Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wie W32/Trojan2.OGMR entfernen?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.09.2014, 09:31   #1
castraregina
 
Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



Guten Morgen,
ich habe ein Problem.

Im Scan Bericht des Spyware Terminator steht:
„W32/Trojan2.OGMR
Datei erkannt durch F-Prot Antivirus
c:/Users/All Users/Spyware Terminator/Quarantine/Q00000007.sqd“

Im ausführlichen Scan Bericht steht:
„Gescannte Objekte: Kritisch: 1“
W32/Trojan2.OGMR wird in diesem Bericht nicht erwähnt.
Mit der Windows-Suchfunktion finde ich die Datei auch nicht!
Wenn ich sie mit dem Spyware Terminator entferne taucht sie beim nächsten Scan wieder auf!
Wie kann ich den Trojaner entfernen?

Alt 15.09.2014, 09:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 15.09.2014, 10:26   #3
castraregina
 
Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



Danke!
Eine Anmerkung zum Hinweis: "Ändere ungefragt keine der Checkboxen..."
Wenn die Checkbox Addition.txt unter "Optional Scan" nicht geändet wird, erstellt FRST keine Addition.txt!
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Bernhard (administrator) on BERNHARD-PC on 15-09-2014 11:18:16
Running from C:\Users\Bernhard\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Softwareentwicklung Remus - ArchiCrypt) C:\Windows\SysWOW64\STGRAMDiskHandler64.exe
() C:\Program Files\SuperEasy Software\Backup Pro\bin\backupService-sezbp.exe
() C:\Program Files\SuperEasy Software\Backup Pro\bin\oxHelper.exe
() C:\Program Files (x86)\Vip mobilni internet\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(AnVir Software) C:\Program Files (x86)\AnVir Task Manager\AnVir.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\OfficeAdRemover\OfficeAdRemover.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe
() C:\Program Files (x86)\Vip mobilni internet\CancelAutoPlay.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AnVir Software) C:\Program Files (x86)\AnVir Task Manager\anvir64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
() Q:\140066.deu\Office14\WINWORDC.EXE
() Q:\140066.deu\Office14\OffSpon.EXE
() Q:\140066.deu\Office14\EXCELC.EXE
() Q:\140066.deu\Office14\OffSpon.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Farbar) C:\Users\Bernhard\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated)
HKLM\...\Run: [Ashampoo Core Tuner 2] => C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe [5220768 2011-08-22] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [Ashampoo HDD-Control 2 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe [3783592 2012-07-30] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-10-22] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-10-22] (Crawler.com)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Steganos HotKeys] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosHotKeyService.exe [100864 2013-12-18] (Steganos Software GmbH)
HKLM-x32\...\Run: [SSS14 File Redirection Starter] => C:\Program Files (x86)\Steganos Privacy Suite 14\fredirstarter.exe [17920 2013-12-18] (Steganos Software GmbH)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2014-01-03] (RealNetworks, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [CancelAutoPlay] => C:\Program Files (x86)\Vip mobilni internet\CancelAutoPlay.exe [414544 2012-03-12] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-05-03] (Google Inc.)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [SUPERAntiSpyware] => C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE [7762712 2014-08-16] (SUPERAntiSpyware)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [SSS14 Browser Monitor] => C:\Program Files (x86)\Steganos Privacy Suite 14\SteganosBrowserMonitor.exe [70656 2013-12-18] (Steganos Software GmbH)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [Google Update] => C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-21] (Google Inc.)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1000\...\Run: [ReminderCommander] => C:\Program Files (x86)\Reminder Commander\ReminderCommander.exe [5201920 2014-08-18] (Abaiko Software)
HKU\S-1-5-21-4070342091-3793343965-3738386277-1008\...\RunOnce: [Screensaver] => C:\Windows\Web\Wallpaper\MEDION\start.vbs [129 2009-10-23] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OfficeAdRemover.lnk
ShortcutTarget: OfficeAdRemover.lnk -> C:\Program Files (x86)\OfficeAdRemover\OfficeAdRemover.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension -> {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll (Steganos Software GmbH)
Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent64.dll (soft Xpansion)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar.dll (Steganos Software GmbH)
Toolbar: HKLM-x32 - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files (x86)\soft Xpansion\Perfect Print 7 Express\ieagent32.dll (soft Xpansion)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164
FF Homepage: hxxp://www.gmx.net/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @protectdisc.com/NPPDLicenseHelper -> C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @soft-xpansion/npsxpdf -> C:\Program Files (x86)\Common Files\soft Xpansion\np-sxpdf.dll (soft-Xpansion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Bernhard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Bernhard\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Bernhard\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Bernhard\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Bernhard\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\Bernhard\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Bernhard\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-07]
FF Extension: DownloadHelper - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-09]
FF Extension: Ghostery - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\Extensions\firefox@ghostery.com.xpi [2014-07-03]
FF Extension: Print Edit - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\Extensions\printedit@DW-dev.xpi [2014-09-11]
FF Extension: NoScript - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-07-03]
FF Extension: Adblock Plus - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\lwgyi7wh.default-1404404788164\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-03]
FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afext@anchorfree.com [2014-09-13]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-29]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2013-12-22]
FF HKLM-x32\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15]
FF HKLM-x32\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Users\Bernhard\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Bernhard\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Bernhard\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DealPlyLive Update) - C:\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (Nokia Suite Enabler Plugin) - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
CHR Plugin: (Protect Disc License Acquisition Plugin) - C:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Citrix Online Web Deployment Plugin 1.0.0.104) - C:\Users\Bernhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
