| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: posadi17 im IEWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
07.05.2014, 08:43
| #1 |
| /// the machine /// TB-Ausbilder    |  posadi17 im IE hi, Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.05.2014, 08:59
| #2 |
 | posadi17 im IE FRST:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2014 Ran by Heiner (administrator) on HEINER-HP on 07-05-2014 09:51:24 Running from C:\Download\Sicherheit Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\System32\atiesrxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (AMD) C:\Windows\System32\atieclxx.exe (SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Hollie-Soft) C:\Program Files (x86)\Klebezettel NG\klebez.exe (Mirko Böer) C:\Program Files (x86)\AmP\AmP.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe () C:\Users\Heiner\AppData\Roaming\InetStat\inetstat.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Ascora GmbH) C:\Program Files (x86)\StartupStar\StartupStar.exe (DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe (EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (IMU-BerliNet) D:\Z-defrag RAM\zdefrag27\z-defrag\Z-defrag.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Deutsche Telekom AG) C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe (Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Deutsche Telekom AG) C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (Bitdefender) C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE (Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (The OpenVPN Project) C:\Program Files (x86)\Steganos Online Shield\openvpn64\openvpn.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Solvusoft Corporation) C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard) HKLM\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [242192 2008-02-29] (Logicool, Inc.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-01] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-05-17] (EasyBits Software AS) HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-05-20] (DivX, LLC) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.) HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG) HKLM-x32\...\Run: [Z-defragRAM] => D:\Z-defrag RAM\zdefrag27\z-defrag\Z-defrag.EXE [233536 2011-03-17] (IMU-BerliNet) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-05-06] (AVAST Software) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-01-03] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-01-03] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-01-03] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [Klebezettel NG] => C:\Program Files (x86)\Klebezettel NG\klebez.exe [4418048 2014-02-20] (Hollie-Soft) HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [Alle meine Passworte] => C:\Program Files (x86)\AmP\AmP.exe [3792776 2011-05-25] (Mirko Böer) HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung) HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [pdiface] => C:\Program Files\Bitdefender\60-Second Virus Scanner\pdiface.exe [283608 2013-10-30] (Bitdefender) HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [KiesPDLR.exe] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung) HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [4709720 2014-04-09] (Steganos Software GmbH) HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Run: [InetStat] => C:\Users\Heiner\AppData\Roaming\InetStat\inetstat.exe [1260648 2014-04-26] () HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Policies\Explorer: [HideSCABattery] 1 HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1 HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Policies\Explorer: [StartMenuLogOff] 1 HKU\S-1-5-21-1672989923-2146060953-3799598713-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2012-01-03] (Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2014 Zahlungserinnerung.lnk ShortcutTarget: Quicken 2014 Zahlungserinnerung.lnk -> C:\Windows\Installer\{E60036CF-1E46-4DFE-832F-5476574B30FF}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Meine Dienste.lnk ShortcutTarget: Meine Dienste.lnk -> C:\Program Files\Telekom\Meine Dienste\StartMeineDienste.exe (Deutsche Telekom AG) Startup: C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Geburtstagsmahner.lnk ShortcutTarget: Geburtstagsmahner.lnk -> D:\ZEHBESOFT\Geburtstagsmahner\GebAlert.exe (ZehbeSoft) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x521226656469CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = C:\QUICKEN8\inet\common\blank.htm HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01 URLSearchHook: HKLM-x32 - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File URLSearchHook: HKLM-x32 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: No Name - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: CBAbzockschutz.InitToolbarBHO - {274f31ad-f6cd-4945-bc41-ff5408939c05} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll () Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKLM-x32 - COMPUTERBILD-Abzockschutz Premium - {d9b15ccf-bdb7-4d41-82ee-7cdc09afc400} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - No File DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.0.cab Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation) Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-01-03] (EasyBits Software Corp.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022 FF Homepage: https://www.google.de/|hxxp://www.onlinetvrecorder.com/v2/?go=list&tab=search&station=&date=sinceregister&year=2014&fd=1&fm=1&td=31&tm=12&actor=&director=&minutes=&title=×=0&intext=0&cbde=0&cbsing=0&cben=0&cbxy=0&cbfav=0&rating=0&weekday=&searchmethod=match&indatefrom=0&indateto=0&intimefrom=&intimeto=&genre=0&format=&source=my&filestate=&wdh=&fsk=&start=0&view=table&order=beginn&saveorder=beginn|hxxp://www.wetter.com/wetter_aktuell/wettervorhersage/heute/deutschland/obernzenn/DE0007791.html|hxxp://wetter.msn.com/local.aspx?wealocations=wc:8256724&q=Bad+Windsheim%2c+BY|hxxp://www.unwetterzentrale.de/uwz/getwarning_de.php?xpos=187&ypos=193&bland=bayern&lang=de|hxxp://www.unwetterzentrale.de/uwz/bayernindex.html FF NetworkProxy: "socks_version", 0 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin - C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll (Simon Bünzli) FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\Heiner\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( ) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: German Dictionary (de-DE), classical spelling standards - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\alterechtschreibung@googlemail.com [2013-10-30] FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\de_DE@dicts.j3e.de [2014-03-22] FF Extension: HashColouredTabs+ - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\hashcolouredtabs@bristol.ac.uk [2013-09-27] FF Extension: LastPass - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\support@lastpass.com [2014-03-21] FF Extension: New Tab Plus - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\weidunewtab@gmail.com [2014-04-29] FF Extension: Forecastfox - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3} [2013-09-27] FF Extension: ColorfulTabs - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2014-05-02] FF Extension: DownloadHelper - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-28] FF Extension: New Tab King - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{FC5BAC7D-D696-4ba6-B913-CF8F000C33DF} [2014-05-06] FF Extension: Add to Amazon Wish List Button - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\amznUWL2@amazon.com.xpi [2014-02-13] FF Extension: