieb\Downloads\FRST64.exe
2014-07-18 09:45 - 2014-07-18 09:45 - 00380416 _____ () C:\Users\Normalbetrieb\Downloads\Gmer-19357.exe
2014-07-18 09:44 - 2014-07-18 09:44 - 00050477 _____ () C:\Users\Normalbetrieb\Downloads\Defogger.exe
2014-07-18 09:39 - 2009-07-14 06:45 - 00016896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-18 09:39 - 2009-07-14 06:45 - 00016896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-18 09:35 - 2013-05-01 10:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-18 09:33 - 2014-02-18 18:56 - 00000610 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-421537991-447429775-1434680778-1001.job
2014-07-18 09:33 - 2013-12-18 20:02 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Local\TSVNCache
2014-07-18 09:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-18 09:32 - 2009-07-14 06:51 - 00001701 _____ () C:\Windows\setupact.log
2014-07-17 14:28 - 2013-04-10 15:32 - 00000000 ____D () C:\Users\Normalbetrieb\Documents\Visual Studio 2010
2014-07-17 14:23 - 2014-07-17 13:27 - 00000000 ____D () C:\Program Files\Recuva
2014-07-17 14:22 - 2013-03-11 13:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000UA.job
2014-07-17 13:50 - 2014-07-17 13:50 - 00000000 ____D () C:\wiederherstellung
2014-07-17 13:27 - 2014-07-17 13:27 - 00001658 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-17 13:27 - 2014-07-17 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-07-17 13:20 - 2014-07-17 13:19 - 03161056 _____ (Piriform Ltd) C:\Users\Normalbetrieb\Downloads\rcsetup151_slim.exe
2014-07-17 13:15 - 2009-07-14 19:58 - 00767586 _____ () C:\Windows\system32\perfh007.dat
2014-07-17 13:15 - 2009-07-14 19:58 - 00175824 _____ () C:\Windows\system32\perfc007.dat
2014-07-17 13:15 - 2009-07-14 07:13 - 01807538 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 14:25 - 2014-02-28 16:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\TSVNCache
2014-07-13 14:24 - 2014-07-13 13:53 - 00000000 ____D () C:\Users\Admin\Desktop\Mutti
2014-07-13 14:18 - 2014-07-13 14:18 - 02086912 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-13 14:03 - 2013-03-22 16:29 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001UA.job
2014-07-13 14:02 - 2014-07-13 14:02 - 00011387 _____ () C:\Users\Admin\Downloads\hijackthis.log
2014-07-13 14:01 - 2014-07-13 13:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HiJackThis204.exe
2014-07-13 13:56 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\Documents\Citavi 4
2014-07-13 01:02 - 2014-07-13 00:32 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-07-12 23:05 - 2013-03-14 09:32 - 00673798 _____ () C:\Windows\PFRO.log
2014-07-12 22:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-12 21:04 - 2014-07-12 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 20:55 - 2014-07-12 20:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-12 12:09 - 2014-07-12 12:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Normalbetrieb\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-12 11:55 - 2014-07-12 11:50 - 00011291 _____ () C:\Users\Normalbetrieb\Downloads\hijackthis.log
2014-07-12 11:50 - 2014-07-12 11:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Normalbetrieb\Downloads\HiJackThis204.exe
2014-07-12 01:15 - 2013-06-23 11:15 - 00000000 ___RD () C:\Users\Normalbetrieb\Google Drive
2014-07-12 00:33 - 2013-03-14 09:34 - 00123920 _____ () C:\Users\Normalbetrieb\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-11 23:55 - 2014-07-11 23:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-07-11 23:55 - 2014-07-11 23:25 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-07-11 23:55 - 2014-07-11 23:25 - 00001908 _____ () C:\Windows\diagerr.xml
2014-07-11 23:52 - 2014-07-11 23:52 - 00007980 _____ () C:\Users\Admin\Desktop\Windows-Kompatibilitätsbericht.htm
2014-07-11 23:45 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-11 23:22 - 2013-03-11 13:00 - 00123920 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-11 20:22 - 2009-07-14 06:45 - 00490928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 15:56 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\TEMP
2014-07-11 15:47 - 2013-03-11 12:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 15:47 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-11 15:43 - 2014-07-11 15:43 - 00653824 _____ () C:\Users\Admin\Downloads\MicrosoftFixit50446.msi
2014-07-11 15:29 - 2014-06-17 18:40 - 00000000 ____D () C:\Program Files (x86)\AntiPlagiarist
2014-07-11 15:25 - 2013-03-11 13:25 - 00002356 _____ () C:\Users\Admin\Desktop\Google Chrome.lnk
2014-07-11 15:24 - 2013-11-18 14:44 - 00000000 ____D () C:\Program Files (x86)\xamp
2014-07-11 15:21 - 2013-03-11 13:23 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000Core.job
2014-07-11 15:17 - 2013-03-14 18:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-11 13:49 - 2014-06-04 21:44 - 00000000 ____D () C:\Users\Normalbetrieb\Documents\Citavi 4
2014-07-11 13:01 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Swiss Academic Software
2014-07-11 13:00 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FLEXnet
2014-07-11 13:00 - 2013-11-23 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nuance
2014-07-11 12:59 - 2013-11-18 16:57 - 00000000 ___RD () C:\Users\Admin\Podcasts
2014-07-11 11:16 - 2014-01-20 21:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-11 11:15 - 2014-07-11 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-11 11:15 - 2014-07-11 11:14 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-11 11:15 - 2013-08-06 20:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-11 11:13 - 2013-04-02 23:04 - 00000000 ____D () C:\Program Files\Java
2014-07-11 11:08 - 2014-07-11 11:08 - 00918952 _____ (Oracle Corporation) C:\Users\Normalbetrieb\Downloads\jxpiinstall(2).exe
2014-07-09 19:24 - 2013-04-30 20:06 - 00000000 ____D () C:\Users\Normalbetrieb\.gimp-2.8
2014-07-09 18:33 - 2014-07-09 18:33 - 00000832 _____ () C:\Users\Normalbetrieb\AppData\Local\recently-used.xbel
2014-07-09 18:02 - 2013-03-22 16:29 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001Core.job
2014-07-09 09:44 - 2014-06-04 21:44 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Swiss Academic Software
2014-07-08 20:35 - 2013-05-01 10:25 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:35 - 2013-05-01 10:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 12:53 - 2014-07-08 12:53 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Microsoft FxCop
2014-07-08 08:56 - 2013-11-14 14:43 - 00000000 ____D () C:\Users\Normalbetrieb\Documents\Visual Studio 2013
2014-07-07 10:56 - 2013-05-01 01:53 - 00000000 ____D () C:\ProgramData\temp
2014-07-07 10:15 - 2013-11-23 12:59 - 00001515 _____ () C:\Users\Normalbetrieb\AppData\Roaming\SAS7_000.DAT
2014-07-04 10:15 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-02 07:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-28 16:00 - 2013-11-23 12:39 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Nuance
2014-06-28 15:46 - 2013-06-23 11:00 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-28 15:32 - 2014-06-28 15:32 - 00002799 _____ () C:\Users\Public\Desktop\Dragon NaturallySpeaking 12.5.lnk
2014-06-28 15:32 - 2014-06-28 15:32 - 00002787 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Dragon NaturallySpeaking 12.5.lnk
2014-06-28 15:32 - 2014-06-28 15:32 - 00001866 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2014-06-28 15:32 - 2014-06-28 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 12.5
2014-06-28 15:23 - 2014-06-28 15:23 - 00000000 ____D () C:\ProgramData\Macrovision
2014-06-28 15:23 - 2014-06-28 15:23 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-06-28 15:23 - 2014-06-28 15:23 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-06-28 15:23 - 2013-11-23 11:43 - 00000000 ____D () C:\ProgramData\Nuance
2014-06-28 15:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2014-06-20 08:18 - 2013-03-14 16:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-18 08:15 - 2014-06-18 08:15 - 00137982 _____ () C:\Users\Normalbetrieb\Downloads\HashMyFiles-2.02.zip
2014-06-18 08:15 - 2014-06-18 08:15 - 00000000 ____D () C:\Users\Normalbetrieb\Downloads\HashMyFiles-2.02
2014-06-18 07:47 - 2014-06-18 07:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\uninstall.exe
C:\Users\Normalbetrieb\AppData\Local\Temp\CH.dll
C:\Users\Normalbetrieb\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Normalbetrieb\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Normalbetrieb\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