CHR Plugin: (Google Update) - C:\Users\Bernhard\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Google Talk Plugin) - C:\Users\Bernhard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Bernhard\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Bernhard\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Profile: C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-10]
CHR Extension: (Google Drive) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-10]
CHR Extension: (YouTube) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-10]
CHR Extension: (Adblock Plus) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-27]
CHR Extension: (Google-Suche) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-10]
CHR Extension: (SpeedTao Download Helper) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\eifpflhplblejfpibogcnnepoldboioh [2013-09-27]
CHR Extension: (Unifinder New Tab) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggpcleoagckefcmekcbgdhhmcfcdofhj [2014-07-03]
CHR Extension: (RealDownloader) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-26]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2014-03-30]
CHR Extension: (Norton Identity Protection) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-05-10]
CHR Extension: (Ghostery) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-03-02]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Google Mail) - C:\Users\Bernhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-10]
CHR HKLM-x32\...\Chrome\Extension: [ggpcleoagckefcmekcbgdhhmcfcdofhj] - C:\Users\Bernhard\AppData\Local\adStartPage\unifinder.crx [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com)
R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] ()
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-17] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S4 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
S4 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2013-05-02] (DATA BECKER GmbH & Co KG) [File not signed]
R2 DfSdkS; C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO HDD CONTROL 2\DFSDKS64.EXE [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [File not signed]
S3 GSService; C:\Windows\SysWOW64\GSService.exe [443080 2013-12-16] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
S2 Net Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\WINDOWS\SYSTEM32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Printer Control; C:\Windows\system32\PrintCtrl.exe [122368 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-10-22] (Crawler.com)
R2 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt) [File not signed]
R2 supereasy_backup; c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\backupService-SEZBP.EXE [24664 2013-11-21] ()
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion)
R2 UI Assistant Service; C:\Program Files (x86)\Vip mobilni internet\AssistantServices.exe [274760 2012-09-13] ()
S2 updatesvca; C:\Windows\system32\updatesvca.dll [209920 2013-03-04] (Digital Dynamic) [File not signed]
S3 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed]
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
S4 FreemakeVideoCapture; "C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
S4 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [46792 2013-04-24] (AnchorFree Inc.)
S3 leawo_vad; C:\Windows\System32\drivers\leawo_vad.sys [33048 2013-05-21] (Shenzhen Moyea Software)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-04-24] (RapidSolution Software AG)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2013-11-18] (Softwareentwicklung Remus - ArchiCrypt - )
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-01-07] (Windows (R) Win 7 DDK provider)
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [32536 2013-01-28] ()
R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [File not signed]
S3 Bulk1528; System32\Drivers\Bulk1528.sys [X]
S2 Ca1528av; System32\Drivers\Ca1528av.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 11:18 - 2014-09-15 11:18 - 00041034 _____ () C:\Users\Bernhard\Desktop\FRST.txt
2014-09-15 11:06 - 2014-09-15 11:07 - 00066974 _____ () C:\Users\Bernhard\Downloads\Addition.txt
2014-09-15 10:58 - 2014-09-15 10:59 - 02105856 _____ (Farbar) C:\Users\Bernhard\Desktop\FRST64(1).exe
2014-09-13 13:02 - 2014-09-13 13:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-12 10:54 - 2014-09-12 10:54 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000
2014-09-12 10:49 - 2014-09-12 10:50 - 00284936 _____ () C:\Windows\Minidump\091214-59498-01.dmp
2014-09-11 19:32 - 2014-09-11 19:32 - 01370483 _____ () C:\Users\Bernhard\Downloads\adwcleaner_3.309.exe
2014-09-11 00:03 - 2014-09-11 00:03 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-10 21:19 - 2014-09-10 21:48 - 00000000 ____D () C:\Users\Bernhard\MediathekView
2014-09-10 20:58 - 2014-09-10 22:54 - 00000000 ____D () C:\Users\Bernhard\.mediathek3
2014-09-10 20:57 - 2014-09-10 20:57 - 00000000 ____D () C:\Users\Bernhard\Downloads\MediathekView_7
2014-09-10 20:52 - 2014-09-10 20:55 - 30755210 _____ () C:\Users\Bernhard\Downloads\MediathekView_7.zip
2014-09-02 19:34 - 2014-09-02 19:34 - 00000047 _____ () C:\Users\Bernhard\Downloads\Adressbuch.csv
2014-08-27 21:06 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:06 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:06 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:39 - 2014-09-14 08:18 - 00000000 ____D () C:\Users\Bernhard\Desktop\Coaches neu
2014-08-22 15:10 - 2014-09-13 05:00 - 00000000 ____D () C:\Users\Bernhard\Documents\Reminder Commander
2014-08-22 15:10 - 2014-08-22 15:10 - 00001130 _____ () C:\Users\Public\Desktop\Reminder Commander.lnk
2014-08-22 15:10 - 2014-08-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reminder Commander
2014-08-22 15:10 - 2014-08-22 15:10 - 00000000 ____D () C:\Program Files (x86)\Reminder Commander
2014-08-22 15:10 - 2009-06-16 11:36 - 01226672 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.ReportControl.v13.1.0.ocx
2014-08-22 15:10 - 2009-06-16 10:35 - 02320304 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.CommandBars.v13.1.0.ocx
2014-08-22 15:10 - 2009-06-16 10:35 - 01791920 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.Controls.v13.1.0.ocx
2014-08-22 15:10 - 2008-08-22 07:35 - 00538544 _____ (Codejock Software) C:\Windows\SysWOW64\Codejock.SkinFramework.Unicode.v12.0.2.ocx
2014-08-22 15:10 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-08-22 15:10 - 1998-06-18 01:00 - 00089360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-08-22 15:06 - 2014-08-22 15:06 - 00000054 _____ () C:\Users\Bernhard\AppData\Roaming\mbam.context.scan
2014-08-22 15:05 - 2014-09-11 16:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-22 15:05 - 2014-08-22 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-22 15:05 - 2014-08-22 15:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-22 15:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-22 15:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-21 11:08 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-21 11:08 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-21 11:08 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-21 11:08 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-21 11:08 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-21 11:08 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-21 11:08 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-21 11:08 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-18 09:03 - 2014-08-18 09:03 - 00000000 ____D () C:\Users\Bernhard\Documents\Eigene Scans