Classic Theme Restorer - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2014-04-29] FF Extension: IdentFavIcon - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\identfavicon@david.hanak.hu.xpi [2013-09-27] FF Extension: Personas Plus - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\personas@christopher.beard.xpi [2013-09-27] FF Extension: S3.Google Translator - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\s3google@translator.xpi [2013-11-14] FF Extension: FastestFox - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\smarterwiki@wikiatic.com.xpi [2014-02-13] FF Extension: FlashGot - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2013-09-27] FF Extension: Adblock Plus - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-27] FF Extension: Tab Mix Plus - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-09-27] FF Extension: Torbutton - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi [2013-12-16] FF Extension: Menu Editor - C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\Extensions\{EDA7B1D7-F793-4e03-B074-E6F303317FB0}.xpi [2013-09-27] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-29] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-29] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-29] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-08-06] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-09-01] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-06] ==================== Services (Whitelisted) ================= R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 AHDDC2; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] () R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-05-06] (AVAST Software) R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2012-10-14] (DATA BECKER GmbH & Co KG) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1876816 2014-04-10] (SurfRight B.V.) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 MCSWASVR; C:\Program Files\Telekom\Mediencenter\DTAG.Mediencenter.BackgroundService.exe [12800 2011-11-23] (Deutsche Telekom AG) R2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2565632 2011-10-24] (Deutsche Telekom AG) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [318328 2014-04-09] (Steganos Software GmbH) R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc) R2 pdserv; C:\Program Files\Bitdefender\60-Second Virus Scanner\pdscan.exe [1445424 2013-11-11] (Bitdefender) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP1a\RpcAgentSrv.exe [68760 2009-02-04] (SiSoftware) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.) R3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.) S3 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-05-15] () S2 JetDrive WindowsClosingService; C:\Windows\System32\WindowsClosingService [X] ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-05-06] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [447888 2014-05-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] () R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [318152 2010-05-15] (EldoS Corporation) S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [24376 2010-04-27] () S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] () R0 CryptBox; C:\Windows\SysWow64\drivers\CryptBox.sys [222080 2012-12-06] (Abelssoft GmbH) S3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [20032 2012-05-23] (Devguru Co., Ltd) R3 dvdfab; C:\Windows\System32\drivers\dvdfab.sys [79232 2011-08-15] (Fengtao Software Inc.) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [93144 2014-04-10] () R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37456 2010-10-08] (Paragon Software Group) S3 jetdrive; C:\Windows\System32\DRIVERS\jddrv.sys [37248 2011-05-31] (Abelssoft GmbH) R3 LHidFilt; C:\Windows\System32\DRIVERS\LHidFilt.Sys [54800 2008-02-29] (Logicool, Inc.) R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] () R3 LMouFilt; C:\Windows\System32\DRIVERS\LMouFilt.Sys [57360 2008-02-29] (Logicool, Inc.) R3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [41488 2008-02-29] (Logicool, Inc.) R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-04-03] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-07] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-03-20] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-03-20] (RapidSolution Software AG) S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [50768 2010-10-08] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [566864 2010-10-08] (Paragon) U2 TMAgent; ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-07 09:51 - 2014-05-07 09:51 - 00000000 ____D () C:\FRST 2014-05-07 08:36 - 2014-05-07 08:36 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Solvusoft 2014-05-07 08:30 - 2014-05-07 08:30 - 00001594 _____ () C:\Users\Heiner\Desktop\AdwCleaner.txt 2014-05-07 08:26 - 2014-05-07 08:26 - 00001158 _____ () C:\Users\Heiner\Desktop\Malwarebytes Verlauf.txt 2014-05-07 01:02 - 2014-05-07 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-07 01:02 - 2014-05-07 01:01 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-05-07 01:02 - 2014-05-07 01:01 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-05-07 01:02 - 2014-05-07 01:01 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-05-07 01:02 - 2014-05-07 01:01 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner (2) 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner (4) 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner (3) 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\AVAST! 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\AVAST 2014-05-06 16:48 - 2014-05-06 21:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-05-06 16:48 - 2014-05-06 16:48 - 00002020 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-05-06 16:48 - 2014-05-06 16:48 - 00001960 _____ () C:\Users\Public\Desktop\avast! Premier.lnk 2014-05-06 16:48 - 2014-05-06 16:48 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\AVAST Software 2014-05-06 16:48 - 2014-05-06 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-05-06 16:48 - 2014-05-06 16:47 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-05-06 16:48 - 2014-05-06 16:47 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-05-06 16:47 - 2014-05-06 16:47 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-05-06 16:47 - 2014-05-06 16:47 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-05-06 16:47 - 2014-05-06 16:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-05-06 16:47 - 2014-05-06 16:47 - 00000000 ____D () C:\Program Files\AVAST Software 2014-05-06 16:44 - 2014-05-06 16:44 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-06 16:42 - 2014-05-06 21:43 - 00000862 _____ () C:\Windows\setupact.log 2014-05-05 16:41 - 2014-05-05 16:41 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-05 16:40 - 2014-05-06 17:40 - 00088654 _____ () C:\Windows\PFRO.log 2014-05-05 16:22 - 2014-05-05 16:22 - 00000779 _____ () C:\Users\Heiner\AppData\Roaming\gdscan.log 2014-05-05 16:22 - 2014-05-05 16:22 - 00000000 _____ () C:\Users\Heiner\AppData\Roaming\gdfw.log 2014-05-05 16:21 - 2014-05-06 16:42 - 00000000 ____D () C:\Program Files (x86)\G Data 2014-05-05 16:21 - 2014-05-05 16:21 - 00001962 _____ () C:\Windows\DPINST.LOG 2014-05-05 16:20 - 2014-05-06 16:41 - 00000000 ____D () C:\ProgramData\G Data 2014-05-05 16:18 - 2014-05-05 16:19 - 00033464 _____ () C:\Users\Heiner\Documents\cc_20140505_161846.reg 2014-05-05 16:14 - 2014-05-05 16:14 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-05-05 16:14 - 2014-05-05 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-05-05 16:14 - 2014-05-05 16:14 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-05 