| asparagus | 20.08.2013 11:58 |
Massenemails über meinen Account, Trojaner oder Virus auf dem Rechner?
Hallo zusammen!
Ich habe leider ein recht mühseliges, zumindest für mich, Problem.
Ich bekam am Samstag eine automatisiere Mail von T-Online, dass mein Account Massen-E-Mails versendet und daher gesperrt wurde. In der Mail wurde darauf hingewiesen, dass ich den Account wieder freischalten kann, davor aber meinen Rechner gründlich auf Viren, Trojaner, etc. untersuchen müsste und dann sämtliche Passwörter (am Besten auf einem anderen, völlig virenfreien Rechner) ändern müsste.
Ich habe die Mails, deren Zustellungsfehlermeldungen ich erhielt (ca. 3.500!) bis auf die erste und letzte Mail gelöscht und mich dann auf die Suche nach Trojanern oder Viren gemacht.
Sollte noch erwähnen, dass bei mir GData-Antivirus im Hintergrund läuft und weder Viren noch sonstige Schädlinge bis jetzt gemeldet hat. Virensignaturen und Progamm wird bei dem ersten Hinweis immer gleich aktualisiert, bzw. Virensignaturen werden automatisch alle Stunde geladen. - Zuerst habe ich mit Malwarebytes Anti-Malware auf die Suche begeben und einen vollständigen Suchlauf gemacht ...
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Datenbank Version: v2013.08.19.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
RA :: RA-PC [Administrator]
19.08.2013 16:45:53
MBAM-log-2013-08-20 (01-05-03).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|O:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P
Deaktivierte Suchlaufeinstellungen:
Durchsuchte Objekte: 1285058
Laufzeit: 7 Stunde(n), 52 Minute(n), 11 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 1
O:\[[ LAUFWERKE ]]\[[ PROGRAMME ]]\PDF Password Remover v3.0\pdfdecrypt.exe (PUP.PDFPasswordRemover) -> Keine Aktion durchgeführt.
(Ende)
Die gefundene Datei habe ich samt Ordner, also PDF Password Remover v3.0 direkt gelöscht. (Drag&Drop mit gedrückter SHIFT-Taste auf den Papierkorb) Der Spaß hat schon fast 8 Stunden gedauert, alleine das finde ich schon total ermüdend... :-)
- Danach habe ich SUPERAntiSpywarePro drüberlaufen lassen, hier wurden 12 Cookies gefunden, die ich gelöscht habe. Leider habe ich davon kein Log, oder wird das irgendwo automatisch noch gespeichert?
- Dann habe ich eben noch den Trojan Remover 6.8.8 laufen lassen, der mir nur 2 Dateien Adobe CS5 Updater und Adobe CS6 Updater genannt hat, die ich ebenfalls wieder händisch gelöscht habe, da die beiden Programmversionen gar nicht mehr installiert sind.
- Danach habe ich eben, wie von euch hier angegeben, Random's System Information Tool laufen lassen, mit folgenden zwei Logs
log.txt
RSIT Logfile:
Code:
Logfile of random's system information tool 1.09 (written by random/random)
Run by RA at 2013-08-20 12:09:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 115 GB (38%) free of 305 GB
Total RAM: 4094 MB (40% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:09:33, on 20.08.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16660)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe
C:\Program Files (x86)\Trojan Remover\Rmvtrjan.exe
C:\Users\RA\Desktop\Scan\2\RSIT.exe
C:\Program Files (x86)\trend micro\RA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O2 - BHO: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [G Data ASM] "C:\Program Files (x86)\G Data\AntiVirus\DelayLoader\AutorunDelayLoader.exe" /autostart
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe /boot
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [FMCore.exe] "C:\Program Files (x86)\Extensis\Suitcase Fusion 3\FMCore.exe" -standalone
O4 - HKCU\..\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe"
O4 - HKCU\..\Run: [iFunBoxConnector] "C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe"
O4 - HKCU\..\Run: [AirVideoServer] C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\RA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: Dropbox.lnk = RA\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: EvernoteTray.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
O4 - Global Startup: FreeStyle Auto-Assist.lnk = C:\Program Files (x86)\Abbott Diabetes Care\FreeStyle Auto-Assist\BGTrayApp.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Auswahl speichern - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=3
O8 - Extra context menu item: Bild ausschneiden - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=4
O8 - Extra context menu item: Diese Seite ausschneiden - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=1
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Neue Notiz - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\NewNote.html
O8 - Extra context menu item: URL notieren - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\Clip.html?clipAction=0
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G Data AntiVirus Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G Data Scheduler (AVKService) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe
O23 - Service: G Data Dateisystem Wächter (AVKWCtl) - G Data Software AG - C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DisplayFusionService - Binary Fortress Software - C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: G Data Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wacom Professional Service (WTabletServicePro) - Wacom Technology, Corp. - C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
--
End of file - 13764 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task ad271f93-4c21-4f84-9b12-b59263a2a0bb.job
=========Mozilla firefox=========
ProfilePath - C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\yqgjc3vf.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "www.google.de|hxxp://www.creative-nonstop.com/|hxxp://www.existenzgruender.de/selbstaendigkeit/vorbereitung/index.php|hxxp://www.s354533063.website-start.de"
"web2pdfextension@web2pdf.adobedotcom"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.7.700.224 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detektor-Plug-In
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@canon.com/MycameraPlugin]
"Description"=Canon MycameraPlugin
"Path"=C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\SysWOW64\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeExManDetect]
"Description"=
"Path"=C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\yqgjc3vf.default\extensions\
isreaditlater@ideashower.com
sparpilot@sparpilot.com
{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
{e001c731-5e37-4538-a5cb-8168736a2360}
{E0B8C461-F8FB-49b4-8373-FE32E9252800}
C:\Users\RA\AppData\Roaming\Mozilla\Firefox\Profiles\yqgjc3vf.default\searchplugins\
rapidshare-filefinder.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23 60568]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-24 463272]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-07-23 587104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-24 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2012-09-23 330392]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"G Data ASM"=C:\Program Files (x86)\G Data\AntiVirus\DelayLoader\AutorunDelayLoader.exe [2013-02-25 472016]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-08-08 2236816]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [2012-12-18 3478752]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-05-31 152392]
"G Data AntiVirus Tray"=C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe [2013-02-25 1444304]
"TrojanScanner"=C:\Program Files (x86)\Trojan Remover\Trjscan.exe [2013-07-19 1655568]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2013-04-04 532040]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeBridge"= []
"FMCore.exe"=C:\Program Files (x86)\Extensis\Suitcase Fusion 3\FMCore.exe [2011-10-27 9211392]