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-15 11:18 - 2014-09-15 11:18 - 00041034 _____ () C:\Users\Bernhard\Desktop\FRST.txt
2014-09-15 11:18 - 2013-09-25 09:44 - 00000000 ____D () C:\FRST
2014-09-15 11:15 - 2012-05-03 09:49 - 01944654 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 11:07 - 2014-09-15 11:06 - 00066974 _____ () C:\Users\Bernhard\Downloads\Addition.txt
2014-09-15 11:07 - 2013-12-21 02:30 - 00056191 _____ () C:\Users\Bernhard\Downloads\FRST.txt
2014-09-15 11:03 - 2009-07-14 06:45 - 00017488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 11:03 - 2009-07-14 06:45 - 00017488 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 10:59 - 2014-09-15 10:58 - 02105856 _____ (Farbar) C:\Users\Bernhard\Desktop\FRST64(1).exe
2014-09-15 10:41 - 2012-10-24 11:53 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070342091-3793343965-3738386277-1000UA.job
2014-09-15 10:32 - 2012-05-03 09:55 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 10:25 - 2013-06-04 07:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 22:32 - 2012-05-03 09:55 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 17:09 - 2012-02-22 20:03 - 00000000 ____D () C:\ProgramData\Temp
2014-09-14 17:08 - 2014-03-27 15:47 - 00002835 _____ () C:\Users\Bernhard\AppData\Roaming\SAS7_000.DAT
2014-09-14 14:41 - 2012-10-24 11:53 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070342091-3793343965-3738386277-1000Core.job
2014-09-14 13:21 - 2014-01-07 00:03 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-09-14 11:29 - 2014-02-02 17:33 - 00000000 ____D () C:\Users\Bernhard\Desktop\Angelina
2014-09-14 11:17 - 2014-03-15 20:08 - 00016397 _____ () C:\Windows\setupact.log
2014-09-14 09:46 - 2013-05-10 15:06 - 00000000 ____D () C:\Users\Bernhard\AppData\Local\CrashDumps
2014-09-14 08:18 - 2014-08-27 20:39 - 00000000 ____D () C:\Users\Bernhard\Desktop\Coaches neu
2014-09-14 07:06 - 2012-05-24 00:30 - 00000000 ____D () C:\Users\Bernhard\dwhelper
2014-09-13 16:20 - 2013-09-27 07:55 - 00000000 ____D () C:\AdwCleaner
2014-09-13 16:00 - 2013-03-19 17:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-13 13:03 - 2014-09-13 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-13 12:39 - 2013-07-25 22:27 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-13 10:16 - 2012-02-21 20:50 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-09-13 10:16 - 2012-02-21 20:50 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-09-13 10:16 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 09:57 - 2012-09-11 20:34 - 00000000 ____D () C:\Users\Bernhard\Desktop\Maria
2014-09-13 08:38 - 2012-10-04 12:09 - 00000000 ____D () C:\Users\Bernhard\Desktop\Löschen
2014-09-13 08:32 - 2012-06-04 23:21 - 00000000 ____D () C:\Users\Bernhard\Documents\Gesundheit
2014-09-13 05:00 - 2014-08-22 15:10 - 00000000 ____D () C:\Users\Bernhard\Documents\Reminder Commander
2014-09-12 17:53 - 2013-01-06 12:57 - 00000000 ____D () C:\Users\Bernhard\.freemind
2014-09-12 10:54 - 2014-09-12 10:54 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000
2014-09-12 10:54 - 2014-02-19 15:37 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000
2014-09-12 10:50 - 2014-09-12 10:49 - 00284936 _____ () C:\Windows\Minidump\091214-59498-01.dmp
2014-09-12 10:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 10:49 - 2013-04-10 12:31 - 00000000 ____D () C:\Windows\Minidump
2014-09-12 10:43 - 2013-12-25 12:24 - 00008704 _____ () C:\Users\Bernhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-12 10:08 - 2012-06-04 23:18 - 00000000 ____D () C:\Users\Bernhard\Documents\Ulla
2014-09-11 19:54 - 2014-05-01 05:39 - 00200000 _____ () C:\Windows\PFRO.log
2014-09-11 19:52 - 2012-05-03 10:03 - 00000000 ____D () C:\Users\Bernhard
2014-09-11 19:51 - 2012-05-03 10:21 - 00000000 ____D () C:\Users\Bernhard\AppData\Roaming\SoftGrid Client
2014-09-11 19:42 - 2013-01-07 23:01 - 00000000 ___HD () C:\Users\Bernhard\Desktop\Linklisten
2014-09-11 19:32 - 2014-09-11 19:32 - 01370483 _____ () C:\Users\Bernhard\Downloads\adwcleaner_3.309.exe
2014-09-11 16:40 - 2014-08-22 15:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 12:05 - 2012-07-25 15:02 - 00074752 ___SH () C:\Users\Bernhard\Thumbs.db
2014-09-11 06:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-11 01:00 - 2014-08-04 06:08 - 00000000 ____D () C:\Users\_supereasy_backup_
2014-09-11 00:03 - 2014-09-11 00:03 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-11 00:03 - 2014-05-11 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-11 00:03 - 2014-05-11 13:21 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-11 00:03 - 2013-10-26 10:54 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 22:54 - 2014-09-10 20:58 - 00000000 ____D () C:\Users\Bernhard\.mediathek3
2014-09-10 21:48 - 2014-09-10 21:19 - 00000000 ____D () C:\Users\Bernhard\MediathekView
2014-09-10 20:57 - 2014-09-10 20:57 - 00000000 ____D () C:\Users\Bernhard\Downloads\MediathekView_7
2014-09-10 20:55 - 2014-09-10 20:52 - 30755210 _____ () C:\Users\Bernhard\Downloads\MediathekView_7.zip
2014-09-05 06:10 - 2009-07-14 06:45 - 00399912 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 05:53 - 2013-02-22 20:29 - 00000000 ____D () C:\Users\Bernhard\Desktop\WordPress Homepageerstellung
2014-09-05 05:43 - 2012-05-24 19:46 - 00000000 ____D () C:\Users\Bernhard\Desktop\Worddokumente
2014-09-04 16:53 - 2014-07-23 07:37 - 00000000 ____D () C:\Users\Bernhard\Desktop\Micro SDs
2014-09-02 19:34 - 2014-09-02 19:34 - 00000047 _____ () C:\Users\Bernhard\Downloads\Adressbuch.csv
2014-09-02 14:53 - 2012-05-03 10:27 - 00000000 ____D () C:\Users\Bernhard\AppData\Roaming\Adobe
2014-08-27 06:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-25 02:03 - 2012-05-03 10:04 - 00103200 _____ () C:\Users\Bernhard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-23 04:07 - 2014-08-27 21:06 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 21:06 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 21:06 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 16:26 - 2012-11-29 10:37 - 00000000 ____D () C:\Users\Bernhard\AppData\Roaming\Audacity
2014-08-22 15:10 - 2014-08-22 15:10 - 00001130 _____ () C:\Users\Public\Desktop\Reminder Commander.lnk
2014-08-22 15:10 - 2014-08-22 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reminder Commander
2014-08-22 15:10 - 2014-08-22 15:10 - 00000000 ____D () C:\Program Files (x86)\Reminder Commander
2014-08-22 15:06 - 2014-08-22 15:06 - 00000054 _____ () C:\Users\Bernhard\AppData\Roaming\mbam.context.scan
2014-08-22 15:05 - 2014-08-22 15:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-22 15:05 - 2014-08-22 15:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-22 15:05 - 2013-09-27 07:16 - 00000000 ____D () C:\Users\Bernhard\AppData\Roaming\Malwarebytes
2014-08-22 15:05 - 2013-09-27 07:15 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-22 15:05 - 2013-09-27 07:15 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-21 13:48 - 2013-11-08 13:36 - 00000000 ____D () C:\Users\Bernhard\Desktop\Unternehmensaufbau
2014-08-21 11:40 - 2011-04-12 10:28 - 00000000 ____D () C:\Program Files\Windows Journal
2014-08-21 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-08-21 11:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-08-21 11:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-21 11:28 - 2013-08-09 05:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-21 11:15 - 2013-03-19 07:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-21 11:14 - 2013-03-19 07:11 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-21 11:14 - 2013-03-19 07:11 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-21 11:03 - 2013-06-25 09:09 - 00000000 ____D () C:\Users\Bernhard\Desktop\Aktenschrank
2014-08-21 10:56 - 2012-09-24 20:18 - 00000000 ____D () C:\Users\Bernhard\Desktop\Kochrezepte
2014-08-21 10:39 - 2013-09-11 09:57 - 00000000 ____D () C:\Users\Bernhard\Desktop\Verschiedenes
2014-08-18 09:03 - 2014-08-18 09:03 - 00000000 ____D () C:\Users\Bernhard\Documents\Eigene Scans
2014-08-17 00:16 - 2014-06-26 11:52 - 00000000 ____D () C:\Users\Bernhard\Documents\Video Converter Studio
2014-08-16 07:12 - 2012-11-13 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