11:57 - 2014-05-05 11:57 - 01316991 _____ () C:\Users\Heiner\Desktop\adwcleaner.exe 2014-05-03 22:20 - 2014-05-03 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2014-05-03 20:37 - 2014-05-03 20:37 - 00000000 ____D () C:\Users\Heiner\AppData\Local\Trend Micro 2014-05-03 20:30 - 2014-05-03 20:30 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-03 20:30 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-03 20:30 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-03 20:23 - 2014-05-03 20:23 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs 2014-05-03 09:00 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-03 09:00 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-03 09:00 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-03 09:00 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-01 19:34 - 2014-05-07 08:29 - 00000000 ____D () C:\AdwCleaner 2014-04-30 15:57 - 2014-05-07 05:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-30 15:52 - 2014-04-30 15:52 - 00000000 ____D () C:\Users\Heiner\Documents\OneNote-Notizbücher 2014-04-30 13:08 - 2014-05-02 17:34 - 00000000 ___RD () C:\Users\Heiner\Desktop\Grafiken 2014-04-30 09:32 - 2014-04-30 09:33 - 00000450 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website 2014-04-30 08:27 - 2014-04-09 07:41 - 00444891 _____ () C:\Windows\system32\Drivers\etc\hosts.20140430-082747.backup 2014-04-29 16:12 - 2014-04-30 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-29 11:31 - 2014-05-06 21:44 - 00000266 _____ () C:\Windows\Tasks\StartupStar Firewall.job 2014-04-29 11:31 - 2014-04-29 11:31 - 00002536 _____ () C:\Windows\System32\Tasks\StartupStar Firewall 2014-04-29 11:31 - 2014-04-29 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupStar 2014-04-29 11:31 - 2014-04-29 11:31 - 00000000 ____D () C:\Program Files (x86)\StartupStar 2014-04-29 09:48 - 2014-04-29 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-29 09:48 - 2014-04-29 09:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-29 09:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-29 09:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-29 09:42 - 2014-04-29 09:42 - 00001477 ____R () C:\Windows\AllemeinePassworte0_Uninstall.in 2014-04-29 09:42 - 2014-04-29 09:42 - 00000000 ____D () C:\Program Files\AmP 2014-04-29 09:42 - 2013-10-21 15:36 - 00583048 _____ (Mirko Böer) C:\Windows\AmPUn0.exe 2014-04-26 15:00 - 2014-04-26 15:00 - 00001132 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-26 14:36 - 2014-05-07 09:36 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {8F273583-E67F-4A5B-BE5B-F9941B213C99}.job 2014-04-26 14:36 - 2014-05-01 21:08 - 00001051 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-04-26 14:36 - 2014-04-26 14:36 - 00003252 _____ () C:\Windows\System32\Tasks\FF Watcher {8F273583-E67F-4A5B-BE5B-F9941B213C99} 2014-04-26 14:36 - 2014-04-26 14:36 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\InetStat 2014-04-26 14:35 - 2014-04-26 14:49 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\ARCHOS KEY user guide 2014-04-24 21:54 - 2014-04-24 21:54 - 00000000 __SHD () C:\Users\Heiner\AppData\Local\EmieUserList 2014-04-24 21:54 - 2014-04-24 21:54 - 00000000 __SHD () C:\Users\Heiner\AppData\Local\EmieSiteList 2014-04-23 07:31 - 2014-04-09 07:41 - 00444891 _____ () C:\Windows\system32\Drivers\etc\hosts.20140423-073145.backup 2014-04-22 19:38 - 2014-04-22 19:39 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat 2014-04-22 19:36 - 2014-04-22 19:37 - 00000000 ____D () C:\Program Files (x86)\FinanzGruppe-IBAN-Konverter 2014-04-22 19:36 - 2014-04-22 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter 2014-04-22 12:24 - 2014-04-22 12:24 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf 2014-04-22 12:24 - 2014-04-22 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-04-22 12:24 - 2014-04-22 12:24 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-04-21 01:26 - 2014-05-01 11:12 - 00001044 _____ () C:\Users\Heiner\Documents\DownloadScout.lst 2014-04-18 20:05 - 2014-04-18 20:30 - 00000000 ____D () C:\Users\Heiner\Documents\NetObjects Fusion 2013 2014-04-18 20:05 - 2014-04-18 20:05 - 00001364 _____ () C:\Users\Public\Desktop\NetObjects Fusion 2013.lnk 2014-04-18 20:02 - 2014-04-18 20:05 - 00000000 ____D () C:\Users\Public\Documents\NetObjects Fusion 2013 2014-04-17 17:56 - 2014-04-17 17:56 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Z-defragRAM 2014-04-15 08:04 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-15 08:04 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-15 08:04 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-15 08:04 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-15 08:04 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-15 08:04 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-15 08:04 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-15 08:04 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-15 08:04 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-15 08:04 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-15 08:04 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-15 08:04 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-15 08:04 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-15 08:04 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-15 08:04 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-15 08:04 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-15 08:04 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-15 08:04 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-15 08:04 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-15 08:04 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-15 08:04 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-15 08:04 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-15 08:04 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-15 08:04 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-15 08:04 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-15 08:04 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-15 08:04 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-15 08:04 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-15 08:04 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-15 08:04 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-15 08:04 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-15 08:04 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-15 08:04 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-15 08:04 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-15 08:04 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-15 08:04 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-15 08:04 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-15 08:04 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-15 08:04 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-15 08:04 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-15 08:04 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-15 08:04 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-15 08:04 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-15 08:04 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-12 10:46 - 2014-04-12 10:46 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\DataDesign 2014-04-12 10:45 - 2014-04-12 10:45 - 00000000 ____D () C:\Users\Heiner\Documents\Lexware 2014-04-12 10:31 - 2014-04-12 10:45 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Lexware 2014-04-12 10:30 - 2014-04-17 19:32 - 00002978 _____ () C:\Users\Public\Desktop\Quicken DELUXE 2014.lnk 2014-04-12 10:30 - 2014-04-12 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware 2014-04-12 