"DisplayFusion"=C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [2013-04-26 7283072]
"iFunBoxConnector"=C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe [2013-04-23 812544]
"AirVideoServer"=C:\Program Files (x86)\AirVideoServer\AirVideoServer.exe [2012-07-20 4935112]
"Spotify Web Helper"=C:\Users\RA\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2013-06-26 1104384]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-08-15 6581488]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe [2013-07-03 814472]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FreeStyle Auto-Assist.lnk - C:\Program Files (x86)\Abbott Diabetes Care\FreeStyle Auto-Assist\BGTrayApp.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Users\RA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\RA\AppData\Roaming\Dropbox\bin\Dropbox.exe
EvernoteClipper.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
EvernoteTray.lnk - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.tscc"=C:\Windows\SysWOW64\tsccvid.dll
"vidc.tsc2"=C:\Windows\SysWOW64\tsc2_codec32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=yv12vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
======List of files/folders created in the last 3 months======
2013-08-20 12:09:28 ----D---- C:\rsit
2013-08-20 12:09:28 ----D---- C:\Program Files (x86)\trend micro
2013-08-20 11:49:27 ----D---- C:\Users\RA\AppData\Roaming\Simply Super Software
2013-08-20 11:49:12 ----D---- C:\ProgramData\Simply Super Software
2013-08-20 11:49:11 ----D---- C:\Program Files (x86)\Trojan Remover
2013-08-20 01:07:59 ----D---- C:\Users\RA\AppData\Roaming\SUPERAntiSpyware.com
2013-08-20 01:07:34 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2013-08-19 16:44:14 ----D---- C:\Users\RA\AppData\Roaming\Malwarebytes
2013-08-19 16:43:53 ----D---- C:\ProgramData\Malwarebytes
2013-08-19 16:43:52 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-15 19:54:41 ----A---- C:\Windows\SysWOW64\ieui.dll
2013-08-15 19:54:40 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-15 19:54:40 ----A---- C:\Windows\SysWOW64\iesysprep.dll
2013-08-15 19:54:40 ----A---- C:\Windows\SysWOW64\iesetup.dll
2013-08-15 19:54:40 ----A---- C:\Windows\SysWOW64\iernonce.dll
2013-08-15 19:54:39 ----A---- C:\Windows\SysWOW64\iertutil.dll
2013-08-15 19:54:38 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2013-08-15 19:54:37 ----A---- C:\Windows\SysWOW64\jscript.dll
2013-08-15 19:54:36 ----A---- C:\Windows\SysWOW64\urlmon.dll
2013-08-15 19:54:36 ----A---- C:\Windows\SysWOW64\jscript9.dll
2013-08-15 19:54:34 ----A---- C:\Windows\SysWOW64\wininet.dll
2013-08-15 19:54:34 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2013-08-15 19:54:32 ----A---- C:\Windows\SysWOW64\ieframe.dll
2013-08-15 19:54:27 ----A---- C:\Windows\SysWOW64\mshtml.dll
2013-08-15 19:39:23 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 19:39:18 ----A---- C:\Windows\SysWOW64\wintrust.dll
2013-08-15 19:39:18 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 19:39:18 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 19:39:18 ----A---- C:\Windows\SysWOW64\crypt32.dll
2013-08-15 19:39:00 ----A---- C:\Windows\SysWOW64\tzres.dll
2013-08-15 19:38:47 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2013-08-15 19:38:47 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-08-15 19:38:46 ----A---- C:\Windows\SysWOW64\ntdll.dll
2013-08-15 19:38:45 ----A---- C:\Windows\SysWOW64\wow32.dll
2013-08-15 19:38:45 ----A---- C:\Windows\SysWOW64\user.exe
2013-08-15 19:38:45 ----A---- C:\Windows\SysWOW64\setup16.exe
2013-08-15 19:38:45 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2013-08-15 19:38:45 ----A---- C:\Windows\SysWOW64\instnm.exe
2013-08-15 19:38:36 ----A---- C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-03 23:28:54 ----D---- C:\Program Files (x86)\SetEdit8500
2013-08-02 18:51:34 ----D---- C:\Users\RA\AppData\Roaming\Google
2013-08-02 18:26:19 ----D---- C:\ProgramData\Google
2013-08-02 18:26:01 ----D---- C:\Program Files (x86)\Google
2013-08-02 17:13:26 ----D---- C:\Users\RA\AppData\Roaming\WinFellow
2013-07-29 23:23:14 ----D---- C:\Users\RA\AppData\Roaming\WTablet
2013-07-26 09:43:11 ----D---- C:\Program Files (x86)\Common Files\G Data
2013-07-26 09:36:57 ----D---- C:\Program Files (x86)\TabletPlugins
2013-07-26 09:36:39 ----A---- C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2013-07-26 09:36:38 ----A---- C:\Windows\SysWOW64\Wintab32.dll
2013-07-26 09:36:38 ----A---- C:\Windows\SysWOW64\WacomMT.dll
2013-07-26 09:36:38 ----A---- C:\Windows\SysWOW64\Wacom_Tablet.dll
2013-07-25 21:09:41 ----D---- C:\Windows\pss
2013-07-22 09:38:22 ----D---- C:\ProgramData\RIBS
2013-07-10 22:31:31 ----A---- C:\Windows\SysWOW64\qedit.dll
2013-07-10 22:28:01 ----A---- C:\Windows\SysWOW64\DWrite.dll
2013-07-09 13:32:50 ----SHD---- C:\Windows\ftpcache
2013-06-26 12:02:03 ----D---- C:\Users\RA\AppData\Roaming\Spotify
2013-06-24 09:05:34 ----A---- C:\Windows\SysWOW64\javaws.exe
2013-06-24 09:05:31 ----A---- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-24 09:05:31 ----A---- C:\Windows\SysWOW64\javaw.exe
2013-06-24 09:05:31 ----A---- C:\Windows\SysWOW64\java.exe
2013-06-21 10:54:47 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-21 10:54:47 ----D---- C:\Program Files (x86)\iTunes
2013-06-17 20:15:07 ----D---- C:\Program Files (x86)\RescuePRO
2013-06-17 09:06:37 ----D---- C:\Program Files (x86)\PhotoRescue PC v3.3.2.13314
2013-06-17 08:33:23 ----D---- C:\Program Files (x86)\ZAR
2013-06-12 16:23:41 ----A---- C:\Windows\SysWOW64\XAudio2_7.dll
2013-06-12 16:23:41 ----A---- C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-06-12 16:23:40 ----A---- C:\Windows\SysWOW64\xactengine3_7.dll
2013-06-12 16:23:39 ----A---- C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-06-12 16:23:37 ----A---- C:\Windows\SysWOW64\d3dx11_43.dll
2013-06-12 16:23:37 ----A---- C:\Windows\SysWOW64\d3dcsx_43.dll
2013-06-12 16:23:35 ----A---- C:\Windows\SysWOW64\d3dx10_43.dll
2013-06-12 16:23:34 ----A---- C:\Windows\SysWOW64\D3DX9_43.dll
2013-06-12 16:23:33 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2013-06-12 16:23:33 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2013-06-12 16:23:31 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2013-06-12 16:23:31 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2013-06-12 16:23:29 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2013-06-12 16:23:27 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2013-06-12 16:23:25 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2013-06-12 16:23:23 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2013-06-12 16:23:23 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2013-06-12 16:23:22 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2013-06-12 16:23:20 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2013-06-12 16:23:18 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2013-06-12 16:23:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2013-06-12 16:23:16 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2013-06-12 16:23:15 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2013-06-12 16:23:15 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2013-06-12 16:22:00 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2013-06-12 16:21:59 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2013-06-12 16:21:57 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2013-06-12 16:21:57 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-06-12 16:21:56 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2013-06-12 16:21:54 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2013-06-12 16:21:54 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2013-06-12 