schrauber 19.07.2014 20:17
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Lifebook 21.07.2014 15:56
Hallo,

anbei die ComboFix.txt

Code:
Combofix Logfile:

       
Code:

       
ComboFix 14-07-20.02 - Admin 21.07.2014  14:41:38.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.7989.5963 [GMT 2:00]
ausgeführt von:: c:\users\Normalbetrieb\Downloads\ComboFix.exe
AV: G Data InternetSecurity CBE *Disabled/Updated* {545C8713-0744-B079-87F8-349A6D5C8CF0}
FW: G Data Personal Firewall *Disabled* {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
SP: G Data InternetSecurity CBE *Disabled/Updated* {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Normalbetrieb\AppData\Local\assembly\tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-06-21 bis 2014-07-21  ))))))))))))))))))))))))))))))
.
.
2014-07-21 13:14 . 2014-07-21 13:14        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-07-21 12:56 . 2014-07-21 12:56        --------        d-----w-        c:\users\Gast\AppData\Local\temp
2014-07-21 12:56 . 2014-07-21 12:56        --------        d-----w-        c:\users\Admin\AppData\Local\temp
2014-07-18 07:47 . 2014-07-18 07:55        --------        d-----w-        C:\FRST
2014-07-17 11:50 . 2014-07-17 11:50        --------        d-----w-        C:\wiederherstellung
2014-07-17 11:27 . 2014-07-17 12:23        --------        d-----w-        c:\program files\Recuva
2014-07-12 22:32 . 2014-07-12 23:02        --------        d---a-w-        C:\Kaspersky Rescue Disk 10.0
2014-07-12 18:56 . 2014-07-18 14:47        122584        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-12 18:55 . 2014-05-12 05:26        63704        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-07-12 18:55 . 2014-05-12 05:26        91352        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-07-12 18:55 . 2014-05-12 05:25        25816        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-07-12 18:55 . 2014-07-12 18:55        --------        d-----w-        c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-12 18:55 . 2014-07-12 18:55        --------        d-----w-        c:\programdata\Malwarebytes
2014-07-11 21:55 . 2014-07-11 21:55        --------        d-----w-        c:\users\Admin\AppData\Roaming\Canneverbe Limited
2014-07-11 13:56 . 2014-07-11 13:56        --------        d-----w-        c:\users\TEMP
2014-07-11 11:00 . 2014-07-21 12:45        75888        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E2B521E2-1892-4575-826E-21E693EB1556}\offreg.dll
2014-07-11 11:00 . 2014-07-11 11:00        --------        d-----w-        c:\users\Admin\AppData\Roaming\FLEXnet
2014-07-11 11:00 . 2014-07-11 11:01        --------        d-----w-        c:\users\Admin\AppData\Roaming\Swiss Academic Software
2014-07-11 09:15 . 2014-07-11 09:15        --------        d-----w-        c:\program files (x86)\Common Files\Java
2014-07-11 09:15 . 2014-05-07 13:02        98216        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-08 10:53 . 2014-07-08 10:53        --------        d-----w-        c:\users\Normalbetrieb\AppData\Roaming\Microsoft FxCop
2014-06-28 13:29 . 2014-06-28 13:29        --------        d-----w-        c:\program files (x86)\Common Files\IVA
2014-06-28 13:29 . 2014-06-28 13:29        --------        d-----w-        c:\program files (x86)\Common Files\Nuance
2014-06-28 13:23 . 2014-06-28 13:23        --------        d-----w-        c:\programdata\Macrovision
2014-06-28 13:23 . 2014-06-28 13:23        --------        d-----w-        c:\programdata\FLEXnet
2014-06-28 13:23 . 2014-06-28 13:23        --------        d-----w-        c:\program files (x86)\Nuance
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-08 18:35 . 2013-05-01 08:25        71344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 18:35 . 2013-05-01 08:25        699056        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-15 08:55 . 2013-03-11 12:44        2355936        ----a-w-        c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
2014-05-15 08:55 . 2013-11-28 13:50        2397632        ----a-w-        c:\programdata\Microsoft\VisualStudio\10.0\1031\ResourceCache.dll
2014-05-15 08:31 . 2013-04-05 11:14        93223848        ----a-w-        c:\windows\system32\MRT.exe
2014-05-09 06:14 . 2014-05-14 05:41        477184        ----a-w-        c:\windows\system32\aepdu.dll
2014-05-09 06:11 . 2014-05-14 05:41        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-05-05 07:39 . 2014-05-05 07:39        18160        ----a-w-        c:\windows\system32\drivers\GdPhyMem.sys
2014-05-05 07:39 . 2014-05-05 07:39        106272        ----a-w-        c:\windows\system32\drivers\GRD.sys
2014-05-05 06:34 . 2014-05-05 06:34        68608        ----a-w-        c:\windows\system32\drivers\PktIcpt.sys
2014-05-05 06:34 . 2014-05-05 06:34        64000        ----a-w-        c:\windows\system32\drivers\gdwfpcd64.sys
2014-05-05 06:33 . 2014-05-05 06:33        65024        ----a-w-        c:\windows\system32\drivers\HookCentre.sys
2014-05-05 06:33 . 2014-05-05 06:33        57344        ----a-w-        c:\windows\system32\drivers\GDBehave.sys
2014-05-05 06:33 . 2014-05-05 06:33        135168        ----a-w-        c:\windows\system32\drivers\MiniIcpt.sys
2014-04-30 23:20 . 2014-05-23 05:55        10702536        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{E2B521E2-1892-4575-826E-21E693EB1556}\mpengine.dll
2013-11-27 19:12 . 2013-11-27 19:12        7377952        ----a-w-        c:\program files\autoit.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2011-10-12 2068856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"DeskUpdateNotifier"="c:\program files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe" [2013-02-26 102968]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2009-10-09 47976]
"LoadFUJ02E3"="c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe" [2009-10-08 36712]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2013-01-24 701872]
"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2013-12-19 1724728]
"G Data ASM"="c:\program files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" [2013-12-19 431224]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\\isuspm.exe" [2011-10-12 2068856]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" [2010-10-27 328992]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 ALSysIO;ALSysIO;c:\users\Admin\AppData\Local\Temp\ALSysIO64.sys;c:\users\Admin\AppData\Local\Temp\ALSysIO64.sys [x]