Some content of TEMP:
====================
C:\Users\Bernhard\AppData\Local\Temp\avgnt.exe
C:\Users\Bernhard\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-10 11:10

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 15.09.2014, 10:27   #4
castraregina
 
Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Bernhard at 2014-09-15 11:19:22
Running from C:\Users\Bernhard\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3D Video Converter 4.5.1 (HKLM-x32\...\{B219A5D9-7440-44D0-8A5E-552EA2484A81}_is1) (Version: 4.5.1 - cyan soft ltd)
3D Video Player 4.5.1 (HKLM-x32\...\{B8684928-B4E7-4F1A-89D3-3AD66BAC2E4F}_is1) (Version: 4.5.1 - cyan soft ltd)
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
abylon EXIF-CLEANER 2014 (Privatversion) (HKLM-x32\...\abylonprotectionmanager-exif-cleaner_is1) (Version: 2014 - abylonsoft)
Acoustica Special Edition 5.0 (HKLM-x32\...\Acoustica Special Edition_is1) (Version: 5.0 - Acon AS)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Aiseesoft Total Video Converter Platinum 7.1.10 (HKLM-x32\...\{3661F243-518C-4d05-8BDF-7B10CC22689F}_is1) (Version: 7.1.10 - Aiseesoft Studio)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version:  - )
AllDup 3.4.24 (HKLM-x32\...\AllDup_is1) (Version: 3.4.24 - Michael Thummerer Software Design)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
AnVir Task Manager (HKLM-x32\...\AnVir Task Manager) (Version:  - AnVir Software)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apowersoft kostenloser Bildschirmrekorder V1.2.4 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.2.4 - Apowersoft)
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft PhotoImpression 5 (HKLM-x32\...\{5863B6EF-76D0-4FF8-AA2F-EEBE7CC49DAA}) (Version:  - ArcSoft)
ArcSoft VideoImpression 2 (HKLM-x32\...\{5339885F-4597-4343-BD3B-74280CC79424}) (Version:  - ArcSoft)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\{4209F371-2541-6C11-55DB-6103A83FCB9B}_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Ashampoo Video Styler 2013 v.1.0.1 (HKLM-x32\...\{91B33C97-8914-D2D4-EB40-39C1714271FF}_is1) (Version: 1.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.2.5 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.05 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 2013 v.1.0.0 (HKLM-x32\...\{4209F371-7B85-60AD-E5CE-E4409D39E3DE}_is1) (Version: 1.00.00 - Ashampoo GmbH & Co. KG)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Audials (HKLM-x32\...\{85B5CB65-2AC3-4C1C-A950-B20DE5520C79}) (Version: 10.2.19305.500 - Audials AG)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
AVM FRITZ!Box Monitor (HKLM-x32\...\AVMFBoxMonitor) (Version:  - AVM Berlin)
Balabolka (HKLM-x32\...\Balabolka) (Version: 2.6.0.538 - Ilya Morozov)
Biet-O-Matic v2.14.10 (HKLM-x32\...\Biet-O-Matic v2.14.10) (Version: 2.14.10 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version:  - )
BroadCam Video Streaming Server (HKLM-x32\...\BroadCam) (Version:  - NCH Software)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
CleverPrint (HKLM-x32\...\CleverPrint_is1) (Version: 3.00 - Abelssoft GmbH)
ColorPage-SF600  (HKLM-x32\...\{A5505456-B9C3-43DA-A588-F6947422C134}) (Version: V4.3.0 - )
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: 1.3.0.0 - concept/design GmbH)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Convert AVI to MP4 1.3 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp3.com)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PhotoDirector 3 (x32 Version: 3.0.4428 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2219 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.2219 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarkWave Studio 4.0.9 (HKLM-x32\...\DarkWave Studio) (Version: 4.0.9 - ExperimentalScene)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version:  - NCH Software)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
EaseUS Data Recovery Wizard 7.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.0_is1) (Version:  - EaseUS)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.4.12044 - Landesfinanzdirektion Thüringen)
Express Burn (HKLM-x32\...\ExpressBurn) (Version:  - NCH Software)
Express Dictate (HKLM-x32\...\Express) (Version:  - NCH Software)
Express Rip (HKLM-x32\...\ExpressRip) (Version:  - NCH Software)
f4 2012 (HKLM-x32\...\f42012) (Version:  - audiotranskription.de)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileViewPro (HKLM\...\FileViewPro_is1) (Version: 4.0 - stfx, Ath)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
FormatFactory 3.1.1 (HKLM-x32\...\FormatFactory) (Version: 3.1.1 - Free Time)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxtab (HKLM-x32\...\foxtab) (Version:  - FoxTab) <==== ATTENTION
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.10 - FRANZIS Verlag GmbH)
Free PDF to Word Converter 2.0 (HKLM-x32\...\Free PDF to Word Converter_is1) (Version:  - Free-PDF-to-Word.com)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - Free PDF to Word Doc Converter - easy and powerful pdf converter software.)
Free Screen Video Recorder version 2.5.30.725 (HKLM-x32\...\Free Screen Video Recorder_is1) (Version: 2.5.30.725 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Golden Records Schallplatten in CD Konverter (HKLM-x32\...\Golden) (Version:  - NCH Software)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HDR projects elements (64-Bit) (HKLM\...\HDR projects elements_is1) (Version: 1.22 - Franzis Verlag GmbH)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Incomedia WebSite X5 v10 - Home (HKLM-x32\...\{22B260EE-79AD-4F4C-9E06-349E8F1D958C}_is1) (Version: 10.1.0.39 - Incomedia s.r.l.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalender-Excel-8.10 (HKLM-x32\...\Kalender-Excel-8.10_is1) (Version: 8.10 - MSDatec)
Kastor - All Video Downloader V 5.2.0 (HKLM-x32\...\{CB84FEF5-C573-4328-B9AF-B28568A4E10E}_is1) (Version: 5.2.0.0 - KastorSoft)
Kastor - Stream Recorder V 1.0 (HKLM-x32\...\{CB84FEF6-C573-4328-B9A4-B29568A4E10E}_is1) (Version: 1.0.0.0 - KastorSoft)
KC Softwares K-ML (HKLM-x32\...\KC Softwares K-ML_is1) (Version:  - KC Softwares)