16:21:52 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2013-06-12 16:21:51 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2013-06-12 16:21:50 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2013-06-12 16:21:50 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2013-06-12 16:21:47 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2013-06-12 16:21:46 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2013-06-12 16:21:46 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2013-06-12 16:21:44 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2013-06-12 16:21:42 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2013-06-12 16:21:42 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2013-06-12 16:21:39 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2013-06-12 16:21:38 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2013-06-12 16:21:36 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2013-06-12 16:21:36 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2013-06-12 16:21:35 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2013-06-12 16:21:34 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2013-06-12 16:21:32 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2013-06-12 16:21:27 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2013-06-12 16:21:24 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2013-06-12 16:21:24 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2013-06-12 16:21:23 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2013-06-12 16:21:21 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2013-06-12 16:21:16 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2013-06-12 16:21:15 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2013-06-12 16:21:14 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2013-06-12 16:21:12 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2013-06-12 16:21:10 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2013-06-12 16:21:10 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2013-06-12 16:21:08 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2013-06-12 16:21:07 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2013-06-12 16:21:07 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2013-06-12 16:21:05 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2013-06-12 16:21:05 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2013-06-12 16:21:04 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2013-06-12 16:21:03 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2013-06-12 16:21:02 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2013-06-12 16:21:00 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2013-06-12 16:21:00 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2013-06-12 16:20:59 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2013-06-12 16:20:58 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2013-06-12 16:20:56 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2013-06-12 16:20:56 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2013-06-12 16:20:55 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2013-06-12 16:20:53 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2013-06-12 16:20:53 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2013-06-12 16:20:52 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2013-06-12 16:20:50 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2013-06-12 16:20:50 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2013-06-12 16:20:48 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2013-06-12 16:20:48 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2013-06-12 16:20:46 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2013-06-12 16:20:32 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2013-06-12 16:20:30 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2013-06-12 16:20:30 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2013-06-12 16:20:29 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2013-06-12 16:20:28 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2013-06-12 16:20:26 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2013-06-12 16:20:25 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2013-06-12 16:20:25 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2013-06-12 16:20:23 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2013-06-12 15:11:46 ----A---- C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 15:11:31 ----A---- C:\Windows\SysWOW64\win32spl.dll
2013-06-12 15:11:22 ----A---- C:\Windows\SysWOW64\certutil.exe
2013-06-12 15:11:21 ----A---- C:\Windows\SysWOW64\certenc.dll
2013-06-12 15:10:26 ----A---- C:\Windows\SysWOW64\d3d11.dll
2013-06-12 15:10:25 ----A---- C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 13:37:43 ----D---- C:\Users\RA\AppData\Roaming\AdobeMuse
2013-06-07 00:20:52 ----D---- C:\ProgramData\LogiShrd
2013-06-07 00:20:49 ----D---- C:\Users\RA\AppData\Roaming\Logitech
2013-06-07 00:17:18 ----D---- C:\ProgramData\Logitech
2013-06-07 00:17:10 ----D---- C:\Users\RA\AppData\Roaming\InstallShield
2013-06-05 11:38:52 ----D---- C:\Program Files (x86)\BMWi-Businessplaner
======List of files/folders modified in the last 3 months======
2013-08-20 12:09:29 ----D---- C:\Windows\Temp
2013-08-20 12:09:28 ----RD---- C:\Program Files (x86)
2013-08-20 11:53:45 ----AD---- C:\ProgramData\TEMP
2013-08-20 11:49:12 ----HD---- C:\ProgramData
2013-08-20 10:48:57 ----SHD---- C:\System Volume Information
2013-08-20 10:08:44 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-08-20 01:08:02 ----D---- C:\Windows\Tasks
2013-08-20 01:07:34 ----RD---- C:\Program Files
2013-08-19 16:34:57 ----D---- C:\Users\RA\AppData\Roaming\Dropbox
2013-08-19 16:01:16 ----SD---- C:\ProgramData\Microsoft
2013-08-19 15:48:39 ----HD---- C:\jexepackres
2013-08-19 15:45:52 ----D---- C:\ProgramData\NVIDIA
2013-08-16 23:16:30 ----D---- C:\Windows\Microsoft.NET
2013-08-16 23:16:01 ----RSD---- C:\Windows\assembly
2013-08-16 22:42:33 ----D---- C:\Windows\winsxs
2013-08-15 22:51:55 ----D---- C:\Windows\SysWOW64\de-DE
2013-08-15 22:51:55 ----D---- C:\Windows\SysWOW64
2013-08-15 22:51:55 ----D---- C:\Windows\System32
2013-08-15 22:51:55 ----D---- C:\Program Files (x86)\Internet Explorer
2013-08-15 22:51:54 ----D---- C:\Windows\AppPatch
2013-08-15 19:54:09 ----SHD---- C:\Windows\Installer
2013-08-15 19:51:33 ----D---- C:\ProgramData\Microsoft Help
2013-08-13 01:13:08 ----D---- C:\Users\RA\AppData\Roaming\vlc
2013-08-13 00:47:50 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-08-07 17:03:20 ----D---- C:\Users\RA\AppData\Roaming\FileZilla
2013-08-03 21:26:14 ----D---- C:\Windows\rescache
2013-08-02 20:13:39 ----D---- C:\Users\RA\AppData\Roaming\Mp3tag
2013-07-31 10:58:56 ----D---- C:\Users\RA\AppData\Roaming\iFunbox_UserCache
2013-07-30 11:31:19 ----D---- C:\Users\RA\AppData\Roaming\Skype
2013-07-26 09:49:25 ----D---- C:\Windows
2013-07-26 09:45:01 ----D---- C:\ProgramData\G DATA
2013-07-26 09:43:13 ----D---- C:\Program Files (x86)\G Data
2013-07-26 09:43:11 ----D---- C:\Program Files (x86)\Common Files
2013-07-26 09:39:10 ----D---- C:\Windows\inf
2013-07-26 09:33:19 ----D---- C:\Windows\SysWOW64\wbem
2013-07-26 09:31:16 ----D---- C:\Windows\SysWOW64\Setup
2013-07-26 09:31:16 ----D---- C:\Windows\SysWOW64\oobe
2013-07-26 09:31:16 ----D---- C:\Windows\SysWOW64\MUI
2013-07-26 09:31:16 ----D---- C:\Windows\SysWOW64\DriverStore
2013-07-26 09:31:15 ----D---- C:\Windows\SysWOW64\config
2013-07-26 09:31:15 ----D---- C:\Windows\SysWOW64\com
2013-07-26 09:31:14 ----D---- C:\Windows\SysWOW64\drivers
2013-07-23 16:19:41 ----D---- C:\Program Files (x86)\Common Files\Adobe
2013-07-23 16:17:15 ----D---- C:\Program Files (x86)\Adobe