R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 RsFx0103;RsFx0103 Driver;c:\windows\system32\DRIVERS\RsFx0103.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0103.sys [x]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE;c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [x]
S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys;c:\windows\SYSNATIVE\drivers\GDBehave.sys [x]
S1 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys;c:\windows\SYSNATIVE\drivers\MiniIcpt.sys [x]
S1 gdwfpcd;G Data WFP CD;c:\windows\system32\drivers\gdwfpcd64.sys;c:\windows\SYSNATIVE\drivers\gdwfpcd64.sys [x]
S1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys;c:\windows\SYSNATIVE\drivers\GRD.sys [x]
S1 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys;c:\windows\SYSNATIVE\drivers\HookCentre.sys [x]
S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe;c:\program files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [x]
S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [x]
S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [x]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [x]
S2 PFNService;PFNService;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe;c:\program files\Fujitsu\Plugfree NETWORK\PFNService.exe [x]
S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe;c:\program files\Fujitsu\PSUtility\PSUService.exe [x]
S2 Sparx Keystore;Sparx Systems Keystore Service;c:\program files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe;c:\program files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VFPRadioSupportService;Unterstützung für Bluetooth-Funktionen;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys;c:\windows\SYSNATIVE\DRIVERS\FUJ02E3.sys [x]
S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [x]
S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x]
S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe;c:\program files (x86)\Common Files\G Data\GDScan\GDScan.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-07-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-01 18:35]
.
2014-07-21 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-421537991-447429775-1434680778-1001.job
- c:\users\Normalbetrieb\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-07 10:28]
.
2014-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000Core.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-11 11:23]
.
2014-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000UA.job
- c:\users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-11 11:23]
.
2014-07-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001Core.job
- c:\users\Normalbetrieb\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-22 14:29]
.
2014-07-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001UA.job
- c:\users\Normalbetrieb\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-22 14:29]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-04-08 12:22        2333400        ----a-w-        c:\progra~1\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-04-08 12:22        2333400        ----a-w-        c:\progra~1\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-04-08 12:22        2333400        ----a-w-        c:\progra~1\MICROS~4\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 09:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-01-12 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-01-12 390680]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-01-12 410136]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-28 8312352]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2009-10-15 157544]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2009-10-15 35176]
"PSUTility"="c:\program files\Fujitsu\PSUtility\TrayManager.exe" [2009-07-30 188264]
"PfNet"="c:\program files\Fujitsu\Plugfree NETWORK\PfNet.exe" [2010-06-23 6310912]
"FDM7"="c:\program files\Fujitsu\FDM7\FdmDaemon.exe" [2009-11-26 164712]
"ConMgr"="c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe" [2009-12-24 535440]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2009-09-03 767312]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: &Citavi Picker... - file://c:\program files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=c850cda40000000000007ae9d31451ae&q=
FF - user.js: extensions.Softonic.id - c850cda40000000000007ae9d31451ae
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16023
FF - user.js: extensions.Softonic.vrsn - 1.8.21.14
FF - user.js: extensions.Softonic.vrsni - 1.8.21.14
FF - user.js: extensions.Softonic.vrsnTs - 1.8.21.1411:29
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - OC
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - opencandy2013
FF - user.js: extensions.Softonic.instlRef - MOY00621
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=c850cda40000000000007ae9d31451ae
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=c850cda40000000000007ae9d31451ae
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-BthSyncServ - c:\program files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}]
@DACL=(02 0000)
@="Dropbox Autoplay COM Server"
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{0F9285DF-3511-4FE6-A587-CD8F61A121CA}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}]
@Class="REG_SZ"
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{699A646B-C61E-4C36-A253-620E4EBD294C}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}]
@DACL=(02 0000)
@="GoToMeeting Outlook COM Addin"
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}]
@Class="REG_SZ"
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{C9E37353-EC76-4A58-B575-BBA8B4BD06D1}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-421537991-447429775-1434680778-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}]
@Class="REG_SZ"
@DACL=(02 0000)
@="PSFactoryBuffer"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.9"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]
@Denied: (A 2) (Everyone)
@="IFlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-07-21  16:24:07
ComboFix-quarantined-files.txt  2014-07-21 14:24
.
Vor Suchlauf: 11 Verzeichnis(se), 163.113.013.248 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 178.717.745.152 Bytes frei
.
- - End Of File - - 62970D6FDDCC4F26C45525650015A39A