10:29 - 2014-04-12 10:31 - 00000000 ____D () C:\ProgramData\Lexware 2014-04-12 10:29 - 2014-04-12 10:30 - 00000000 ____D () C:\Program Files (x86)\Lexware 2014-04-12 10:28 - 2014-04-12 10:31 - 00000000 ____D () C:\Users\Heiner\AppData\Local\Lexware 2014-04-12 10:25 - 2014-04-12 10:25 - 00069662 _____ () C:\Users\Heiner\Downloads\PageDefrag232.zip 2014-04-10 11:53 - 2014-04-10 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield 2014-04-10 11:49 - 2014-04-10 11:49 - 00000000 ____D () C:\Windows\CryptoGuard 2014-04-09 21:10 - 2014-04-09 21:10 - 00001364 _____ () C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk 2014-04-09 14:16 - 2014-04-09 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON 2014-04-09 13:19 - 2014-01-23 05:21 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys 2014-04-09 13:19 - 2014-01-23 05:21 - 00108800 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys 2014-04-09 07:53 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-09 07:53 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-09 07:53 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-09 07:53 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-09 07:53 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-09 07:53 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-09 07:53 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-09 07:53 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-09 07:53 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-09 07:53 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-09 07:53 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-09 07:53 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-09 07:53 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-09 07:53 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-09 07:53 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-09 07:53 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-09 07:53 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-07 12:06 - 2014-04-07 12:06 - 00000926 _____ () C:\Users\Public\Desktop\PDF Bearbeiten.lnk ==================== One Month Modified Files and Folders ======= 2014-05-07 09:51 - 2014-05-07 09:51 - 00000000 ____D () C:\FRST 2014-05-07 09:50 - 2013-02-05 08:55 - 00000000 ____D () C:\Program Files (x86)\FlashGet 2014-05-07 09:50 - 2012-03-08 17:31 - 00000000 ____D () C:\DVD-ColdCut 2014-05-07 09:36 - 2014-04-26 14:36 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {8F273583-E67F-4A5B-BE5B-F9941B213C99}.job 2014-05-07 09:00 - 2012-03-30 14:25 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-07 09:00 - 2012-03-08 15:58 - 01900082 _____ () C:\Windows\WindowsUpdate.log 2014-05-07 08:36 - 2014-05-07 08:36 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Solvusoft 2014-05-07 08:36 - 2013-07-26 08:36 - 00003026 _____ () C:\Windows\System32\Tasks\DriverDoc_UPDATES 2014-05-07 08:36 - 2013-07-26 08:36 - 00000280 _____ () C:\Windows\Tasks\DriverDoc_UPDATES.job 2014-05-07 08:30 - 2014-05-07 08:30 - 00001594 _____ () C:\Users\Heiner\Desktop\AdwCleaner.txt 2014-05-07 08:29 - 2014-05-01 19:34 - 00000000 ____D () C:\AdwCleaner 2014-05-07 08:26 - 2014-05-07 08:26 - 00001158 _____ () C:\Users\Heiner\Desktop\Malwarebytes Verlauf.txt 2014-05-07 07:58 - 2012-03-08 18:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2014-05-07 07:49 - 2012-03-08 17:38 - 00000000 ____D () C:\Users\Heiner\Documents\Excel-Dateien 2014-05-07 05:36 - 2014-04-30 15:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-07 01:02 - 2014-05-07 01:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-07 01:01 - 2014-05-07 01:02 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-05-07 01:01 - 2014-05-07 01:02 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-05-07 01:01 - 2014-05-07 01:02 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-05-07 01:01 - 2014-05-07 01:02 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-05-06 21:52 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-06 21:52 - 2009-07-14 06:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-06 21:50 - 2012-03-09 14:39 - 00000000 ____D () C:\Users\Heiner\AppData\Local\CrashDumps 2014-05-06 21:45 - 2012-01-03 06:30 - 00000000 ____D () C:\ProgramData\PDFC 2014-05-06 21:44 - 2014-04-29 11:31 - 00000266 _____ () C:\Windows\Tasks\StartupStar Firewall.job 2014-05-06 21:44 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-06 21:43 - 2014-05-06 16:42 - 00000862 _____ () C:\Windows\setupact.log 2014-05-06 21:36 - 2014-05-06 16:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-05-06 17:40 - 2014-05-05 16:40 - 00088654 _____ () C:\Windows\PFRO.log 2014-05-06 17:12 - 2013-11-21 16:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-05-06 17:02 - 2012-04-13 17:58 - 00000000 ____D () C:\ProgramData\Adobe 2014-05-06 17:02 - 2012-03-08 16:26 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Adobe 2014-05-06 17:01 - 2012-04-13 18:00 - 00000000 ____D () C:\Users\Heiner\AppData\Local\Adobe 2014-05-06 16:55 - 2014-05-06 16:55 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner (2) 2014-05-06 16:55 - 2012-10-01 15:07 - 00000000 ____D () C:\Users\Heiner\Documents\default 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner (4) 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner (3) 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\Neuer Ordner 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\AVAST! 2014-05-06 16:54 - 2014-05-06 16:54 - 00000000 ____D () C:\Users\Heiner\Documents\AVAST 2014-05-06 16:48 - 2014-05-06 16:48 - 00002020 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk 2014-05-06 16:48 - 2014-05-06 16:48 - 00001960 _____ () C:\Users\Public\Desktop\avast! Premier.lnk 2014-05-06 16:48 - 2014-05-06 16:48 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\AVAST Software 2014-05-06 16:48 - 2014-05-06 16:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-05-06 16:47 - 2014-05-06 16:48 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-05-06 16:47 - 2014-05-06 16:48 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-05-06 16:47 - 2014-05-06 16:47 - 00447888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-05-06 16:47 - 2014-05-06 16:47 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-05-06 16:47 - 2014-05-06 16:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-05-06 16:47 - 2014-05-06 16:47 - 00000000 ____D () C:\Program Files\AVAST Software 2014-05-06 16:44 - 2014-05-06 16:44 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-05-06 16:42 - 2014-05-05 16:21 - 00000000 ____D () C:\Program Files (x86)\G Data 2014-05-06 16:41 - 2014-05-05 16:20 - 00000000 ____D () C:\ProgramData\G Data 2014-05-06 16:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup 2014-05-06 16:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe 2014-05-06 16:41 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com 2014-05-06 16:31 - 2012-07-08 14:10 - 00000000 ____D () C:\Download 2014-05-06 15:40 - 2012-06-08 17:09 - 00000000 ___RD () C:\Users\Heiner\Desktop\* 2014-05-06 14:58 - 2012-06-25 20:07 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-05-06 14:33 - 2012-01-03 06:30 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-05-06 14:26 - 2012-03-08 17:32 - 00000000 ____D () C:\DVD-Filme-Archiv 2014-05-06 14:23 - 2012-03-08 18:55 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\vlc 2014-05-06 14:01 - 2013-01-27 14:23 - 00000000 ___RD () C:\Users\Heiner\Desktop\Texte 2014-05-06 13:04 - 2012-01-03 05:59 - 00699868 _____ () C:\Windows\system32\perfh007.dat 2014-05-06 13:04 - 2012-01-03 05:59 - 00149750 _____ () C:\Windows\system32\perfc007.dat 2014-05-06 13:04 - 2009-07-14 07:13 - 01622164 