2013-07-23 14:55:58 ----D---- C:\Users\RA\AppData\Roaming\Adobe
2013-07-23 12:57:53 ----D---- C:\ProgramData\Adobe
2013-07-22 11:45:01 ----D---- C:\Users\RA\AppData\Roaming\Apple Computer
2013-07-22 11:41:45 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2013-07-12 08:47:39 ----D---- C:\Program Files (x86)\Common Files\Adobe AIR
2013-07-11 13:59:12 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-07-11 01:36:35 ----D---- C:\Program Files (x86)\Windows Defender
2013-07-10 22:15:00 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-05 17:23:46 ----D---- C:\Windows\LiveKernelReports
2013-07-03 15:34:05 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-24 09:05:25 ----A---- C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-24 09:05:25 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2013-06-21 10:54:48 ----D---- C:\Program Files (x86)\Common Files\Apple
2013-06-21 10:48:34 ----D---- C:\Program Files (x86)\QuickTime
2013-06-18 11:27:42 ----RSD---- C:\Windows\Fonts
2013-06-18 11:14:49 ----D---- C:\Users\RA\AppData\Roaming\DisplayFusion
2013-06-13 07:44:51 ----D---- C:\Windows\Panther
2013-06-12 19:14:20 ----D---- C:\Windows\Prefetch
2013-06-12 17:05:53 ----D---- C:\Program Files (x86)\Common Files\PX Storage Engine
2013-06-12 16:18:51 ----D---- C:\Windows\Logs
2013-06-12 15:17:23 ----D---- C:\Windows\debug
2013-06-12 13:14:36 ----D---- C:\Users\RA\AppData\Roaming\Lasersoft Imaging
2013-06-09 01:37:16 ----D---- C:\Users\RA\AppData\Roaming\redsn0w
2013-06-07 00:23:54 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2013-06-07 00:17:15 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-06-05 10:17:48 ----RD---- C:\Users
2013-05-27 08:31:53 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 GDBehave;GDBehave; C:\Windows\system32\drivers\GDBehave.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 GDMnIcpt;GDMnIcpt; \??\C:\Windows\system32\drivers\MiniIcpt.sys []
R1 gdwfpcd;G Data WFP CD; C:\Windows\system32\drivers\gdwfpcd64.sys []
R1 GRD;G Data Rootkit Detector Driver; \??\C:\Windows\system32\drivers\GRD.sys []
R1 HookCentre;HookCentre; \??\C:\Windows\system32\drivers\HookCentre.sys []
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R3 BthEnum;Bluetooth-Auflistungsdienst; C:\Windows\system32\DRIVERS\BthEnum.sys []
R3 BthPan;Bluetooth-Gerät (PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
R3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 GDPkIcpt;GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
R3 hidkmdf;KMDF Driver; C:\Windows\system32\DRIVERS\hidkmdf.sys []
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys []
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys []
R3 PRISM_A00;PRISM 802.11 Driver; C:\Windows\system32\DRIVERS\PRISMA00.sys []
R3 RFCOMM;Bluetooth-Gerät (RFCOMM-Protokoll-TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 teamviewervpn;TeamViewer VPN Adapter; C:\Windows\system32\DRIVERS\teamviewervpn.sys []
R3 WacHidRouter;Wacom Hid Router; C:\Windows\system32\DRIVERS\wachidrouter.sys []
R3 wacomrouterfilter;Wacom Router Filter Driver; C:\Windows\system32\DRIVERS\wacomrouterfilter.sys []
S3 BTHPORT;Bluetooth-Porttreiber; C:\Windows\System32\Drivers\BTHport.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys []
S3 usbscan;USB-Scannertreiber; C:\Windows\system32\DRIVERS\usbscan.sys []
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2013-05-23 143120]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 AVKProxy;G Data AntiVirus Proxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2013-03-04 1956304]
R2 AVKService;G Data Scheduler; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKService.exe [2013-02-25 635344]
R2 AVKWCtl;G Data Dateisystem Wächter; C:\Program Files (x86)\G Data\AntiVirus\AVK\AVKWCtlx64.exe [2013-02-25 2249944]
R2 Bonjour Service;Dienst "Bonjour"; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 DisplayFusionService;DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2013-04-26 1498000]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2007-11-15 160272]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2013-02-22 2849120]
R2 WTabletServicePro;Wacom Professional Service; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-06-06 598808]
R3 GDScan;G Data Scanner; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2013-02-25 696808]
R3 iPod Service;iPod-Dienst; C:\Program Files\iPod\bin\iPodService.exe [2013-05-31 641352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-07-09 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-07-08 123856]
S2 gupdate;Google Update-Dienst (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-26 1260320]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
S3 gupdatem;Google Update-Dienst (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-06-18 117144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2012-07-08 51648]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2012-07-09 139696]
-----------------EOF-----------------
--- --- ---
und info.txt
[code]
info.txtRSIT Logfile:
Code:
logfile of random's system information tool 1.09 2013-08-20 12:09:40
======Uninstall list======
-->C:\ProgramData\{87B61FE8-334F-4066-B7AA-68DC81782D4D}\Netzmanager1.071.0301_120720a.exe
Adobe Acrobat XI Pro-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{23D3F585-AE29-4670-8E3E-64A0EFB29240}"
Adobe Acrobat XI Pro-->MsiExec.exe /I{AC76BA86-1033-FFFF-7760-000000000006}
Adobe After Effects CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{317243C1-6580-4F43-AED7-37D4438C3DD5}"
Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B}
Adobe Bridge CC (64 Bit)-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{359F8007-6486-429C-A8C5-D67F6897C88C}"
Adobe Creative Cloud-->"C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Adobe Download Assistant-->msiexec /qb /x {C8773FDB-D0DB-BE52-D536-F48F9886B57B}
Adobe Download Assistant-->MsiExec.exe /I{C8773FDB-D0DB-BE52-D536-F48F9886B57B}
Adobe Dreamweaver CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{00E094E1-A852-11E2-803D-ACEA632352B4}"
Adobe Edge Animate CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{A8F90989-523C-450A-9793-E950D5E0F8C6}"
Adobe Edge Animate-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{181241DD-2FC2-4CF9-94CE-97F3E37D6F0B}"
Adobe Edge Code CC-->MsiExec.exe /X{B3EDB8D8-AA2E-F0FA-1A5A-EDE9F9CAD4A7}
Adobe Edge Inspect CC-->MsiExec.exe /X{67D22EA0-4601-4450-9C99-042DABB0A315}
Adobe Edge Reflow CC Preview-->MsiExec.exe /X{BECBB650-C167-4F12-A264-7396BF4ED769}
Adobe Exchange Panel-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{41A12FFC-89E9-4743-A51E-00975CA31F40}"
Adobe ExtendScript Toolkit CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{6297487E-3778-4F72-B458-55690418DB98}"
Adobe Extension Manager CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{244FD30F-63F1-49B9-9D98-1150FF4FFCB1}"
Adobe Flash Builder 4.7 (64 Bit)-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{848DE8E1-521D-4748-A158-517708107EF3}"
Adobe Flash Player 11 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -maintain plugin
Adobe Flash Professional CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}"
Adobe Help Manager-->msiexec /qb /x {AF37176A-78CA-545B-34EF-8B6A21514DD1}
Adobe Help Manager-->MsiExec.exe /I{AF37176A-78CA-545B-34EF-8B6A21514DD1}
Adobe Illustrator CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{F2321021-08A2-44D6-B1DF-BDB415F23EC3}"
Adobe InCopy CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2606D96F-C1A3-1014-9A8F-E3561A1AC78D}"
Adobe InDesign CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{BC448016-6F11-1014-B0EA-97CEE6E26CB6}"