--- --- ---

schrauber 22.07.2014 10:50
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Lifebook 01.08.2014 18:56
Hallo anbei die gewünschten Logs

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 24.07.2014
Suchlauf-Zeit: 20:31:44
Logdatei: Malwarebytes.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.24.05
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Admin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 463701
Verstrichene Zeit: 20 Min, 13 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 26
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), Ersetzt,[59fcd4cf2358c571b297ba27f212af51]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.aflt", "OC");), Ersetzt,[2e278221b7c437ffb9903aa7857f0bf5]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");), Ersetzt,[aaabbfe44c2fc17591b8b62bec18c937]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.autoRvrt", "false");), Ersetzt,[391c2083e7949f97ae9b954c9b6924dc]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltLng", "de");), Ersetzt,[85d0049f5f1c62d47ccdf4ed669ed62a]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltSrch", true);), Ersetzt,[fa5ba4ff0f6ccd6987c20ed341c3d52b]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dnsErr", true);), Ersetzt,[a2b3b0f355260a2c97b202dfb94bcf31]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.excTlbr", false);), Ersetzt,[fb5a8a19205b2c0ad5746e73c73dbb45]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.ffxUnstlRst", false);), Ersetzt,[c49131721b607db9cb7e9f4251b32ad6]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpg", true);), Ersetzt,[56ff20835f1c1e183e0b8f5245bf3cc4]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=c850cda40000000000007ae9d31451ae");), Ersetzt,[8ec7f9aa9ae1dd597ecb8e536f95d927]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.id", "c850cda40000000000007ae9d31451ae");), Ersetzt,[fa5b4360ceade84ec5843da41be923dd]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlDay", "16023");), Ersetzt,[a5b09e05b1caf73ff059ebf602022ad6]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlRef", "MOY00621");), Ersetzt,[4c09f4af0378251193b6c71ab351946c]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTab", true);), Ersetzt,[35204b58354687afb3967f62de2605fb]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=c850cda40000000000007ae9d31451ae");), Ersetzt,[3124efb4d5a694a280c9a53c57ade11f]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prdct", "Softonic");), Ersetzt,[361f376c1f5c0531e46536ab15ef4fb1]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prtnrId", "softonic");), Ersetzt,[8ec78c1703787cba50f92ab71ce8629e]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.rvrt", "false");), Ersetzt,[203580232d4e78be1c2d27bac93b05fb]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.smplGrp", "none");), Ersetzt,[d085683b4e2da1958ebbe6fbf90b6997]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");), Ersetzt,[2a2b5c47621962d4f95031b0e61e6898]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrId", "opencandy2013");), Ersetzt,[76dfa9fa007b63d360e9db06a55f659b]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=c850cda40000000000007ae9d31451ae&q=");), Ersetzt,[0e476f3435464bebf65315cc5aaa639d]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsn", "1.8.21.14");), Ersetzt,[e0754c57eb9005310148ad34dc28a65a]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:29:56");), Ersetzt,[0d48980ba7d4c86e58f161807f8508f8]
PUP.Optional.Softonic.A, C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsni", "1.8.21.14");), Ersetzt,[c4918b18bbc0d36331189b469c68f10f]

Physische Sektoren: 0
(No malicious items detected)


(end)

AdwCleaner Logfile:
Code:
# AdwCleaner v3.216 - Bericht erstellt am 24/07/2014 um 21:49:12
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - LIFEBOOK
# Gestartet von : D:\adwcleaner_3.216.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js ]