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-06 08:00 - 2013-12-16 09:47 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Steganos VPN 2014-05-05 20:32 - 2012-03-08 16:13 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHeiner 2014-05-05 20:32 - 2012-03-08 16:13 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForHeiner.job 2014-05-05 16:44 - 2012-03-08 18:57 - 00000000 ___RD () C:\Users\Heiner\Desktop\Programme 2014-05-05 16:41 - 2014-05-05 16:41 - 00000000 _____ () C:\Windows\setuperr.log 2014-05-05 16:22 - 2014-05-05 16:22 - 00000779 _____ () C:\Users\Heiner\AppData\Roaming\gdscan.log 2014-05-05 16:22 - 2014-05-05 16:22 - 00000000 _____ () C:\Users\Heiner\AppData\Roaming\gdfw.log 2014-05-05 16:21 - 2014-05-05 16:21 - 00001962 _____ () C:\Windows\DPINST.LOG 2014-05-05 16:19 - 2014-05-05 16:18 - 00033464 _____ () C:\Users\Heiner\Documents\cc_20140505_161846.reg 2014-05-05 16:17 - 2012-12-06 21:27 - 00000000 ____D () C:\ProgramData\VSO 2014-05-05 16:17 - 2012-06-11 11:04 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\FileZilla 2014-05-05 16:17 - 2012-03-09 11:53 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Vso 2014-05-05 16:17 - 2012-03-08 17:01 - 00000000 ___DC () C:\Users\Heiner\AppData\Local\MigWiz 2014-05-05 16:14 - 2014-05-05 16:14 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-05-05 16:14 - 2014-05-05 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-05-05 16:14 - 2014-05-05 16:14 - 00000000 ____D () C:\Program Files\CCleaner 2014-05-05 16:10 - 2012-01-03 06:34 - 00000000 ____D () C:\ProgramData\Norton 2014-05-05 11:57 - 2014-05-05 11:57 - 01316991 _____ () C:\Users\Heiner\Desktop\adwcleaner.exe 2014-05-03 22:20 - 2014-05-03 22:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2014-05-03 20:37 - 2014-05-03 20:37 - 00000000 ____D () C:\Users\Heiner\AppData\Local\Trend Micro 2014-05-03 20:30 - 2014-05-03 20:30 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-03 20:23 - 2014-05-03 20:23 - 00000000 ____D () C:\Program Files (x86)\Hosts_Anti_Adwares_PUPs 2014-05-02 17:34 - 2014-04-30 13:08 - 00000000 ___RD () C:\Users\Heiner\Desktop\Grafiken 2014-05-02 17:34 - 2012-03-15 15:14 - 00000000 ____D () C:\Ablage 2014-05-02 10:17 - 2012-03-11 00:17 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\ZSGebmahner 2014-05-02 08:19 - 2012-12-05 13:56 - 00003220 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForHEINER-HP$ 2014-05-02 08:19 - 2012-12-05 13:56 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForHEINER-HP$.job 2014-05-01 21:08 - 2014-04-26 14:36 - 00001051 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-05-01 21:08 - 2012-08-27 11:32 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\CheckPoint 2014-05-01 20:58 - 2013-09-13 13:13 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-05-01 17:23 - 2012-03-11 14:54 - 00143360 _____ () C:\Users\Heiner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-01 17:23 - 2012-03-08 20:58 - 00000000 ____D () C:\Users\Heiner\AppData\Local\ColdCut 2014-05-01 11:12 - 2014-04-21 01:26 - 00001044 _____ () C:\Users\Heiner\Documents\DownloadScout.lst 2014-05-01 11:12 - 2013-04-07 10:39 - 00000170 _____ () C:\Users\Heiner\Documents\DownloadScout.filter 2014-05-01 11:12 - 2013-04-07 10:39 - 00000016 _____ () C:\Users\Heiner\Documents\DownloadScout.pos 2014-04-30 23:29 - 2012-03-30 14:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-30 23:29 - 2012-03-30 14:25 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-30 23:29 - 2012-01-03 06:26 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-30 19:30 - 2014-04-05 21:26 - 00001578 _____ () C:\Users\Heiner\AppData\Roaming\FoxitReaderUpdateInfo.txt 2014-04-30 19:30 - 2014-04-05 21:26 - 00001578 _____ () C:\FoxitReaderUpdateInfo.txt 2014-04-30 19:12 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-04-30 18:56 - 2012-03-08 16:13 - 00000000 ___RD () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-30 15:52 - 2014-04-30 15:52 - 00000000 ____D () C:\Users\Heiner\Documents\OneNote-Notizbücher 2014-04-30 13:25 - 2014-04-29 16:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-30 13:25 - 2012-04-24 19:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-30 12:19 - 2013-07-17 10:23 - 00000004 _____ () C:\Users\Heiner\Desktop\Heilerliste.txt 2014-04-30 09:33 - 2014-04-30 09:32 - 00000450 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website 2014-04-30 08:27 - 2009-07-14 04:34 - 00444891 ____R () C:\Windows\system32\Drivers\etc\hosts.20140507-073727.backup 2014-04-29 16:19 - 2012-03-08 18:08 - 00001131 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-29 16:01 - 2014-05-03 09:00 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-04-29 15:40 - 2014-05-03 09:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 14:48 - 2014-05-03 09:00 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-03 09:00 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-29 12:20 - 2009-07-14 06:45 - 00389880 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-29 12:18 - 2009-07-14 04:34 - 94371840 _____ () C:\Windows\system32\config\software.rcbak 2014-04-29 12:18 - 2009-07-14 04:34 - 21757952 _____ () C:\Windows\system32\config\system.rcbak 2014-04-29 12:18 - 2009-07-14 04:34 - 05505024 _____ () C:\Windows\system32\config\default.rcbak 2014-04-29 12:18 - 2009-07-14 04:34 - 00057344 _____ () C:\Windows\system32\config\sam.rcbak 2014-04-29 12:18 - 2009-07-14 04:34 - 00024576 _____ () C:\Windows\system32\config\security.rcbak 2014-04-29 11:31 - 2014-04-29 11:31 - 00002536 _____ () C:\Windows\System32\Tasks\StartupStar Firewall 2014-04-29 11:31 - 2014-04-29 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartupStar 2014-04-29 11:31 - 2014-04-29 11:31 - 00000000 ____D () C:\Program Files (x86)\StartupStar 2014-04-29 11:31 - 2012-08-24 10:13 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Abelssoft 2014-04-29 11:31 - 2012-03-15 21:22 - 00000000 ____D () C:\Users\Heiner\AppData\Local\Abelssoft 2014-04-29 10:59 - 2012-03-20 15:13 - 00000000 ____D () C:\Program Files (x86)\JetDrive 2014-04-29 10:37 - 2012-08-24 10:28 - 00099104 _____ () C:\Users\Heiner\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-29 10:35 - 2012-10-08 16:22 - 00000000 ___RD () C:\Users\Heiner\Desktop\Systemwartung 2014-04-29 09:48 - 2014-04-29 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-29 09:48 - 2014-04-29 09:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-29 09:48 - 2012-09-25 10:59 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Malwarebytes 2014-04-29 09:48 - 2012-09-25 10:58 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-29 09:42 - 2014-04-29 09:42 - 00001477 ____R () C:\Windows\AllemeinePassworte0_Uninstall.in 2014-04-29 09:42 - 2014-04-29 09:42 - 00000000 ____D () C:\Program Files\AmP 2014-04-29 09:42 - 2012-03-27 09:05 - 00000730 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alle meine Passworte.lnk 2014-04-29 09:40 - 2012-03-27 09:05 - 00000000 ____D () C:\Program Files (x86)\AmP 2014-04-29 09:29 - 2013-12-07 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdateYeti 2014-04-29 09:29 - 2013-12-07 23:09 - 00000000 ____D () C:\Program Files (x86)\UpdateYeti 2014-04-29 09:00 - 2014-02-22 00:01 - 17931952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-04-26 15:00 - 2014-04-26 15:00 - 00001132 _____ () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-26 14:49 - 2014-04-26 14:35 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\ARCHOS KEY user guide 2014-04-26 14:36 - 2014-04-26 14:36 - 00003252 _____ () C:\Windows\System32\Tasks\FF Watcher {8F273583-E67F-4A5B-BE5B-F9941B213C99} 2014-04-26 14:36 - 2014-04-26 14:36 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\InetStat 