Adobe Media Player-->msiexec /qb /x {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Media Player-->MsiExec.exe /I{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}
Adobe Muse-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{9A554C9D-E12D-4205-8101-9F4337CD5673}"
Adobe Muse-->msiexec /qb /x {57D75592-1B6E-1425-244B-11BCDC027707}
Adobe Muse-->MsiExec.exe /I{57D75592-1B6E-1425-244B-11BCDC027707}
Adobe Photoshop CC-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}"
Adobe Reader XI (11.0.03) - Deutsch-->MsiExec.exe /I{AC76BA86-7AD7-1031-7B44-AB0000000001}
Adobe Touch App Plugins-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}"
Adobe Widget Browser-->msiexec /qb /x {EFBE6DD5-B224-96E5-72B9-68D328CB12A6}
Adobe Widget Browser-->MsiExec.exe /I{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}
Adobe® Content Viewer-->msiexec /qb /x {7E44D023-7032-5F3C-C14B-833915E11A4A}
Adobe® Content Viewer-->MsiExec.exe /I{7E44D023-7032-5F3C-C14B-833915E11A4A}
Air Video Server 2.4.6-beta3-->C:\Program Files (x86)\AirVideoServer\uninst.exe
Apple Application Support-->MsiExec.exe /I{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Attribute Changer 7.10c-->"C:\Program Files (x86)\Attribute Changer\unins000.exe"
Axialis IconWorkshop 6.33-->C:\Program Files (x86)\Axialis\IconWorkshop\UnInstall.exe "IconWorkshop" "IconWorkshop.exe"
Biet-O-Matic v2.14.12-->C:\PROGRA~2\BIET-O~1\UNWISE.EXE C:\PROGRA~2\BIET-O~1\install.log
bl-->MsiExec.exe /I{2A075BB4-E976-4278-BF3F-E5C6945D84C0}
BMWi-Businessplaner Gründung-->msiexec /qb /x {258EE4D3-BDB5-9013-145B-1B8807B6A9DC}
BMWi-Businessplaner Gründung-->MsiExec.exe /I{258EE4D3-BDB5-9013-145B-1B8807B6A9DC}
Camtasia Studio 8-->MsiExec.exe /I{CB2B4C2B-0805-4E06-873D-CECB046A5BE8}
Canon Auto Update Service-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Auto Update Service\Uninst.ini"
CANON iMAGE GATEWAY MyCamera Download Plugin-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\MyCamera Download Plugin\MyCameraPluginUninstall.ini"
CANON iMAGE GATEWAY Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\CRWUnInstall.ini"
Canon MOV Decoder-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Canon MOV Decoder\CanonMOVDecoderUnInstall.ini"
Canon MOV Encoder-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\Canon MOV Encoder\CanonMOVEncoderUnInstall.ini"
Canon MovieEdit Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\MVWUninst.ini"
Canon MP Navigator EX 1.0-->"C:\Program Files (x86)\Canon\MP Navigator EX 1.0\Maint.exe" /UninstallRemove C:\Program Files (x86)\Canon\MP Navigator EX 1.0\uninst.ini
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\EOS Video Snapshot Task\Uninst.ini"
Canon Utilities ZoomBrowser EX-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility-->"C:\Program Files (x86)\Common Files\Canon\UIW\1.11.0.0\Uninst.exe" "C:\Program Files (x86)\Canon\ZoomBrowser EX MCU\Uninst.ini"
Directory Lister Pro v1.49-->"C:\Program Files (x86)\Directory Lister Pro\unins000.exe"
DisplayFusion 5.0.1-->"C:\Program Files (x86)\DisplayFusion\unins000.exe"
Evernote v. 4.6.7-->MsiExec.exe /X{A6563D7C-F3AD-11E2-A4DB-984BE15F174E}
ExposurePlot 1.1.5a-->"C:\Program Files (x86)\ExposurePlot\unins000.exe"
Extensis Suitcase Fusion 3-->MsiExec.exe /X{CAEDF1F9-70A0-45EB-B344-5AE44EB6F726}
FileZilla Client 3.6.0.2-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe
FreeStyle Auto-Assist-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E882771E-1C12-4E8C-99B6-E1B58DFCCFB2}\Setup.exe"
G Data AntiVirus 2014-->C:\ProgramData\G Data\Setups\{5F17164A-FE5F-48B4-916F-56C6C4470D32}\setup.exe /InstallMode=Uninstall /_DoNotShowChange=true
GeoSetter 3.4.16-->"C:\Program Files (x86)\GeoSetter\unins000.exe"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HandBrake 0.9.8-->C:\Program Files\Handbrake\uninst.exe
iFunbox (v2.0.2150.728), iFunbox DevTeam-->"C:\Program Files (x86)\i-Funbox DevTeam\unins000.exe"
ipswDownloader 1.6-->C:\Program Files (x86)\ipswDownloader\uninst.exe
Java 7 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}
K-Lite Codec Pack 5.2.0 (Full)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"
Lightroom 5.0-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{9bcd38e7-1f9a-4536-8cd4-96448263f367}"
Logitech SetPoint-->C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe -runfromtemp -l0x0007 -removeonly
Malwarebytes Anti-Malware Version 1.75.0.1300-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0407-1000-0000000FF1CE} /uninstall {A6353E8F-5B8D-47CC-8737-DFF032ED3973}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0407-0000-0000000FF1CE} /uninstall {A6353E8F-5B8D-47CC-8737-DFF032ED3973}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0407-0000-0000000FF1CE} /uninstall {DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}
Microsoft Office Access MUI (German) 2007-->MsiExec.exe /X{90120000-0015-0407-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (German) 2007-->MsiExec.exe /X{90120000-0016-0407-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office Groove MUI (German) 2007-->MsiExec.exe /X{90120000-00BA-0407-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (German) 2007-->MsiExec.exe /X{90120000-0044-0407-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.5-->MsiExec.exe /I{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}
Microsoft Office OneNote MUI (German) 2007-->MsiExec.exe /X{90120000-00A1-0407-0000-0000000FF1CE}
Microsoft Office Outlook MUI (German) 2007-->MsiExec.exe /X{90120000-001A-0407-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (German) 2007-->MsiExec.exe /X{90120000-0018-0407-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Italian) 2007-->MsiExec.exe /X{90120000-001F-0410-0000-0000000FF1CE}
Microsoft Office Proofing (German) 2007-->MsiExec.exe /X{90120000-002C-0407-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0410-0000-0000000FF1CE} /uninstall {A23BFC95-4A73-410F-9248-4C2B48E38C49}
Microsoft Office Publisher MUI (German) 2007-->MsiExec.exe /X{90120000-0019-0407-0000-0000000FF1CE}
Microsoft Office Shared MUI (German) 2007-->MsiExec.exe /X{90120000-006E-0407-0000-0000000FF1CE}
Microsoft Office Word MUI (German) 2007-->MsiExec.exe /X{90120000-001B-0407-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft WSE 3.0 Runtime-->MsiExec.exe /X{E3E71D07-CD27-46CB-8448-16D4FB29AA13}
Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}
Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}
Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57}
Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}
Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}
Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403}
Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}
Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC}
MozBackup 1.5.1-->C:\Program Files (x86)\MozBackup\Uninstall.exe
Mozilla Firefox 22.0 (x86 de)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird 17.0.7 (x86 de)-->C:\Program Files (x86)\Mozilla Thunderbird\uninstall\helper.exe
Mp3tag v2.54-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE
Nik Collection-->C:\Program Files\Google\Nik Collection\Uninstall Nik Collection.exe
Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
PDF Settings CC-->MsiExec.exe /I{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}
ph-->MsiExec.exe /I{185F9795-9663-4F13-9EF9-307A282ADB5A}
PxMergeModule-->MsiExec.exe /I{024521CF-C07E-4F8E-8481-0D75695E03AF}
QuickTime-->MsiExec.exe /I{B67BAFBA-4C9F-48FA-9496-933E3B255044}
Safari-->MsiExec.exe /I{C779648B-410E-4BBA-B75B-5815BCEFE71D}
Security Update for Microsoft .NET Framework 4.5 (KB2737083)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {00909A54-CC11-3F00-9279-3CE090432A91}
Security Update for Microsoft .NET Framework 4.5 (KB2742613)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {36E5C79E-06D3-32C3-9251-D284B9F3F7E7}