Zeile gefunden : user_pref("extensions.Softonic.admin", false);
Zeile gefunden : user_pref("extensions.Softonic.aflt", "OC");
Zeile gefunden : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gefunden : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gefunden : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gefunden : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gefunden : user_pref("extensions.Softonic.dnsErr", true);
Zeile gefunden : user_pref("extensions.Softonic.excTlbr", false);
Zeile gefunden : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gefunden : user_pref("extensions.Softonic.hmpg", true);
Zeile gefunden : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=c850cda40000000000007ae9d31451ae");
Zeile gefunden : user_pref("extensions.Softonic.id", "c850cda40000000000007ae9d31451ae");
Zeile gefunden : user_pref("extensions.Softonic.instlDay", "16023");
Zeile gefunden : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gefunden : user_pref("extensions.Softonic.newTab", true);
Zeile gefunden : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=c850cda40000000000007ae9d31451ae");
Zeile gefunden : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gefunden : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gefunden : user_pref("extensions.Softonic.rvrt", "false");
Zeile gefunden : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gefunden : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gefunden : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gefunden : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=c850cda40000000000007ae9d31451ae&q=");
Zeile gefunden : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gefunden : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:29:56");
Zeile gefunden : user_pref("extensions.Softonic.vrsni", "1.8.21.14");

[ Datei : C:\Users\Normalbetrieb\AppData\Roaming\Mozilla\Firefox\Profiles\6x1p8acs.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Homepage] : hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=c850cda40000000000007ae9d31451ae
Gefunden [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gefunden [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
Gefunden [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gefunden [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gefunden [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gefunden [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gefunden [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ Datei : C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Extension] : elchiiiejkobdbblfejjkbphbddgmljf

*************************

AdwCleaner[R0].txt - [3886 octets] - [24/07/2014 21:49:12]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3946 octets] ##########
--- --- ---



AdwCleaner Logfile:
Code:
# AdwCleaner v3.216 - Bericht erstellt am 24/07/2014 um 21:53:00
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Admin - LIFEBOOK
# Gestartet von : D:\adwcleaner_3.216.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.Softonic.admin", false);
Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");
Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);
Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);
Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);
Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=c850cda40000000000007ae9d31451ae");
Zeile gelöscht : user_pref("extensions.Softonic.id", "c850cda40000000000007ae9d31451ae");
Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16023");
Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");
Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);
Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=c850cda40000000000007ae9d31451ae");
Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");
Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");
Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=c850cda40000000000007ae9d31451ae&q=");
Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");
Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1411:29:56");
Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");

[ Datei : C:\Users\Normalbetrieb\AppData\Roaming\Mozilla\Firefox\Profiles\6x1p8acs.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Homepage] : hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=c850cda40000000000007ae9d31451ae
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ Datei : C:\Users\Normalbetrieb\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : elchiiiejkobdbblfejjkbphbddgmljf

*************************

AdwCleaner[R0].txt - [4026 octets] - [24/07/2014 21:49:12]
AdwCleaner[S0].txt - [3947 octets] - [24/07/2014 21:53:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4007 octets] ##########
--- --- ---


Junkware:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Admin on 24.07.2014 at 22:08:22,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{2A833E63-E1D2-4DEF-9295-DF49566E59F4}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Admin\AppData\Roaming\mozilla\firefox\profiles\z5v6mdtc.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.07.2014 at 22:26:15,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und ein frisches FRST