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LightScribe Applications (HKLM-x32\...\{88A4002B-BDBA-49A2-927C-D81E8DF32B1B}) (Version: 1.18.5.1 - LightScribe)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LightScribe Template Labeler (HKLM-x32\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Live Aquarium HD (HKLM-x32\...\Live Aquarium HD_is1) (Version: 3 - Ladislav Vojnic)
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Reader (HKLM-x32\...\{B6F7DBE7-2FE2-458F-A738-B10832746036}) (Version:  - )
Microsoft Reader Text-to-Speech deutsch (HKLM-x32\...\{A06F5ACB-AF59-4DC0-B22E-1F6F47FC7004}) (Version: 01.00.0000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
MixPad Audiodatei-Mixer (HKLM-x32\...\MixPad) (Version:  - NCH Software)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.1 (x86 de)) (Version: 24.1.1 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
No23Live (HKLM-x32\...\{BE850443-DF4F-4B6F-9968-4F8F3125B964}) (Version: 1.0.4.19 - No23)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
oCam version 23.5.0.0 (HKLM-x32\...\oCam_is1) (Version: 23.5.0.0 - OhSoft(ohsoft.net) - Best Software Developer)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OfficeAdRemover (HKLM-x32\...\OfficeAdRemover_is1) (Version:  - Ondrej Pokorny)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Orga-Nicer (HKLM-x32\...\Orga-Nicer_is1) (Version: 3.3.0.1 - ASCOMP Software GmbH)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0055 - Pegatron Corporation)
Photomizer Retro (HKLM-x32\...\{41B5224D-7853-4EA5-0001-C8949A33B608}) (Version: 2.0.13.308 - Engelmann Media GmbH)
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version:  - NCH Software)
PhraseExpress v9.1.8 (HKLM-x32\...\PhraseExpress_is1) (Version: 9.1.8 - Bartels Media GmbH)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
Protect Disc License Helper 1.0.118 (HKLM-x32\...\Protect Disc License Helper) (Version: 1.0.118 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.11 - ProtectDisc Software GmbH)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Rainbow Folders (HKLM-x32\...\{2AEA17BA-FAB3-49D2-BB85-0669D14DC9BC}_is1) (Version: 2.05 - Piotr Chodzinski)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RecordPad Audiorekorder (HKLM-x32\...\Recordpad) (Version:  - NCH Software)
Reg Organizer version 6.31 (HKLM-x32\...\Reg Organizer_is1) (Version: 6.31 - ChemTable Software)
Reminder Commander 4.04 (HKLM-x32\...\Reminder Commander_is1) (Version:  - Abaiko Software)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version: 3.1.32.1 - Samsung Electronics Co., Ltd.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
simplitec simplicheck (HKLM-x32\...\{183D780B-28F9-41BA-A2CB-605F324A5781}) (Version: 1.3.10.0 - simplitec GmbH)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
soft Xpansion Perfect Print 7 Express (HKLM-x32\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version:  - NCH Software)
Sparfuchs (HKLM-x32\...\Sparfuchs_is1) (Version: 2014 - Abelssoft)
SPCA1528 PC Driver (HKLM-x32\...\{570C2A84-A145-4DF0-AE9D-012584DF09DC}) (Version: 2.2.2.0 - sunplus)
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC)
StarMoney (x32 Version: 3.0.6.28 - StarFinanz) Hidden
StarMoney 8.0  (HKLM-x32\...\{2E36EB70-A4D8-4CD0-915D-0ACAAED6A918}) (Version: 8.0 - Star Finanz GmbH)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Steganos Password Manager 14 (HKLM-x32\...\{C83404F0-D7FA-4069-94AB-2F34FDA22AA8}) (Version: 14.2 - Steganos Software GmbH)
Steganos Privacy Suite 14 (HKLM-x32\...\{9F07D3B6-3801-4C33-B20E-39CC29E63253}) (Version: 14.2.1 - Steganos Software GmbH)
Stickies 7.1d (HKLM-x32\...\ZhornStickies) (Version:  - Zhorn Software)
StreamTransport version: 1.1.0.1 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
StudioLine Photo Classic 3 SE (HKLM-x32\...\{53BDE9F4-79D1-4E2D-B7A4-4D3663419BAB}) (Version: 3.70.50.1 - H&M System Software)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)
SuperEasy Backup Pro (HKLM\...\SuperEasy Backup) (Version: 1.11 - SuperEasy Software GmbH & Co. KG)
SuperEasy Video Converter 2 v.2.1.3063 (HKLM-x32\...\{039BC111-5D42-BD22-5D57-C7073E40209A}_is1) (Version: 2.1.3063 - SuperEasy Software GmbH & Co. KG)
Switch Audiodatei-Konverter (HKLM-x32\...\Switch) (Version:  - NCH Software)
Symantec Threat Monitor, Powered By DeepSight Screen Saver (HKLM-x32\...\Symantec Threat Monitor, Powered By DeepSight) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
Telescope Driver (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.30.09 - PixArt)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Typograf 5.1f (HKLM-x32\...\Typograf) (Version: 5.1f - Neuber Software)
Verbose Text to Speech (HKLM-x32\...\Verbose) (Version:  - NCH Software)
Video Converter Studio V3.1.5 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 3.1.5 - Apowersoft)
Video DVD Maker v3.30.0.75 (HKLM-x32\...\{1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}) (Version:  - )
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version:  - NCH Software)
Vip mobilni internet (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE)
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
VirusTotal Uploader 2.0 (HKLM-x32\...\VirusTotalUploader2.0) (Version:  - )
watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - Product Image  (05/02/2002 1.0.1.1) (HKLM\...\F408A29B912DF89043C0C67FB04AE7CF4A67FF97) (Version: 05/02/2002 1.0.1.1 - Product)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wise Care 365 Version 2.92 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.92 - WiseCleaner.com, Inc.)
WISE-FTP 7 (HKLM-x32\...\{3EAF3023-F780-46E5-8220-72F8DB87A7EB}_is1) (Version:  - AceBIT GmbH)
Wondershare Data Recovery(Build 4.5.0.16) (HKLM-x32\...\{FEA3976F-D621-45F3-AFBD-E812A1F2F00D}_is1) (Version: 4.5.0.16 - Wondershare Software Co.,Ltd.)
Wondershare PDF Converter (Build 4.0.1) (HKLM-x32\...\{A888A8D1-ACCB-4EBE-AAA8-903D2B8FB6A4}_is1) (Version: 4.0.1 - Wondershare Software)
Wunderlist (HKLM-x32\...\{1cdbee75-ad10-47e7-b5c4-1f051f899978}) (Version: 2.3.0.30 - 6 Wunderkinder GmbH)
Wunderlist (x32 Version: 2.3.0.30 - 6 Wunderkinder GmbH) Hidden
ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version:  - ZDF)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4070342091-3793343965-3738386277-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1133\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Restore Points  =========================