2014-04-25 16:47 - 2012-01-03 06:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-24 21:54 - 2014-04-24 21:54 - 00000000 __SHD () C:\Users\Heiner\AppData\Local\EmieUserList 2014-04-24 21:54 - 2014-04-24 21:54 - 00000000 __SHD () C:\Users\Heiner\AppData\Local\EmieSiteList 2014-04-24 19:24 - 2012-03-15 19:58 - 00000000 ____D () C:\ProgramData\boost_interprocess 2014-04-22 19:39 - 2014-04-22 19:38 - 00000041 _____ () C:\Users\Public\IK_PosLen.dat 2014-04-22 19:37 - 2014-04-22 19:36 - 00000000 ____D () C:\Program Files (x86)\FinanzGruppe-IBAN-Konverter 2014-04-22 19:36 - 2014-04-22 19:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VR-IBAN-Konverter 2014-04-22 19:35 - 2013-06-11 15:05 - 00000000 ____D () C:\Users\Heiner\AppData\Local\VR-IK 2014-04-22 12:24 - 2014-04-22 12:24 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2014-04-22 12:24 - 2014-04-22 12:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf 2014-04-22 12:24 - 2014-04-22 12:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center 2014-04-22 12:24 - 2014-04-22 12:24 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center 2014-04-21 16:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-20 18:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-04-19 20:46 - 2013-06-26 17:21 - 00000000 ____D () C:\ProgramData\Live Aquarium HD 2014-04-18 20:30 - 2014-04-18 20:05 - 00000000 ____D () C:\Users\Heiner\Documents\NetObjects Fusion 2013 2014-04-18 20:05 - 2014-04-18 20:05 - 00001364 _____ () C:\Users\Public\Desktop\NetObjects Fusion 2013.lnk 2014-04-18 20:05 - 2014-04-18 20:02 - 00000000 ____D () C:\Users\Public\Documents\NetObjects Fusion 2013 2014-04-18 20:05 - 2012-03-09 13:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetObjects 2014-04-18 20:03 - 2012-03-12 00:16 - 00000000 ____D () C:\Program Files (x86)\NetObjects 2014-04-18 12:51 - 2009-07-14 04:34 - 00000236 _____ () C:\Windows\system.ini 2014-04-17 19:32 - 2014-04-12 10:30 - 00002978 _____ () C:\Users\Public\Desktop\Quicken DELUXE 2014.lnk 2014-04-17 19:32 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-17 19:31 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-04-17 17:56 - 2014-04-17 17:56 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Z-defragRAM 2014-04-17 13:39 - 2012-07-25 19:36 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Auslogics 2014-04-17 09:35 - 2012-03-08 16:00 - 00000000 ____D () C:\Users\Heiner 2014-04-17 09:34 - 2013-09-03 09:33 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo 2014-04-17 09:34 - 2012-03-15 21:44 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\KlebezettelNG 2014-04-17 09:34 - 2012-03-09 14:55 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-16 20:05 - 2013-09-24 09:46 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-15 08:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-14 19:28 - 2011-02-11 19:00 - 00000000 ____D () C:\Windows\Panther 2014-04-14 04:24 - 2014-05-03 20:30 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-04-14 04:19 - 2014-05-03 20:30 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-04-12 10:46 - 2014-04-12 10:46 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\DataDesign 2014-04-12 10:45 - 2014-04-12 10:45 - 00000000 ____D () C:\Users\Heiner\Documents\Lexware 2014-04-12 10:45 - 2014-04-12 10:31 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\Lexware 2014-04-12 10:31 - 2014-04-12 10:29 - 00000000 ____D () C:\ProgramData\Lexware 2014-04-12 10:31 - 2014-04-12 10:28 - 00000000 ____D () C:\Users\Heiner\AppData\Local\Lexware 2014-04-12 10:30 - 2014-04-12 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware 2014-04-12 10:30 - 2014-04-12 10:29 - 00000000 ____D () C:\Program Files (x86)\Lexware 2014-04-12 10:25 - 2014-04-12 10:25 - 00069662 _____ () C:\Users\Heiner\Downloads\PageDefrag232.zip 2014-04-10 11:53 - 2014-04-10 11:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Online Shield 2014-04-10 11:53 - 2013-12-16 09:46 - 00000000 ____D () C:\Program Files (x86)\Steganos Online Shield 2014-04-10 11:49 - 2014-04-10 11:49 - 00000000 ____D () C:\Windows\CryptoGuard 2014-04-10 11:49 - 2013-10-19 18:42 - 00000000 ____D () C:\Program Files (x86)\HitmanPro.Alert 2014-04-10 11:41 - 2013-10-19 18:42 - 00548424 _____ (SurfRight) C:\Windows\system32\hmpalert.dll 2014-04-10 11:41 - 2013-10-19 18:42 - 00477008 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll 2014-04-10 11:41 - 2013-10-19 18:42 - 00093144 _____ () C:\Windows\system32\Drivers\hmpalert.sys 2014-04-09 21:10 - 2014-04-09 21:10 - 00001364 _____ () C:\Users\Public\Desktop\Free Video Flip and Rotate.lnk 2014-04-09 21:10 - 2012-12-23 16:55 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft 2014-04-09 21:10 - 2012-09-28 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2014-04-09 21:10 - 2012-09-28 20:09 - 00000000 ____D () C:\Users\Heiner\AppData\Roaming\DVDVideoSoft 2014-04-09 14:16 - 2014-04-09 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON 2014-04-09 09:07 - 2012-03-08 21:31 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-09 09:05 - 2013-08-14 19:25 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-09 09:01 - 2012-03-11 10:55 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-09 07:41 - 2014-04-30 08:27 - 00444891 _____ () C:\Windows\system32\Drivers\etc\hosts.20140430-082747.backup 2014-04-09 07:41 - 2014-04-23 07:31 - 00444891 _____ () C:\Windows\system32\Drivers\etc\hosts.20140423-073145.backup 2014-04-08 19:39 - 2012-12-05 14:07 - 00168862 _____ () C:\Windows\SysWOW64\AdobeFnt.lst 2014-04-08 16:15 - 2014-03-25 10:40 - 00000010 _____ () C:\Users\Heiner\AppData\Roaming\pdfdrawcodec.dll 2014-04-07 12:14 - 2014-03-25 10:40 - 00000000 ____D () C:\Program Files (x86)\PDFBearbeiten 2014-04-07 12:06 - 2014-04-07 12:06 - 00000926 _____ () C:\Users\Public\Desktop\PDF Bearbeiten.lnk 2014-04-07 12:06 - 2014-03-25 10:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFBearbeiten Files to move or delete: ==================== C:\Users\Heiner\AppData\Roaming\CamLayout.ini C:\Users\Heiner\AppData\Roaming\CamShapes.ini C:\Users\Public\IK_PosLen.dat C:\Users\Public\VR-IBAN-Konverter.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-21 16:45 ==================== End Of Log ============================
__________________ |
|
07.05.2014, 22:03
| #3 |
| | posadi17 im IE Addition:
__________________Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2014
Ran by Heiner at 2014-05-07 09:52:11
Running from C:\Download\Sicherheit
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
1&1 SmartFax (HKLM-x32\...\1&1 SmartFax) (Version: 2.00.231 - 1&1 Internet AG)
5CentSMS (HKLM-x32\...\{75839B2F-771F-4472-80B0-7A229675FF77}) (Version: 2.05.0000 - Wolfgang Wirth IT-Design)
5CentSMS (HKLM-x32\...\{90141793-E338-4EEB-B7E8-8CDED19D908D}) (Version: 2.01.0200 - Wolfgang Wirth IT-Design)
5CentSMS (HKLM-x32\...\{B231FF69-59F2-473E-A56C-68A123F3F220}) (Version: 2.08.0000 - Wirth IT-Design)
7 Wonders II (HKLM-x32\...\7 Wonders II) (Version: - )
7-PDF Split & Merge Version 2.0.3 (Build 264) (HKLM-x32\...\7-PDF Split & Merge_is1) (Version: 7-PDF Split & Merge - Version 2.0.3 (Build 264) - 7-PDF, Germany - Thorsten Hodes)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.631.5823 - ABBYY) Hidden
aborange Crypter - Deinstallation (HKLM-x32\...\aborange Crypter_is1) (Version: 2.21 - Mathias Gerlach [aborange.de])
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
AKVIS Refocus (HKLM\...\{C6059B1A-E091-4B1D-8040-64DB2F932FFB}) (Version: 4.0.344.10160 - AKVIS)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{838DA1F1-23F8-4C70-B190-AC51CB5A5ECD}) (Version: 3.1.45.72435 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 3.1.45.72435 - Alcor Micro Corp.) Hidden