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Admin (administrator) on LIFEBOOK on 01-08-2014 19:27:51
Running from C:\Users\Admin\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
() C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [188264 2009-07-30] (FUJITSU LIMITED)
HKLM\...\Run: [PfNet] => C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe [6310912 2010-06-23] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] => C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-11-26] (FUJITSU LIMITED)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535440 2009-12-24] (CSR, plc)
HKLM\...\Run: [BthSyncServ] => "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [LoadFUJ02E3] => C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-10-08] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [701872 2013-01-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [431224 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-421537991-447429775-1434680778-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Normalbetrieb\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll No File
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5CE903454A1ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\z5v6mdtc.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Admin\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-04]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-03-08]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=c850cda40000000000007ae9d31451ae"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=c850cda40000000000007ae9d31451ae
CHR Plugin: (Shockwave Flash) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Admin\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll No File
CHR Plugin: (Google Update) - C:\Users\Admin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-11]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2013-03-11]
CHR Extension: (Virtuelle Tastatur) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2013-03-11]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-11]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-03-08]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [330240 2010-06-23] (FUJITSU LIMITED) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63336 2009-07-30] (FUJITSU LIMITED)
R2 Sparx Keystore; C:\Program Files (x86)\Sparx Systems\Keystore\Service\KeystoreService.exe [435712 2012-04-26] () [File not signed]
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [File not signed]
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145840 2009-12-24] (CSR, plc)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-05-05] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [135168 2014-05-05] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [68608 2014-05-05] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-05-05] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-05] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65024 2014-05-05] (G Data Software AG)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [254976 2010-08-31] (Jungo)
S3 ALSysIO; \??\C:\Users\Admin\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 19:27 - 2014-08-01 19:27 - 00024447 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-08-01 19:26 - 2014-08-01 19:27 - 02094080 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-07-24 22:26 - 2014-07-24 22:26 - 00001107 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-24 22:08 - 2014-07-24 22:08 - 00000000 ____D () C:\Windows\ERUNT
2014-07-24 22:06 - 2014-07-24 22:06 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-07-24 22:04 - 2014-07-24 22:04 - 01110476 _____ () C:\Users\Admin\Downloads\7z920.exe
2014-07-24 22:04 - 2014-07-24 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-24 22:04 - 2014-07-24 22:04 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-24 21:49 - 2014-07-24 21:53 - 00000000 ____D () C:\AdwCleaner
2014-07-21 16:24 - 2014-07-21 16:24 - 00031643 _____ () C:\ComboFix.txt
2014-07-21 14:37 - 2014-07-21 16:24 - 00000000 ____D () C:\Qoobox
2014-07-21 14:37 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-21 14:37 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-21 14:37 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-21 14:37 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-21 14:37 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-21 14:37 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-21 14:37 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-21 14:37 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-21 14:35 - 2014-07-21 15:33 - 00000000 ____D () C:\Windows\erdnt
2014-07-21 13:22 - 2014-07-21 13:24 - 05561612 ____R (Swearware) C:\Users\Normalbetrieb\Downloads\ComboFix.exe
2014-07-18 16:44 - 2014-07-18 16:44 - 00000000 ____D () C:\Users\Normalbetrieb\Desktop\trojaner board
2014-07-18 10:48 - 2014-07-18 10:49 - 00276928 _____ () C:\Windows\Minidump\071814-20982-01.dmp
2014-07-18 10:33 - 2014-07-18 10:48 - 727644308 _____ () C:\Windows\MEMORY.DMP
2014-07-18 10:33 - 2014-07-18 10:48 - 00000000 ____D () C:\Windows\Minidump
2014-07-18 10:33 - 2014-07-18 10:33 - 00276928 _____ () C:\Windows\Minidump\071814-22042-01.dmp
2014-07-18 09:55 - 2014-07-18 09:58 - 00048503 _____ () C:\Users\Normalbetrieb\Downloads\FRST.txt
2014-07-18 09:49 - 2014-07-18 09:49 - 00080847 _____ () C:\Users\Normalbetrieb\Downloads\Addition.txt
2014-07-18 09:47 - 2014-08-01 19:27 - 00000000 ____D () C:\FRST
2014-07-18 09:46 - 2014-07-18 09:46 - 00000472 _____ () C:\Users\Normalbetrieb\Downloads\defogger_disable.log
2014-07-18 09:46 - 2014-07-18 09:46 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-07-18 09:45 - 2014-07-18 09:45 - 02086912 _____ (Farbar) C:\Users\Normalbetrieb\Downloads\FRST64.exe
2014-07-18 09:45 - 2014-07-18 09:45 - 00380416 _____ () C:\Users\Normalbetrieb\Downloads\Gmer-19357.exe
2014-07-18 09:44 - 2014-07-18 09:44 - 00050477 _____ () C:\Users\Normalbetrieb\Downloads\Defogger.exe
2014-07-17 13:50 - 2014-07-17 13:50 - 00000000 ____D () C:\wiederherstellung
2014-07-17 13:27 - 2014-07-17 14:23 - 00000000 ____D () C:\Program Files\Recuva
2014-07-17 13:27 - 2014-07-17 13:27 - 00001658 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-17 13:27 - 2014-07-17 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-07-17 13:19 - 2014-07-17 13:20 - 03161056 _____ (Piriform Ltd) C:\Users\Normalbetrieb\Downloads\rcsetup151_slim.exe
2014-07-13 14:02 - 2014-07-13 14:02 - 00011387 _____ () C:\Users\Admin\Downloads\hijackthis.log
2014-07-13 13:56 - 2014-07-13 14:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HiJackThis204.exe
2014-07-13 13:53 - 2014-07-13 14:24 - 00000000 ____D () C:\Users\Admin\Desktop\Mutti
2014-07-13 00:32 - 2014-07-13 01:02 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-07-12 20:56 - 2014-07-24 20:31 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-12 20:55 - 2014-07-12 20:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-12 20:55 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-12 20:55 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-12 20:55 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-12 12:03 - 2014-07-12 12:09 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Normalbetrieb\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-12 11:50 - 2014-07-12 11:55 - 00011291 _____ () C:\Users\Normalbetrieb\Downloads\hijackthis.log
2014-07-12 11:50 - 2014-07-12 11:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Normalbetrieb\Downloads\HiJackThis204.exe
2014-07-11 23:55 - 2014-07-11 23:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-07-11 23:52 - 2014-07-11 23:52 - 00007980 _____ () C:\Users\Admin\Desktop\Windows-Kompatibilitätsbericht.htm
2014-07-11 23:25 - 2014-07-11 23:55 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-07-11 23:25 - 2014-07-11 23:55 - 00001908 _____ () C:\Windows\diagerr.xml
2014-07-11 15:56 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\TEMP
2014-07-11 15:43 - 2014-07-11 15:43 - 00653824 _____ () C:\Users\Admin\Downloads\MicrosoftFixit50446.msi
2014-07-11 13:00 - 2014-07-13 13:56 - 00000000 ____D () C:\Users\Admin\Documents\Citavi 4
2014-07-11 13:00 - 2014-07-11 13:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Swiss Academic Software
2014-07-11 13:00 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FLEXnet
2014-07-11 11:15 - 2014-07-11 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-11 11:15 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 11:15 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 11:15 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 11:15 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-11 11:14 - 2014-07-11 11:15 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-11 11:08 - 2014-07-11 11:08 - 00918952 _____ (Oracle Corporation) C:\Users\Normalbetrieb\Downloads\jxpiinstall(2).exe
2014-07-09 18:33 - 2014-07-09 18:33 - 00000832 _____ () C:\Users\Normalbetrieb\AppData\Local\recently-used.xbel
2014-07-08 12:53 - 2014-07-08 12:53 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Microsoft FxCop