Security Update for Microsoft .NET Framework 4.5 (KB2789648)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {698F9EB6-6753-318E-8615-53D77414313F}
Security Update for Microsoft .NET Framework 4.5 (KB2804582)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {CEB05EDA-D069-31BF-9789-81637633C0BF}
Security Update for Microsoft .NET Framework 4.5 (KB2833957)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {9BBF7EC5-5F9A-3D5E-85E5-3EE53A16166E}
Security Update for Microsoft .NET Framework 4.5 (KB2840642)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {DDCAB505-6883-380B-97BD-59381822883B}
Security Update for Microsoft .NET Framework 4.5 (KB2840642v2)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {4F658047-A12E-38D9-8EA9-D941E4A84B7D}
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E949D8B9-24FD-4AB7-B427-FC42AA8BB2D9}
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {43171CAD-DC60-4E7B-9703-B2EC18001B9F}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {488F0918-97F9-4CD0-8AD5-8986A46AC962}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9D689455-5858-4AE4-A3CA-6E4149FE3F70}
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition -->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {718E87EC-6590-485A-B12D-C01D290EDB12}
SilverFast CanonSDK 6.6.2r5-->C:\Program Files (x86)\SilverFast Application\SilverFast CanonSDK\uninst.exe
Skype™ 6.1-->MsiExec.exe /X{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}
StreamTransport version: 1.0.2.2171-->"C:\Program Files (x86)\StreamTransport\unins000.exe"
TeamViewer 7-->C:\Program Files (x86)\TeamViewer\Version7\uninstall.exe
theRenamer 7.58-->"C:\Program Files (x86)\theRenamer\unins000.exe"
Trojan Remover 6.8.8-->"C:\Program Files (x86)\Trojan Remover\unins000.exe"
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 4.5 (KB2750147)-->c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {BEBBFEB1-EA1C-3479-A39D-23A76BCB7BFC}
Update for Microsoft .NET Framework 4.5 (KB2805221)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {83FD3E08-19A9-3E5F-85EF-C4786CB743B5}
Update for Microsoft .NET Framework 4.5 (KB2805226)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\setup.exe /uninstallpatch {87B3F837-4DE6-35DE-B11D-D21554DD8412}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {EA54F104-79D2-48CC-9ABC-91A63C43D353}
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {319951E8-E272-4F02-A752-DD6FCD7D4519}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {9680B76D-042F-4FF2-BD87-6E859531452D}
Update für Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0407-0000-0000000FF1CE} /uninstall {BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}
Update für Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0407-0000-0000000FF1CE} /uninstall {F6828576-6F79-470D-AB50-69D1BBADBD30}
Update für Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0407-0000-0000000FF1CE} /uninstall {EA160DA3-E9B5-4D03-A518-21D306665B96}
Update für Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0407-0000-0000000FF1CE} /uninstall {38472199-D7B6-4833-A949-10E4EE6365A1}
VLC media player 2.0.6-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
Webocton - Scriptly 0.8.95.6-->"C:\Program Files (x86)\Webocton - Scriptly\unins000.exe"
WebTablet FB Plugin 32 bit-->"C:\Program Files (x86)\TabletPlugins\fbWTPUninstall.exe"
======Hosts File======
::1 localhost
======System event log======
Computer Name: RA-PC
Event Code: 7036
Message: Dienst "Windows Installer" befindet sich jetzt im Status "Ausgeführt".
Record Number: 2175
Source Name: Service Control Manager
Time Written: 20121031104326.899418-000
Event Type: Informationen
User:
Computer Name: RA-PC
Event Code: 20001
Message: Der Prozess zum Installieren von Treiber FileRepository\volsnap.inf_amd64_neutral_7499a4fac85b39fc\volsnap.inf für Geräteinstanz-ID STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT12 wurde mit folgendem Status beendet: 0x0.
Record Number: 2174
Source Name: Microsoft-Windows-UserPnp
Time Written: 20121031104243.851956-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: RA-PC
Event Code: 7036
Message: Dienst "Microsoft-Softwareschattenkopie-Anbieter" befindet sich jetzt im Status "Ausgeführt".
Record Number: 2173
Source Name: Service Control Manager
Time Written: 20121031104226.353955-000
Event Type: Informationen
User:
Computer Name: RA-PC
Event Code: 7036
Message: Dienst "Volumeschattenkopie" befindet sich jetzt im Status "Ausgeführt".
Record Number: 2172
Source Name: Service Control Manager
Time Written: 20121031104225.498906-000
Event Type: Informationen
User:
Computer Name: RA-PC
Event Code: 7036
Message: Dienst "Multimediaklassenplaner" befindet sich jetzt im Status "Ausgeführt".
Record Number: 2171
Source Name: Service Control Manager
Time Written: 20121031104116.467957-000
Event Type: Informationen
User:
=====Application event log=====
Computer Name: 37L4247E29-32
Event Code: 1001
Message: Fehlerbucket , Typ 0
Ereignisname: PnPRequestAdditionalSoftware
Antwort: Nicht verfügbar
CAB-Datei-ID: 0
Problemsignatur:
P1: x64
P2: HID\VID_046D&PID_C703&REV_2404&MI_01&Col05
P3: 6.1.0.0
P4: 0407
P5: input.inf
P6: *
P7:
P8:
P9:
P10:
Angefügte Dateien:
Diese Dateien befinden sich möglicherweise hier:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_6f07b743177719ad8d89058c4838953d353fcb0_cab_05c4dd43
Analysesymbol:
Es wird erneut nach einer Lösung gesucht: 0
Berichts-ID: 0b9c8de6-1f96-11e2-964e-ae0f12a83a7c
Berichtstatus: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20121026175328.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247E29-32
Event Code: 5617
Message: Die Subsysteme des Windows-Verwaltungsinstrumentationsdienstes wurden erfolgreich initialisiert.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20121026175327.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247E29-32
Event Code: 5615
Message: Der Windows-Verwaltungsinstrumentationsdienst wurde erfolgreich gestartet.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20121026175324.000000-000
Event Type: Informationen
User:
Computer Name: 37L4247E29-32
Event Code: 1531
Message: Der Benutzerprofildienst wurde erfolgreich gestartet.
Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20121026175320.502882-000
Event Type: Informationen
User: NT-AUTORITÄT\SYSTEM
Computer Name: 37L4247E29-32
Event Code: 4625
Message: Das EventSystem-Subsystem unterdrückt duplizierte Ereignisprotokolleinträge für eine Dauer von 86400 Sekunden. Dieses Zeitlimit kann durch den REG_DWORD-Wert SuppressDuplicateDuration unter folgendem Registrierungsschlüssel gesteuert werden: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20121026175320.000000-000
Event Type: Informationen
User:
=====Security event log=====
Computer Name: 37L4247E29-32
Event Code: 4672
Message: Einer neuen Anmeldung wurden besondere Rechte zugewiesen.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Berechtigungen: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121026175308.428461-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247E29-32
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-5-18
Kontoname: 37L4247E29-32$
Kontodomäne: WORKGROUP
Anmelde-ID: 0x3e7
Anmeldetyp: 5
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x1e0
Prozessname: C:\Windows\System32\services.exe
Netzwerkinformationen:
Arbeitsstationsname:
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: Advapi
Authentifizierungspaket: Negotiate
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121026175308.428461-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247E29-32
Event Code: 4902
Message: Eine Benutzerrichtlinien-Überwachungstabelle wurde erstellt.