Alle meine Passworte 4.13 (HKLM\...\AllemeinePassworte) (Version: - Mirko Böer)
AMD APP SDK Runtime (Version: 2.4.595.10 - Advanced Micro Devices Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
Ashampoo Burning Studio 11 v.11.0.4 (HKLM-x32\...\Ashampoo Burning Studio 11_is1) (Version: 11.0.4 - Ashampoo GmbH & Co. KG)
Ashampoo Burning Studio 14 v.14.0.1 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo DE Toolbar (HKLM-x32\...\Ashampoo_DE Toolbar) (Version: 6.8.5.1 - Ashampoo DE) <==== ATTENTION
Ashampoo HDD Control 2 v.2.1.0 (HKLM-x32\...\{4209F371-A431-385E-2D7E-ACDA5DA3BA0B}_is1) (Version: 2.1.0 - Ashampoo GmbH & Co. KG)
Ashampoo Internet Accelerator 3.20 (HKLM-x32\...\Ashampoo Internet Accelerator 3_is1) (Version: 3.2.0 - ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.2.5 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.02.05 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{96F38867-9D41-683C-DF60-034A731C37FE}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
Audials (HKLM-x32\...\{7108738A-F48C-4FC9-80A1-4B70254270DF}) (Version: 9.1.13600.0 - RapidSolution Software AG)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 5.5 - Auslogics Software Pty Ltd)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.4 - Auslogics Software Pty Ltd)
avast! Premier (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Beetle Ju 2 VOLLVERSION (HKLM-x32\...\Beetle Ju 2 VOLLVERSION) (Version: - )
Beetle Ju 3 (HKLM-x32\...\Beetle Ju 3) (Version: 0.0.0.0 - INTENIUM GmbH)
Benutzerhandbuch - Grundlagen EPSON XP-402 403 405 406 Series (HKLM-x32\...\EPSON XP-402 403 405 406 Series Bog) (Version: - )
Benutzerhandbuch EPSON XP-402 403 405 406 Series (HKLM-x32\...\EPSON XP-402 403 405 406 Series Useg) (Version: - )
Bilder-Puzzle (HKLM-x32\...\{97848E7B-79AE-4EFD-B93A-5351E5FCF027}) (Version: 1.4.0 - BEGAware)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon MG5300 series Benutzerregistrierung (HKLM-x32\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM-x32\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0531.2216.38124 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help English (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help French (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help German (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
ccc-utility64 (Version: 2011.0531.2216.38124 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
ColdCut (HKLM-x32\...\{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1) (Version: ColdCut - © Jan Brummelte)
COMPUTERBILD-Abzockschutz Premium (HKLM\...\{9EC116D4-C0AE-4F53-987C-249848D8B393}) (Version: 1.0.32 - J3S)
concept/design Video Jukebox (HKLM-x32\...\{37569A10-CB38-4615-8B32-0BF9FF5D887D}_is1) (Version: 1.3.0.0 - concept/design GmbH)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
CryptBox (HKLM-x32\...\CryptBox_is1) (Version: 1.2 - Abelssoft GmbH)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CVE-2012-1889 (HKLM\...\{06b2b7ed-809a-44e6-8538-ca0f5b74ecc4}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{29447369-6968-4e86-a208-603f6f0771a6}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{393ffabe-5a1a-43b3-8e03-8f573e1e0d01}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{7d32ab1f-1858-4373-a75a-b7cd8feb5d92}.sdb) (Version: - )
CVE-2012-1889 (HKLM\...\{f300e352-12de-4e7f-ace3-a376874402b6}.sdb) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER CD-DVD Druckerei 7 (HKLM-x32\...\CD-DVD Druckerei 7_is1) (Version: 7.50.0.40 - DATA BECKER GmbH & Co. KG)
DATA BECKER CD-DVD Druckerei 7 Demo (HKLM-x32\...\CD-DVD Druckerei 7 Demo_is1) (Version: 7.50.0.40 - DATA BECKER GmbH & Co. KG)
DATA BECKER CD-DVD Druckerei 7 LE (HKLM-x32\...\CD-DVD Druckerei 7 LE_is1) (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
DATA BECKER CD-DVD Druckerei 8 (HKLM-x32\...\CD-DVD Druckerei 8_is1) (Version: 8.0.0.1200 - DATA BECKER GmbH & Co. KG)
DDBAC (HKLM-x32\...\{4C19650D-1BF8-4459-A904-06FB692B0F8E}) (Version: 5.3.24 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery)
DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden
DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.2010.6.23 - INTENIUM GmbH)
DEUTSCHLAND SPIELT Spiele Post (HKLM-x32\...\DEUTSCHLAND SPIELT Spiele Post) (Version: 1.0.3.0 - INTENIUM GmbH)
Die verzauberten Inseln (HKLM-x32\...\Die verzauberten Inseln) (Version: - )
Die Welt der Puzzle: Jigsaw Boom (HKLM-x32\...\Die Welt der Puzzle: Jigsaw Boom) (Version: 1.0.0.0 - INTENIUM GmbH)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
DriverDoc (HKLM-x32\...\DriverDoc_is1) (Version: 1.52.1086.14425 - Solvusoft Corporation)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
DVDFab 8.1.5.6 (17/01/2012) Qt (HKLM-x32\...\DVDFab Mein Filmkopierer_is1) (Version: - Fengtao Software Inc.)
DVDFab Passkey 8.0.6.5 (28/06/2012) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version: - Fengtao Software Inc.)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
Epson Netzwerkhandbuch EPSON XP-402 403 405 406 Series (HKLM-x32\...\EPSON XP-402 403 405 406 Series Netg) (Version: - )
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON XP-402 403 405 406 Series Printer Uninstall (HKLM\...\EPSON XP-402 403 405 406 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ExtremeCopy (HKLM\...\{DFCE9296-5A54-468F-A0A9-98B978DFCD26}) (Version: 2.1.0000 - Easersoft)
ffdshow [rev 2946] [2009-05-15] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FILEminimizer Pictures (HKLM-x32\...\FILEminimizer Pictures_is1) (Version: - balesio AG)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FlashGet(JetCar) (HKLM-x32\...\FlashGet(JetCar)) (Version: - )
Folder Colorizer version 1.0.2 (HKLM\...\{A133E9CD-2879-4F30-87D4-1604AFD5C5CC}_is1) (Version: 1.0.2 - Softorino)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.10.1213 - Foxit Corporation)
FRANZIS onlineTV 8 (HKLM-x32\...\{CBC88F0E-1960-4AC3-8C38-8BAD44E3F6E3}_is1) (Version: 8.5.0.4 - FRANZIS Verlag GmbH)
Free MP4 Video Converter version 5.0.21.1212 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.21.1212 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
Free Video Flip and Rotate version 2.1.9.827 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.827 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.11.812 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.11.812 - DVDVideoSoft Ltd.)
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GMX MediaCenter 1.5.1765.0 (HKCU\...\GMX Application {sync-000021}) (Version: 1.5.1765.0 - 1&1 Mail & Media GmbH)
HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 2.6.5.77 - SurfRight B.V.)
honestech Audio Recorder 2.0 Deluxe (HKLM-x32\...\{A0BC5BCD-893F-47F4-8903-FDC7CAC2AFB1}) (Version: 2.0 - honestech)
honestech Audio Recorder 2.0 Deluxe (x32 Version: 2.0 - Honest Technology) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.200.0 - ATI Technologies Inc.) Hidden
IBAN Finder (HKLM-x32\...\IBANFinder_is1) (Version: 1.00 - Abelssoft)
InetStat (HKCU\...\InetStat) (Version: 0.3 - InetStat)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.350 - Oracle)
JetDrive (HKLM-x32\...\JetDrive_is1) (Version: 7.0 - Abelssoft)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Klebezettel NG (Version 2.9.14) (HKLM-x32\...\{4F81901F-3655-4340-8227-F687F69A3C79}}_is1) (Version: - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Lexware Info Service (HKLM-x32\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mediencenter Assistent (HKLM\...\Mediencenter Software) (Version: 2.6.0.1277 - Telekom)
Mein Foto-Puzzle (HKLM-x32\...\{937C2799-B8DD-4519-96B2-4E2E84EF5B1E}) (Version: - )