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-01 19:28 - 2014-08-01 19:27 - 00024447 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-08-01 19:27 - 2014-08-01 19:26 - 02094080 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-08-01 19:27 - 2014-07-18 09:47 - 00000000 ____D () C:\FRST
2014-08-01 19:22 - 2014-02-28 16:26 - 00000000 ____D () C:\Users\Admin\AppData\Local\TSVNCache
2014-08-01 19:22 - 2013-03-11 13:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000UA.job
2014-08-01 19:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 19:21 - 2009-07-14 06:51 - 00002317 _____ () C:\Windows\setupact.log
2014-07-24 22:41 - 2013-03-11 12:30 - 01900521 _____ () C:\Windows\WindowsUpdate.log
2014-07-24 22:35 - 2013-05-01 10:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-24 22:33 - 2014-02-18 18:56 - 00000610 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-421537991-447429775-1434680778-1001.job
2014-07-24 22:26 - 2014-07-24 22:26 - 00001107 _____ () C:\Users\Admin\Desktop\JRT.txt
2014-07-24 22:08 - 2014-07-24 22:08 - 00000000 ____D () C:\Windows\ERUNT
2014-07-24 22:06 - 2014-07-24 22:06 - 01016261 _____ (Thisisu) C:\Users\Admin\Downloads\JRT.exe
2014-07-24 22:04 - 2014-07-24 22:04 - 01110476 _____ () C:\Users\Admin\Downloads\7z920.exe
2014-07-24 22:04 - 2014-07-24 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-24 22:04 - 2014-07-24 22:04 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-07-24 22:03 - 2013-03-22 16:29 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001UA.job
2014-07-24 22:03 - 2009-07-14 06:45 - 00016896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-24 22:03 - 2009-07-14 06:45 - 00016896 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-24 21:55 - 2013-03-14 09:32 - 00674660 _____ () C:\Windows\PFRO.log
2014-07-24 21:53 - 2014-07-24 21:49 - 00000000 ____D () C:\AdwCleaner
2014-07-24 20:31 - 2014-07-12 20:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 17:37 - 2013-12-18 20:02 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Local\TSVNCache
2014-07-21 17:03 - 2013-03-22 16:29 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1001Core.job
2014-07-21 16:24 - 2014-07-21 16:24 - 00031643 _____ () C:\ComboFix.txt
2014-07-21 16:24 - 2014-07-21 14:37 - 00000000 ____D () C:\Qoobox
2014-07-21 16:24 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-07-21 15:33 - 2014-07-21 14:35 - 00000000 ____D () C:\Windows\erdnt
2014-07-21 15:32 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-21 15:21 - 2013-03-11 13:23 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000Core.job
2014-07-21 13:24 - 2014-07-21 13:22 - 05561612 ____R (Swearware) C:\Users\Normalbetrieb\Downloads\ComboFix.exe
2014-07-18 16:44 - 2014-07-18 16:44 - 00000000 ____D () C:\Users\Normalbetrieb\Desktop\trojaner board
2014-07-18 10:49 - 2014-07-18 10:48 - 00276928 _____ () C:\Windows\Minidump\071814-20982-01.dmp
2014-07-18 10:48 - 2014-07-18 10:33 - 727644308 _____ () C:\Windows\MEMORY.DMP
2014-07-18 10:48 - 2014-07-18 10:33 - 00000000 ____D () C:\Windows\Minidump
2014-07-18 10:33 - 2014-07-18 10:33 - 00276928 _____ () C:\Windows\Minidump\071814-22042-01.dmp
2014-07-18 09:58 - 2014-07-18 09:55 - 00048503 _____ () C:\Users\Normalbetrieb\Downloads\FRST.txt
2014-07-18 09:49 - 2014-07-18 09:49 - 00080847 _____ () C:\Users\Normalbetrieb\Downloads\Addition.txt
2014-07-18 09:46 - 2014-07-18 09:46 - 00000472 _____ () C:\Users\Normalbetrieb\Downloads\defogger_disable.log
2014-07-18 09:46 - 2014-07-18 09:46 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2014-07-18 09:46 - 2013-03-11 12:35 - 00000000 ____D () C:\Users\Admin
2014-07-18 09:45 - 2014-07-18 09:45 - 02086912 _____ (Farbar) C:\Users\Normalbetrieb\Downloads\FRST64.exe
2014-07-18 09:45 - 2014-07-18 09:45 - 00380416 _____ () C:\Users\Normalbetrieb\Downloads\Gmer-19357.exe
2014-07-18 09:44 - 2014-07-18 09:44 - 00050477 _____ () C:\Users\Normalbetrieb\Downloads\Defogger.exe
2014-07-17 14:28 - 2013-04-10 15:32 - 00000000 ____D () C:\Users\Normalbetrieb\Documents\Visual Studio 2010
2014-07-17 14:23 - 2014-07-17 13:27 - 00000000 ____D () C:\Program Files\Recuva
2014-07-17 13:50 - 2014-07-17 13:50 - 00000000 ____D () C:\wiederherstellung
2014-07-17 13:27 - 2014-07-17 13:27 - 00001658 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-17 13:27 - 2014-07-17 13:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-07-17 13:20 - 2014-07-17 13:19 - 03161056 _____ (Piriform Ltd) C:\Users\Normalbetrieb\Downloads\rcsetup151_slim.exe
2014-07-17 13:15 - 2009-07-14 19:58 - 00767586 _____ () C:\Windows\system32\perfh007.dat
2014-07-17 13:15 - 2009-07-14 19:58 - 00175824 _____ () C:\Windows\system32\perfc007.dat
2014-07-17 13:15 - 2009-07-14 07:13 - 01807538 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-13 14:24 - 2014-07-13 13:53 - 00000000 ____D () C:\Users\Admin\Desktop\Mutti
2014-07-13 14:02 - 2014-07-13 14:02 - 00011387 _____ () C:\Users\Admin\Downloads\hijackthis.log
2014-07-13 14:01 - 2014-07-13 13:56 - 00388608 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HiJackThis204.exe
2014-07-13 13:56 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\Documents\Citavi 4