Anzahl von Elementen: 0
Richtlinienkennung: 0x32ab6
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121026175305.136855-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247E29-32
Event Code: 4624
Message: Ein Konto wurde erfolgreich angemeldet.
Antragsteller:
Sicherheits-ID: S-1-0-0
Kontoname: -
Kontodomäne: -
Anmelde-ID: 0x0
Anmeldetyp: 0
Neue Anmeldung:
Sicherheits-ID: S-1-5-18
Kontoname: SYSTEM
Kontodomäne: NT-AUTORITÄT
Anmelde-ID: 0x3e7
Anmelde-GUID: {00000000-0000-0000-0000-000000000000}
Prozessinformationen:
Prozess-ID: 0x4
Prozessname:
Netzwerkinformationen:
Arbeitsstationsname: -
Quellnetzwerkadresse: -
Quellport: -
Detaillierte Authentifizierungsinformationen:
Anmeldeprozess: -
Authentifizierungspaket: -
Übertragene Dienste: -
Paketname (nur NTLM): -
Schlüssellänge: 0
Dieses Ereignis wird beim Erstellen einer Anmeldesitzung generiert. Es wird auf dem Computer generiert, auf den zugegriffen wurde.
Die Antragstellerfelder geben das Konto auf dem lokalen System an, von dem die Anmeldung angefordert wurde. Dies ist meistens ein Dienst wie der Serverdienst oder ein lokaler Prozess wie "Winlogon.exe" oder "Services.exe".
Das Anmeldetypfeld gibt den jeweiligen Anmeldetyp an. Die häufigsten Typen sind 2 (interaktiv) und 3 (Netzwerk).
Die Felder für die neue Anmeldung geben das Konto an, für das die Anmeldung erstellt wurde, d. h. das angemeldete Konto.
Die Netzwerkfelder geben die Quelle einer Remoteanmeldeanforderung an. der Arbeitsstationsname ist nicht immer verfügbar und kann in manchen Fällen leer bleiben.
Die Felder für die Authentifizierungsinformationen enthalten detaillierte Informationen zu dieser speziellen Anmeldeanforderung.
- Die Anmelde-GUID ist ein eindeutiger Bezeichner, der verwendet werden kann, um dieses Ereignis mit einem KDC-Ereignis zu korrelieren.
- Die übertragenen Dienste geben an, welche Zwischendienste an der Anmeldeanforderung beteiligt waren.
- Der Paketname gibt das in den NTLM-Protokollen verwendete Unterprotokoll an.
- Die Schlüssellänge gibt die Länge des generierten Sitzungsschlüssels an. Wenn kein Sitzungsschlüssel angefordert wurde, ist dieser Wert 0.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121026175303.327252-000
Event Type: Überwachung erfolgreich
User:
Computer Name: 37L4247E29-32
Event Code: 4608
Message: Windows wird gestartet.
Dieses Ereignis wird protokolliert, wenn LSASS.EXE gestartet und das Überwachungssubsystem initialisiert wird.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20121026175303.280452-000
Event Type: Überwachung erfolgreich
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Extensis\Suitcase Fusion 3\;C:\Program Files (x86)\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION"=0f0b
"asl.log"=Destination=file
"CLASSPATH"=.;C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files (x86)\Java\jre7\lib\ext\QTJava.zip
-----------------EOF-----------------
--- --- ---
- Anschließend dann HJTScanlist mit folgendem Log (siehe Anhang, leider zu groß!)
- Und abschließend noch CCleaner mit folgendem Log
Code:
7-Zip 9.28 (x64 edition) Igor Pavlov 26.10.2012 4,30 MB 9.28.00.0
Adobe Acrobat XI Pro Adobe Systems 19.07.2013 3,40 GB 11.0.02
Adobe Acrobat XI Pro Adobe Systems Incorporated 19.07.2013 1,84 GB 11.0
Adobe After Effects CC Adobe Systems Incorporated 18.06.2013 2,47 GB 12
Adobe AIR Adobe Systems Incorporated 12.07.2013 3.7.0.2090
Adobe Bridge CC (64 Bit) Adobe Systems Incorporated 18.06.2013 757 MB 6.0
Adobe Connect 9 Add-in Adobe Systems Incorporated 22.07.2013 11,2,381,0
Adobe Creative Cloud Adobe Systems Incorporated 11.08.2013 188 MB 2.1.0.213
Adobe Download Assistant Adobe Systems Incorporated 27.10.2012 1.2.3
Adobe Dreamweaver CC Adobe Systems Incorporated 18.06.2013 720 MB 13
Adobe Edge Animate Adobe Systems Incorporated 12.06.2013 217 MB 1.5
Adobe Edge Animate CC Adobe Systems Incorporated 18.06.2013 221 MB 2.0
Adobe Edge Code CC Adobe Systems Incorporated 18.06.2013 91,0 MB 0.94
Adobe Edge Inspect CC Adobe Systems Incorporated 18.06.2013 66,4 MB 1.0.408
Adobe Edge Reflow CC Preview Adobe Systems Incorporated 18.06.2013 55,0 MB 0.23.10993
Adobe Exchange Panel Adobe Systems Incorporated 12.06.2013 45,3 MB 1
Adobe ExtendScript Toolkit CC Adobe Systems Incorporated 18.06.2013 68,7 MB 4.0.0.0
Adobe Extension Manager CC Adobe Systems Incorporated 25.07.2013 66,3 MB 7.1
Adobe Flash Builder 4.7 (64 Bit) Adobe Systems Incorporated 12.06.2013 2,02 GB 4.7
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 03.07.2013 6,00 MB 11.7.700.224
Adobe Flash Professional CC Adobe Systems Incorporated 18.06.2013 2,21 GB 13.0
Adobe Help Manager Adobe Systems Incorporated 27.10.2012 4.0.244
Adobe Illustrator CC Adobe Systems Incorporated 18.06.2013 1,51 GB 17.0
Adobe InCopy CC Adobe Systems Incorporated 18.06.2013 1,45 GB 9.0
Adobe InDesign CC Adobe Systems Incorporated 18.06.2013 1,98 GB 9.0
Adobe Media Player Adobe Systems Incorporated 26.10.2012 1.8
Adobe Muse Adobe Systems Incorporated 12.06.2013 4.1.8
Adobe Muse Adobe Systems Incorporated 12.06.2013 65,7 MB 4.1
Adobe Photoshop CC Adobe Systems Incorporated 18.06.2013 2,46 GB 14.0
Adobe Photoshop Lightroom 4.2 64-bit Adobe 27.10.2012 858 MB 4.2.1
Adobe Photoshop Lightroom 5 64-bit Adobe 22.07.2013 958 MB 5.0.1
Adobe Reader XI (11.0.03) - Deutsch Adobe Systems Incorporated 03.07.2013 133 MB 11.0.03
Adobe Touch App Plugins Adobe Systems Incorporated 12.06.2013 3,41 MB 1.0
Adobe Widget Browser Adobe Systems Incorporated. 27.10.2012 2.0 Build 348
Adobe® Content Viewer Adobe Systems Incorporated 17.07.2013 3.2.0