27-06-2014 15:29:31 Installed LightScribe Applications.
29-06-2014 21:37:27 Installed LS_HSI.
29-06-2014 21:42:35 Installed LightScribe Applications.
30-07-2014 03:46:51 Installed LightScribe Template Labeler.
01-08-2014 05:00:14 Windows Update
11-08-2014 11:25:36 Geplanter Prüfpunkt
20-08-2014 05:10:48 Spyware Terminator 2012 (20.08.2014 07:10:46)
21-08-2014 09:07:29 Windows Update
05-09-2014 04:04:40 Windows Update
10-09-2014 15:29:32 Spyware Terminator 2012 (10.09.2014 17:29:27)
11-09-2014 05:02:36 Spyware Terminator 2012 (11.09.2014 07:02:30)
11-09-2014 10:06:41 Spyware Terminator 2012 (11.09.2014 12:06:40)
14-09-2014 15:07:50 Spyware Terminator 2012 (14.09.2014 17:07:25)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-09-25 21:51 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {03094DBB-E3F2-4765-8557-51EB0230CDE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03] (Google Inc.)
Task: {0D8F44A2-12F9-4D2D-810C-416C83F570A6} - System32\Tasks\{7F7E2F3B-EF44-43AA-9947-935E9B56B37C} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {108CA268-9E3F-444E-940B-285A983F26EF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4070342091-3793343965-3738386277-1000UA => C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21] (Google Inc.)
Task: {1253A9A4-F396-498A-8533-D5593CE77E41} - System32\Tasks\{86587C49-245F-4A8B-9A0A-486EB72072C1} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {143E9C67-70DB-45A4-824C-F6F026A9BDD2} - System32\Tasks\{99E55DA8-7CB1-41BA-A0D1-C985A76C7213} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {1B03583D-7459-438E-9C4B-94427E564F6F} - System32\Tasks\RealCreateProcessScheduledTask160112530S-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealPlayer\Update\RealOneMessageCenter.exe [2014-01-03] (RealNetworks, Inc.)
Task: {1CB02D47-A114-4C62-97DF-1D65A1922E38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4070342091-3793343965-3738386277-1000Core => C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-21] (Google Inc.)
Task: {2606CB2B-19BF-4415-8EC1-2B0FC7C600B7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2D7ED6FD-C897-472B-A73D-C0AF41663962} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {2FC9DEE8-5E40-401C-88CA-583AD08B9519} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {347DB677-28B4-475A-91D5-030F4F7DAF3D} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {34972354-32B6-4AA0-8B09-A11B6B59EC88} - System32\Tasks\{485E4FEF-32A1-4B05-8080-C4F815720167} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {3AD1B4E5-F55E-41C2-AAA6-11129474AD39} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {557F0C11-B806-4D10-B325-CDAE6DEA71F4} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5B04776D-F2FC-4941-B435-DE63FB9B90BA} - System32\Tasks\{1D1A8A18-7950-41F2-BD97-5641FB750FB2} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {5CABB6BD-B566-43A3-9C3D-B613061EFB03} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5FAE9FF5-BC24-41EF-A40D-75730FA50529} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {64977427-E3EC-4FFB-A198-E75647183BA5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7235EFAA-2E9C-4F0C-8C4B-E2C291402287} - System32\Tasks\RegOrganizerQuickLaunch => C:\Program Files (x86)\Reg Organizer\RegOrganizer.exe [2013-11-29] (ChemTable Software)
Task: {7790F5CA-8F62-47E6-A91D-5E99D9D90CED} - System32\Tasks\{BB4D84AD-6D4A-4AE9-8BDD-6E099740DBD6} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {96480441-EFC8-411C-8FA9-1D73D888B756} - System32\Tasks\{2DD33BBB-46F0-4858-A078-E254CE47E6B3} => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [2009-07-06] (AVM Berlin)
Task: {A037188E-6F91-4AFD-84D8-97961F8C65D4} - System32\Tasks\AnVir Task Manager => C:\Program Files (x86)\AnVir Task Manager\anvir.exe [2013-12-04] (AnVir Software)
Task: {AB6EB7EA-CC34-42A8-AB2C-806E13212C6F} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\WSCStub.exe
Task: {BE3DD460-FECC-489E-AD28-B30A9B70A580} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BFF44E6B-0E2B-40C4-87A7-48A8D337F257} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C6E9A2EE-7479-4B29-A144-8FC96A14D6A9} - System32\Tasks\G2MUpdateTask-S-1-5-21-4070342091-3793343965-3738386277-1000 => C:\Users\Bernhard\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-17] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {CBB5779C-CD71-4D3A-B6CC-565C1E5492AF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {CDF3F9DD-47A6-4D1C-ACA3-4B69FEB88881} - System32\Tasks\{753244C6-DC45-427A-8BCE-FAF0BEDAC406} => C:\Program Files (x86)\ColorPage-SF600\DigiScan.exe [2011-03-25] (PLUSTEK)
Task: {DD9E7AF3-2FEC-4132-B34D-50DE9132323F} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security CBE\Engine\20.4.0.40\SymErr.exe
Task: {E1904FFF-A3F8-4228-875A-C154A5B636C5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-03] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-4070342091-3793343965-3738386277-1000.job => C:\Users\Bernhard\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070342091-3793343965-3738386277-1000Core.job => C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4070342091-3793343965-3738386277-1000UA.job => C:\Users\Bernhard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4070342091-3793343965-3738386277-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe

==================== Loaded Modules (whitelisted) =============

2012-02-22 18:36 - 2009-12-19 01:40 - 00104968 ____N () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-02-22 18:36 - 2011-10-14 00:38 - 00156672 ____N () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2013-07-15 11:21 - 2011-08-22 13:44 - 01421216 _____ () C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO CORE TUNER 2\ACT2SERVICE.EXE
2013-08-21 07:22 - 2012-07-30 09:48 - 01518504 _____ () C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO HDD CONTROL 2\AHDDC2_SERVICE.EXE
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2012-02-22 20:09 - 2010-08-19 18:43 - 00386344 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2013-11-21 14:14 - 2013-11-21 14:14 - 00024664 _____ () C:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\BACKUPSERVICE-SEZBP.EXE
2013-11-21 14:14 - 2013-11-21 14:14 - 00104024 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\backupServiceLib.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 11016280 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\backupCore.dll
2013-11-21 14:14 - 2013-11-21 14:14 - 00157272 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\deemon.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 04838488 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\ox.dll
2013-11-21 14:14 - 2013-11-21 14:14 - 00494168 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\veem.dll
2013-11-21 14:14 - 2013-11-21 14:14 - 00061016 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\minizutil.dll
2013-11-21 12:54 - 2013-11-21 12:54 - 00020992 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\zlibutil.dll
2013-09-23 21:24 - 2013-09-23 21:24 - 00076288 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\zdll.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 00053336 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\lzmaUtil.dll
2013-11-21 12:55 - 2013-11-21 12:55 - 00049664 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\lzma.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 00506968 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\twirl.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 00344152 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\tomb.dll
2013-11-21 12:56 - 2013-11-21 12:56 - 00309248 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\party.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 00113752 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\scoolite.dll
2013-11-21 12:55 - 2013-11-21 12:55 - 00626688 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\sqlite.dll
2013-11-21 14:13 - 2013-11-21 14:13 - 00211032 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\netutil.dll
2013-11-21 13:42 - 2013-11-21 13:42 - 00045056 _____ () c:\PROGRAM FILES\SUPEREASY SOFTWARE\BACKUP PRO\BIN\oxHelper.exe
2014-05-11 12:57 - 2012-09-13 16:00 - 00274760 _____ () C:\Program Files (x86)\Vip mobilni internet\AssistantServices.exe
2012-02-22 18:36 - 2012-02-07 03:34 - 00823808 ____N () C:\PROGRAM FILES (X86)\PHOTKEY\PHOTKEY.EXE
2012-02-22 18:36 - 2010-01-13 03:36 - 00117256 ____N () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-02-22 18:36 - 2010-01-13 03:36 - 00121864 ____N () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-02-22 18:36 - 2010-12-18 00:04 - 00449032 ____N () C:\Program Files (x86)\PHotkey\ATouch64.exe
2012-02-22 18:36 - 2012-01-13 03:58 - 00552960 ____N () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-02-22 18:36 - 2012-01-13 03:58 - 00477696 ____N () C:\PROGRAM FILES (X86)\PHOTKEY\PVDAGENT.EXE
2012-02-22 18:36 - 2011-12-21 01:08 - 03454464 ____N () C:\PROGRAM FILES (X86)\PHOTKEY\POSD.EXE
2012-02-22 00:09 - 2012-01-06 03:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-27 13:30 - 2012-09-18 21:07 - 01321472 _____ () C:\PROGRAM FILES (X86)\OFFICEADREMOVER\OFFICEADREMOVER.EXE
2014-05-11 12:57 - 2012-03-12 10:57 - 00414544 _____ () C:\PROGRAM FILES (X86)\VIP MOBILNI INTERNET\CANCELAUTOPLAY.EXE
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 ____N () C:\PROGRAM FILES (X86)\COMMON FILES\MICROSOFT SHARED\VIRTUALIZATION HANDLER\OFFICEVIRT.EXE
2013-07-17 13:54 - 2013-07-17 13:54 - 00220672 _____ () C:\Program Files (x86)\Steganos Privacy Suite 14\ShellExtension.dll
2013-07-15 11:21 - 2011-08-22 13:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2013-08-21 07:22 - 2012-07-30 09:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2012-02-22 18:36 - 2012-02-07 03:34 - 00823808 ____N () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-02-22 18:36 - 2009-12-19 01:36 - 00973432 ____N () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-02-22 18:36 - 2009-12-19 01:41 - 00129544 ____N () C:\Program Files (x86)\PHotkey\GFNEX.dll
2012-02-22 18:36 - 2011-12-21 01:08 - 03454464 ____N () C:\Program Files (x86)\PHotkey\POSD.exe
2013-09-27 13:30 - 2012-09-18 21:07 - 01321472 _____ () C:\Program Files (x86)\OfficeAdRemover\OfficeAdRemover.exe
2010-08-04 01:39 - 2010-08-04 01:39 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 01:39 - 2010-08-04 01:39 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-05-11 12:57 - 2012-03-12 10:57 - 00414544 _____ () C:\Program Files (x86)\Vip mobilni internet\CancelAutoPlay.exe
2014-05-11 13:29 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Bernhard\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-08-21 13:08 - 2014-08-21 13:08 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\de4aaa11d46d614b5330b337b67e5227\IsdiInterop.ni.dll
2012-02-22 00:36 - 2011-11-30 06:00 - 00059392 ____N () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 00:21 - 2011-12-16 11:39 - 01198872 ____N () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 ____N () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2012-01-16 22:06 - 2012-01-16 22:06 - 00577621 _____ () C:\Program Files (x86)\Spyware Terminator\sqlite3.dll
2014-09-13 13:02 - 2014-09-13 13:03 - 03716720 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 19:25 - 2014-07-09 19:25 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0FF263E8
AlternateDataStreams: C:\ProgramData\Temp:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Orga-Nicer.lnk => C:\Windows\pss\Orga-Nicer.lnk.CommonStartup

==================== Faulty Device Manager Devices =============

Name: Apowersoft_AudioDevice
Description: Apowersoft_AudioDevice
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Apowersoft_AudioDevice
Service: Apowersoft_AudioDevice
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/15/2014 00:25:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/14/2014 10:31:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wmplayer.exe, Version 12.0.7601.18150 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2528

Startzeit: 01cfcff5ee131483

Endzeit: 1154

Anwendungspfad: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

Berichts-ID: 7221fcc2-3be9-11e4-ad82-815cdcf548be

Error: (09/14/2014 10:27:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RealPlay.exe, Version 16.0.3.51 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: dec

Startzeit: 01cfcff564f91848

Endzeit: 7

Anwendungspfad: C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

Berichts-ID: f488f6d6-3be8-11e4-ad82-815cdcf548be

Error: (09/14/2014 10:20:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RealPlay.exe, Version 16.0.3.51 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1914

Startzeit: 01cfcff48aacb411

Endzeit: 24963

Anwendungspfad: C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

Berichts-ID: e659f3e1-3be7-11e4-ad82-815cdcf548be

Error: (09/14/2014 09:46:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RealPlay.exe, Version: 16.0.3.51, Zeitstempel: 0x520c1e46
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b4262
ID des fehlerhaften Prozesses: 0x2410
Startzeit der fehlerhaften Anwendung: 0xRealPlay.exe0
Pfad der fehlerhaften Anwendung: RealPlay.exe1
Pfad des fehlerhaften Moduls: RealPlay.exe2
Berichtskennung: RealPlay.exe3

Error: (09/14/2014 09:04:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RealPlay.exe, Version 16.0.3.51 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 670

Startzeit: 01cfcfe9e027915d

Endzeit: 22

Anwendungspfad: C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe

Berichts-ID: 5329e813-3bdd-11e4-ad82-815cdcf548be

Error: (09/13/2014 01:08:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm AHDDC2_GUARD.EXE, Version 1.1.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f74

Startzeit: 01cfce670e0a0e72

Endzeit: 15

Anwendungspfad: C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO HDD CONTROL 2\AHDDC2_GUARD.EXE

Berichts-ID: 38c60438-3b36-11e4-ad82-815cdcf548be

Error: (09/13/2014 10:01:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm realplay.exe, Version 16.0.3.51 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b28

Startzeit: 01cfcf28e252137d

Endzeit: 30

Anwendungspfad: C:\Program Files (x86)\Real\RealPlayer\realplay.exe

Berichts-ID: 2c5f0b1c-3b1c-11e4-ad82-815cdcf548be

Error: (09/13/2014 10:01:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm realplay.exe, Version 16.0.3.51 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1be4

Startzeit: 01cfcf28bf0f3921

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\Real\RealPlayer\realplay.exe

Berichts-ID: 1c1caa59-3b1c-11e4-ad82-815cdcf548be

Error: (09/13/2014 05:38:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EXPLORER.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005320e
ID des fehlerhaften Prozesses: 0xc40
Startzeit der fehlerhaften Anwendung: 0xEXPLORER.EXE0
Pfad der fehlerhaften Anwendung: EXPLORER.EXE1
Pfad des fehlerhaften Moduls: EXPLORER.EXE2
Berichtskennung: EXPLORER.EXE3


System errors:
=============
Error: (09/14/2014 10:31:01 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:53 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:44 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:35 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:27 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:18 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:10 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:30:01 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:29:53 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (09/14/2014 10:29:44 AM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


Microsoft Office Sessions:
=========================
Error: (09/15/2014 00:25:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dragon_support_packager.exe