2014-07-13 01:02 - 2014-07-13 00:32 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-07-12 22:28 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-12 22:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-07-12 20:55 - 2014-07-12 20:55 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 20:55 - 2014-07-12 20:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-12 12:09 - 2014-07-12 12:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Normalbetrieb\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-12 11:55 - 2014-07-12 11:50 - 00011291 _____ () C:\Users\Normalbetrieb\Downloads\hijackthis.log
2014-07-12 11:50 - 2014-07-12 11:50 - 00388608 _____ (Trend Micro Inc.) C:\Users\Normalbetrieb\Downloads\HiJackThis204.exe
2014-07-12 01:15 - 2013-06-23 11:15 - 00000000 ___RD () C:\Users\Normalbetrieb\Google Drive
2014-07-12 00:33 - 2013-03-14 09:34 - 00123920 _____ () C:\Users\Normalbetrieb\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-11 23:55 - 2014-07-11 23:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Canneverbe Limited
2014-07-11 23:55 - 2014-07-11 23:25 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-07-11 23:55 - 2014-07-11 23:25 - 00001908 _____ () C:\Windows\diagerr.xml
2014-07-11 23:52 - 2014-07-11 23:52 - 00007980 _____ () C:\Users\Admin\Desktop\Windows-Kompatibilitätsbericht.htm
2014-07-11 23:45 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-11 23:22 - 2013-03-11 13:00 - 00123920 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-11 20:22 - 2009-07-14 06:45 - 00490928 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 15:56 - 2014-07-11 15:56 - 00000000 ____D () C:\Users\TEMP
2014-07-11 15:47 - 2013-03-11 12:45 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 15:47 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-11 15:43 - 2014-07-11 15:43 - 00653824 _____ () C:\Users\Admin\Downloads\MicrosoftFixit50446.msi
2014-07-11 15:29 - 2014-06-17 18:40 - 00000000 ____D () C:\Program Files (x86)\AntiPlagiarist
2014-07-11 15:25 - 2013-03-11 13:25 - 00002356 _____ () C:\Users\Admin\Desktop\Google Chrome.lnk
2014-07-11 15:24 - 2013-11-18 14:44 - 00000000 ____D () C:\Program Files (x86)\xamp
2014-07-11 15:17 - 2013-03-14 18:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-07-11 15:17 - 2013-03-11 13:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000UA
2014-07-11 15:17 - 2013-03-11 13:23 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-421537991-447429775-1434680778-1000Core
2014-07-11 13:49 - 2014-06-04 21:44 - 00000000 ____D () C:\Users\Normalbetrieb\Documents\Citavi 4
2014-07-11 13:01 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Swiss Academic Software
2014-07-11 13:00 - 2014-07-11 13:00 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\FLEXnet
2014-07-11 13:00 - 2013-11-23 12:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Nuance
2014-07-11 12:59 - 2013-11-18 16:57 - 00000000 ___RD () C:\Users\Admin\Podcasts
2014-07-11 11:16 - 2014-01-20 21:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-11 11:15 - 2014-07-11 11:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-11 11:15 - 2014-07-11 11:14 - 00004471 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-07-11 11:15 - 2013-08-06 20:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-11 11:13 - 2013-04-02 23:04 - 00000000 ____D () C:\Program Files\Java
2014-07-11 11:08 - 2014-07-11 11:08 - 00918952 _____ (Oracle Corporation) C:\Users\Normalbetrieb\Downloads\jxpiinstall(2).exe
2014-07-09 19:24 - 2013-04-30 20:06 - 00000000 ____D () C:\Users\Normalbetrieb\.gimp-2.8
2014-07-09 18:33 - 2014-07-09 18:33 - 00000832 _____ () C:\Users\Normalbetrieb\AppData\Local\recently-used.xbel
2014-07-09 09:44 - 2014-06-04 21:44 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Swiss Academic Software
2014-07-08 20:35 - 2013-05-01 10:25 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-08 20:35 - 2013-05-01 10:25 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 20:35 - 2013-05-01 10:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 12:53 - 2014-07-08 12:53 - 00000000 ____D () C:\Users\Normalbetrieb\AppData\Roaming\Microsoft FxCop
2014-07-08 08:56 - 2013-11-14 14:43 - 00000000 ____D () C:\Users\Normalbetrieb\Documents\Visual Studio 2013
2014-07-07 12:28 - 2014-02-18 18:56 - 00003652 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-421537991-447429775-1434680778-1001
2014-07-07 11:42 - 2013-03-11 12:42 - 00000000 ____D () C:\Windows\System32\Tasks\Fujitsu
2014-07-07 10:56 - 2013-05-01 01:53 - 00000000 ____D () C:\ProgramData\temp
2014-07-07 10:15 - 2013-11-23 12:59 - 00001515 _____ () C:\Users\Normalbetrieb\AppData\Roaming\SAS7_000.DAT
2014-07-04 10:15 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-02 07:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\temp\Quarantine.exe
C:\Users\Admin\AppData\Local\temp\{94619019-831C-492D-B5AF-E486D73B8534}-36.0.1985.125_35.0.1916.153_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-21 13:41

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---



Die Log-Files liegen zwar zeitlich auseinander, der PC wurde aber in der Zwischenzeit nicht betrieben und die Files wurden direkt nacheinander erzeugt.

Der Syswo64 Ordner öffnet sich nun nicht mehr von alleine. Neue Benutzerkonten gehen nicht zu laden.

schrauber 02.08.2014 20:12
Zitat:
Neue Benutzerkonten gehen nicht zu laden.
Geht das genauer? :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:06 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131