Air Video Server 2.4.6-beta3 InMethod, s.r.o. 31.10.2012 2.4.6-beta3
Apple Application Support Apple Inc. 21.06.2013 64,7 MB 2.3.4
Apple Mobile Device Support Apple Inc. 21.06.2013 25,2 MB 6.1.0.13
Apple Software Update Apple Inc. 26.10.2012 2,38 MB 2.1.3.127
Attribute Changer 7.10c Romain Petges 07.02.2013 3,42 MB 7.10c
Axialis IconWorkshop 6.33 Axialis Software 27.03.2013 6.33
Biet-O-Matic v2.14.12 BOM Development Team 20.02.2013 6,83 MB 2.14.12
BMWi-Businessplaner Gründung Bundesministerium für Wirtschaft und Technologie 05.06.2013 1.0.2
Bonjour Apple Inc. 26.10.2012 2,00 MB 3.0.0.10
Bonjour-Druckdienste Apple Inc. 27.11.2012 597 KB 2.0.2.0
Camtasia Studio 8 TechSmith Corporation 04.11.2012 362 MB 8.0.2.964
Canon Auto Update Service Canon Inc. 17.05.2013 1.1.2.18
CANON iMAGE GATEWAY MyCamera Download Plugin Canon Inc. 17.05.2013 3.1.1.2
CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Inc. 17.05.2013 1.9.0.9
Canon MOV Decoder Canon Inc. 17.05.2013 1.9.0.8
Canon MOV Encoder Canon Inc. 17.05.2013 1.8.0.1
Canon MovieEdit Task for ZoomBrowser EX Canon Inc. 17.05.2013 3.9.0.6
Canon MP Navigator EX 1.0 07.11.2012
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX Canon Inc. 17.05.2013 1.0.0.10
Canon Utilities ZoomBrowser EX Canon Inc. 17.05.2013 6.9.0.1
Canon ZoomBrowser EX Memory Card Utility Canon Inc. 17.05.2013 1.6.0.15
CCleaner Piriform 22.07.2013 4.04
Directory Lister Pro v1.49 KRKSoft 29.10.2012 13,2 MB 1.49
DisplayFusion 5.0.1 Binary Fortress Software 28.04.2013 28,6 MB 5.0.1.0
Dropbox Dropbox, Inc. 30.10.2012 1.4.20
Evernote v. 4.6.7 Evernote Corp. 24.07.2013 136 MB 4.6.7.8409
ExposurePlot 1.1.5a Paul van Andel 21.11.2012 1,75 MB
Extensis Suitcase Fusion 3 2011 Celartem, Inc. d.b.a Extensis All rights reserved 27.10.2012 167 MB 14.2.0
FileZilla Client 3.6.0.2 FileZilla Project 12.12.2012 16,8 MB 3.6.0.2
FreeStyle Auto-Assist 16.11.2012
G Data AntiVirus 2014 G Data Software AG 26.07.2013 417 MB 24.0.1.5
GeoSetter 3.4.16 Friedemann Schmidt 11.01.2013 28,1 MB
HandBrake 0.9.8 30.10.2012 0.9.8
iFunbox (v2.0.2150.728), iFunbox DevTeam 09.11.2012 39,7 MB v2.0.2150.728
ipswDownloader 1.6 Sergey 'iOrange' Kudlay 26.03.2013 1.6
iTunes Apple Inc. 21.06.2013 187 MB 11.0.4.4
Java 7 Update 25 Oracle 24.06.2013 129 MB 7.0.250
K-Lite Codec Pack 5.2.0 (Full) 04.02.2013 5.2.0
Kolor Autopano Giga 2.6 Kolor 20.12.2012 V2.6.4
Lightroom 5.0 Adobe Systems Incorporated 22.07.2013 803 MB 5.0
Logitech SetPoint Logitech 07.06.2013 4.24
Malwarebytes Anti-Malware Version 1.75.0.1300 Malwarebytes Corporation 19.08.2013 19,2 MB 1.75.0.1300
MetroTwit Pixel Tucker Pty Ltd 20.05.2013 1.1.0.3076
Microsoft .NET Framework 4.5 Microsoft Corporation 20.05.2013 38,8 MB 4.5.50709
Microsoft Office Enterprise 2007 Microsoft Corporation 09.11.2012 12.0.6612.1000
Microsoft Office File Validation Add-In Microsoft Corporation 15.11.2012 7,95 MB 14.0.5130.5003
Microsoft Office Live Add-in 1.5 Microsoft Corporation 09.11.2012 508 KB 2.0.4024.1
Microsoft Silverlight Microsoft Corporation 10.07.2013 149 MB 5.1.20513.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 07.06.2013 2,38 MB 8.0.56336
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 07.06.2013 3,85 MB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 20.12.2012 246 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 27.10.2012 788 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 14.11.2012 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 27.10.2012 240 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 26.10.2012 596 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 14.11.2012 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 18.06.2013 13,8 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18.06.2013 12,2 MB 10.0.40219
Microsoft WSE 3.0 Runtime Microsoft Corp. 16.05.2013 942 KB 3.0.5305.0
MozBackup 1.5.1 Pavel Cvrcek 26.10.2012
Mozilla Firefox 22.0 (x86 de) Mozilla 10.07.2013 91,7 MB 22.0
Mozilla Maintenance Service Mozilla 10.07.2013 333 KB 22.0
Mozilla Thunderbird 17.0.7 (x86 de) Mozilla 27.06.2013 83,9 MB 17.0.7
Mp3tag v2.54 Florian Heidenreich 07.02.2013 v2.54
Nik Collection Google 02.08.2013 1.0.0.7
Notepad++ 08.11.2012 6.2
NVIDIA 3D Vision Treiber 311.06 NVIDIA Corporation 21.03.2013 311.06
NVIDIA Grafiktreiber 311.06 NVIDIA Corporation 21.03.2013 311.06
NVIDIA Update 1.11.3 NVIDIA Corporation 21.03.2013 1.11.3
QuickTime Apple Inc. 21.06.2013 74,6 MB 7.74.80.86
Recuva Piriform 12.07.2013 1.47
Safari Apple Inc. 02.11.2012 104 MB 5.34.57.2
SilverFast CanonSDK 6.6.2r5 LaserSoft Imaging AG 07.11.2012
Skype™ 6.1 Skype Technologies S.A. 23.01.2013 21,1 MB 6.1.129
Spotify Spotify AB 26.06.2013 0.9.1.53.g876fa9df
StreamTransport version: 1.0.2.2171 30.10.2012
SUPERAntiSpyware SUPERAntiSpyware.com 20.08.2013 62,1 MB 5.6.1032
TeamViewer 7 TeamViewer 04.03.2013 7.0.17271
theRenamer 7.58 theRenamer 15.11.2012 4,89 MB
Trojan Remover 6.8.8 Simply Super Software 20.08.2013 52,6 MB 6.8.8
VLC media player 2.0.6 VideoLAN 19.04.2013 2.0.6
Wacom Tablett Wacom Technology Corp. 26.07.2013 6.3.6w3
Webocton - Scriptly 0.8.95.6 Webocton 15.05.2013 0.8.95.6
WebTablet FB Plugin 32 bit Wacom Technology Corp. 26.07.2013 2.1.0.3
WebTablet FB Plugin 64 bit Wacom Technology Corp. 26.07.2013 2.1.0.3
Wäre fantastisch, wenn ihr mir weiterhelfen könntet, sollte noch etwas fehlen, dann liefere ich die Angaben gerne nach, sollte aber, soweit ich das jetzt sehe, erst mal die Grundanforderungen erfüllen, oder? :dummguck: :dankeschoen: |
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