Error: (09/14/2014 10:31:02 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wmplayer.exe12.0.7601.18150252801cfcff5ee1314831154C:\Program Files (x86)\Windows Media Player\wmplayer.exe7221fcc2-3be9-11e4-ad82-815cdcf548be

Error: (09/14/2014 10:27:34 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RealPlay.exe16.0.3.51dec01cfcff564f918487C:\Program Files (x86)\Real\RealPlayer\RealPlay.exef488f6d6-3be8-11e4-ad82-815cdcf548be

Error: (09/14/2014 10:20:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RealPlay.exe16.0.3.51191401cfcff48aacb41124963C:\Program Files (x86)\Real\RealPlayer\RealPlay.exee659f3e1-3be7-11e4-ad82-815cdcf548be

Error: (09/14/2014 09:46:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: RealPlay.exe16.0.3.51520c1e46ole32.dll6.1.7601.175144ce7b96fc0000005000b4262241001cfcfefdd0bd992C:\Program Files (x86)\Real\RealPlayer\RealPlay.exeC:\Windows\syswow64\ole32.dll35ca2bd3-3be3-11e4-ad82-815cdcf548be

Error: (09/14/2014 09:04:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: RealPlay.exe16.0.3.5167001cfcfe9e027915d22C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe5329e813-3bdd-11e4-ad82-815cdcf548be

Error: (09/13/2014 01:08:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: AHDDC2_GUARD.EXE1.1.0.0f7401cfce670e0a0e7215C:\PROGRAM FILES (X86)\ASHAMPOO\ASHAMPOO HDD CONTROL 2\AHDDC2_GUARD.EXE38c60438-3b36-11e4-ad82-815cdcf548be

Error: (09/13/2014 10:01:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: realplay.exe16.0.3.511b2801cfcf28e252137d30C:\Program Files (x86)\Real\RealPlayer\realplay.exe2c5f0b1c-3b1c-11e4-ad82-815cdcf548be

Error: (09/13/2014 10:01:08 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: realplay.exe16.0.3.511be401cfcf28bf0f392118C:\Program Files (x86)\Real\RealPlayer\realplay.exe1c1caa59-3b1c-11e4-ad82-815cdcf548be

Error: (09/13/2014 05:38:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: EXPLORER.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c0000005000000000005320ec4001cfce66dd5f0014C:\WINDOWS\EXPLORER.EXEC:\Windows\SYSTEM32\ntdll.dll7b106680-3af7-11e4-ad82-815cdcf548be


CodeIntegrity Errors:
===================================
  Date: 2013-09-25 21:38:53.619
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-09-25 21:38:53.553
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 53%
Total physical RAM: 8086.48 MB
Available physical RAM: 3792.62 MB
Total Pagefile: 16171.15 MB
Available Pagefile: 11206.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:414.66 GB) (Free:65.21 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:6.27 GB) NTFS
Drive g: () (Removable) (Total:7.39 GB) (Free:2.58 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=414.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---

Alt 15.09.2014, 18:52   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



Schau mal genau hin was angemeckert wird. Der Fund ist in Quarantäne bei Spyware Terminator.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.09.2014, 19:10   #6
castraregina
 
Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



Ja, ist mir klar. Hatte ich in meinem ersten Post auch schon geschrieben.
Den Ordner Quarantine finde ich jedoch nicht, die Datei Q00000007.sqd ebenfalls nicht.
Wenn ich Q00000007.sqd mit dem Spyware Terminator entferne kommt die Meldung "Bedrohung entfernt".
Wenn ich dann erneut scanne ist Q00000007.sqd wieder da!

Alt 16.09.2014, 12:19   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



ich kann dir nicht mehr folgen

Welches Programm meckert die Datei in der Quarantäne von Spyware Terminator an?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.09.2014, 05:50   #8
castraregina
 
Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



Gut, dann noch mal langsam und ganz von vorn.
1. Spyware Terminator liefert mir das Scanergebnis -> siehe Anhang 69590
2. Ich drücke auf den Button "Entfernen"
3. Spyware Terminator liefert mir das Ergebnis: "Die gewählten Positionen sind Malware frei" -> siehe Anhang 69591
4. Ich scanne wieder und habe wieder das erste Scanergebnis -> siehe Anhang 69590

Meine Frage: Warum ist der Trojaner immer noch in der Quarantäne des Spyware Terminator und nicht ganz gelöscht?

Alt 19.09.2014, 18:38   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



weil jedes Programm auf diesem Erdball Funde immer in die eigene Quarantäne steckt.
Deine ganzen Links zu Anhängen funktionieren nicht, ich seh gar nix.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.09.2014, 22:49   #10
castraregina
 
Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



ist mir auch klar, war aber auch nicht meine Frage:
Kann man sie nicht mehr löschen, wenn sie in der Quarantäne ist?

Jetzt hoffentlich mit funktionierenden Anlagen:

1. Spyware Terminator liefert mir das Scanergebnis -> siehe Anhang
Code:
ATTFilter
Wie W32/Trojan2.OGMR entfernen?-anlage-1.jpg
         
2. Ich drücke auf den Button "Entfernen"
3. Spyware Terminator liefert mir das Ergebnis: "Die gewählten Positionen sind Malware frei" -> siehe Anhang
Code:
ATTFilter
Wie W32/Trojan2.OGMR entfernen?-anlage-2.jpg
         
4. Ich scanne wieder und habe wieder das erste Scanergebnis -> siehe Anhang
Code:
ATTFilter
Klicken Sie auf die Grafik für eine größere Ansicht

Name:	Anlage 1.jpg
Hits:	325
Größe:	192,2 KB
ID:	69631
         

Geändert von castraregina (19.09.2014 um 22:56 Uhr)

Alt 20.09.2014, 15:26   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Wie W32/Trojan2.OGMR entfernen? - Standard

Wie W32/Trojan2.OGMR entfernen?



Zitat:
Kann man sie nicht mehr löschen, wenn sie in der Quarantäne ist?
Doch. den Ordner leren oder über eine Funktion im Tool. Spyware Terminator kenne ich aber nit. Noch nie benutzt.


und in deinem dritten Screen sieht man auch warum man es nit nutzen sollte.

ein tool was bei einem scan eine datei in der eigenen quarantäne anmeckert.

absolut lächerlich
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Wie W32/Trojan2.OGMR entfernen?
ausführliche, bericht, entferne, entfernen, erkannt, guten, kritisch, morgen, objekte, scan, spyware, spyware terminator, taucht, terminator, trojaner, trojaner entfernen, w32/trojan2.ogmr





Zum Thema Wie W32/Trojan2.OGMR entfernen? - Guten Morgen, ich habe ein Problem. Im Scan Bericht des Spyware Terminator steht: „W32/Trojan2.OGMR Datei erkannt durch F-Prot Antivirus c:/Users/All Users/Spyware Terminator/Quarantine/Q00000007.sqd“ Im ausführlichen Scan Bericht steht: „Gescannte Objekte: Kritisch: - Wie W32/Trojan2.OGMR entfernen?...
Archiv
Du betrachtest: Wie W32/Trojan2.OGMR entfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.