Meine CEWE FOTOWELT (HKLM-x32\...\Meine CEWE FOTOWELT) (Version: - )
Meine Dienste Software (HKLM\...\Meine Dienste Software) (Version: 2.0.5.0 - Telekom)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_x64 (HKLM\...\{17106CA8-E65A-4D02-95BE-79AF8C698935}) (Version: 1.0.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Mini Golf Pro (HKLM-x32\...\MiniGolfPro_is1) (Version: 1.0 - Media Contact LLC)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Firefox Packages (HKCU\...\Mozilla Firefox Packages) (Version: - ) <==== ATTENTION
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.1.0 (x86 de)) (Version: 24.1.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MultiScreen (HKLM-x32\...\{E36E864B-BFB6-440A-9A23-2B0BEDE59A92}) (Version: 1.00.0000 - Samsung Electronics Ltd.)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2013 - Abelssoft)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
NetObjects Fusion 1&1 Edition (HKLM-x32\...\{60EED176-F138-4806-8EF9-4D977CC6E168}) (Version: 11.0 German - )
NetObjects Fusion 12.0 (HKLM-x32\...\{7DEEA62D-0588-4CF7-BE8A-10CA691D087F}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (HKLM-x32\...\{CA6182A0-26EA-4B4E-80BA-850A7C680FCB}) (Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5041 - NetObjects) Hidden
NetObjects Fusion 2013 (HKLM-x32\...\{CF34818E-AB90-4134-A7E3-63B2EA6F3CCC}) (Version: 13.0 - NetObjects)
NetObjects Fusion 2013 (x32 Version: 13.00.0000.5529 - NetObjects) Hidden
Netzmanager (Version: 1.07 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
Paragon Backup & Recovery™ 10 Home (HKLM-x32\...\{485DF5E7-8379-4BFA-BAE1-9B8DBFE0D6B4}) (Version: 90.00.0003 - Paragon Software)
PC Fresh (HKLM-x32\...\PC Fresh_is1) (Version: 2012 - Abelssoft GmbH)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
PDF Editor 3 (HKLM-x32\...\PDF Editor 3) (Version: - )
PDFBearbeiten V2.0.5 (HKLM-x32\...\PDFBearbeiten_is1) (Version: - hxxp://www.PDFBearbeiten.net)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.5331 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.5331 - CyberLink Corp.) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKCU\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quicken DELUXE 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG)
RAMRush 1.0.6.917 (HKLM-x32\...\RAMRush_is1) (Version: - FTweak, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6953 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Ritter Arthur (HKLM-x32\...\Ritter Arthur) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur II (HKLM-x32\...\Ritter Arthur II) (Version: 1.0.0.0 - INTENIUM GmbH)
Ritter Arthur III (HKLM-x32\...\Ritter Arthur III) (Version: 1.0.0.0 - INTENIUM GmbH)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12074_13 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
ShiftN 3.6.1 (HKLM-x32\...\ShiftN_is1) (Version: 3.6.1 - Marcus Hebel)
Simply Good Pictures 2 (HKLM-x32\...\{DD2FEA6F-5AC2-46B2-0001-C2A0C077FD2C}) (Version: 2.0.12.1210 - Engelmann Media GmbH)
SiSoftware Sandra Lite 2013.SP1a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.29.2013.3 - SiSoftware)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SoftMaker Office 2010 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB00}) (Version: 10.0.600 - SoftMaker Software GmbH)
Software Updater (HKLM-x32\...\{A737E18A-5171-40D0-8034-7DD243420081}) (Version: 4.1.1 - SEIKO EPSON CORPORATION) <==== ATTENTION
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
StartupStar (HKLM-x32\...\{C8A6121E-BE35-418D-91EF-A9536DA70B36}_is1) (Version: 6.2 - Abelssoft)
Stegano.Net (HKCU\...\d734575cd6cff35b) (Version: 2.1.1.9 - Svenomenal.Net)
Steganos Online Shield (HKLM-x32\...\{896614ED-00BD-4E0C-99AB-01C76EE416D9}) (Version: 1.3.1 - Steganos Software GmbH)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.3 - Krzysztof Kowalczyk)
SuperEasy Video Converter 2 v.2.1.2296 (HKLM-x32\...\{039BC111-5D42-BD22-5D57-C7073E40209A}_is1) (Version: 2.1.2296 - SuperEasy Software GmbH & Co. KG)
Task ForceQuit Pro version 1.0.2 (HKLM\...\{61F50A30-6EE3-413B-B090-C94C0C3244C9}_is1) (Version: 1.0.2 - Softorino)
Uninstall Abelssoft Backup (HKLM-x32\...\Abelssoft Backup_is1) (Version: 2.2 - Abelssoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
UpdateYeti (HKLM-x32\...\UpdateYeti_is1) (Version: 2.16 - Abelssoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VR-IBAN-Konverter (HKLM-x32\...\{6942F598-FD76-405A-A242-1C888519F9FD}) (Version: 1.00.0028 - Genossenschaftliche FinanzGruppe)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.44 - VSO-Software SARL)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.1.4.1420 - 1&1 Mail & Media GmbH)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.6.6 - Shark007)
Windows 7 Tweaker 3.8 (HKLM-x32\...\{36349091-DAA6-40C5-AB31-5EFAF8291263}) (Version: 3.8.0.0 - SuRe Softwares)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.46-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.46.1 - HTTrack)
Winload Toolbar (HKLM-x32\...\Winload Toolbar) (Version: 6.9.0.16 - Winload)
WinSweeper 2.1 (HKLM-x32\...\{96E8A815-3053-4616-AAC2-865E6B1792F5}_is1) (Version: - Solvusoft Corporation)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Z-defragRAM (HKLM-x32\...\{0F9F096B-9EF0-43A2-91C8-4613835312F7}) (Version: 2.7 - IMU Andreas Baumann)
ZehbeSoft Geburtstagsmahner (HKLM-x32\...\ZehbeSoft Geburtstagsmahner) (Version: 3.2 - ZehbeSoft)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
==================== Restore Points =========================
03-05-2014 07:00:21 Windows Update
03-05-2014 18:30:19 Windows Update
05-05-2014 14:08:08 Revo Uninstaller's restore point - Norton 360
06-05-2014 12:32:09 Removed Adobe Reader XI (11.0.06) - Deutsch.
06-05-2014 12:57:40 Removed Skype Click to Call
06-05-2014 14:39:19 Revo Uninstaller's restore point - G Data InternetSecurity CBE
06-05-2014 14:47:02 avast! antivirus system restore point
06-05-2014 15:11:56 Removed QuickTime
06-05-2014 21:50:04 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-05-07 07:37 - 00444891 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {03D6FB05-C018-4B16-834D-B64B8425CFD2} - System32\Tasks\{E7C6475D-13BF-4367-BEDB-344C52D2FC52} => C:\Program Files (x86)\DATA BECKER\CD-DVD Druckerei 7 LE\cdd7le.exe [2009-11-17] (H.Phlipsen - Softwareentwicklung (hxxp://www.phlipsen.de))
Task: {0CCEF991-AF3A-4914-994A-127FDBE4FE94} - System32\Tasks\{143D7CC1-9826-4A3B-B0B8-887846BB2997} => C:\WINPROV\PROVEX.EXE [2000-03-25] ()
Task: {0D0A0414-324E-4A06-BC84-8A9D5863B338} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0D0EE8AC-C4A9-4D78-B869-C33C2809A9ED} - System32\Tasks\{39756720-27CA-45B3-9847-3DF5927AD718} => C:\Users\Heiner\Documents\Downloads\microphotoed.exe
Task: {0D1B33CC-D3EA-48B0-820F-671514EFD303} - System32\Tasks\{DB1315A6-2C30-499B-8F26-F7973DF83172} => C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 11\burningstudio11.exe [2012-01-18] (Ashampoo)
Task: {1609A182-F4DC-48EA-B5B3-1C3CD40F99D3} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)
Task: {165AD554-71FC-45FC-9430-C553BAC120F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: {1A9A5B66-0D5B-4190-B793-646C1EDDA43C} - System32\Tasks\{8FC815E3-5A81-4D90-9ADF-737CE24785E1} => C:\NOF 11\NetObjectsFusion11.exe
Task: {1EC9D076-1AA8-4A1D-B90D-1D8EC910C4AB} - System32\Tasks\{286DE59C-5619-45D6-834D-03B42686049B} => C:\Program Files (x86)\DEUTSCHLAND SPIELT\RitterArthur3\RitterArthur3_og.exe [2011-09-19] ()
Task: {29E571DF-D89B-42BF-AF28-9FA2B2805E6B} - System32\Tasks\HPCeeScheduleForHEINER-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {2A6E74B7-40CE-4752-86AF-0C328F55055B} - System32\Tasks\{2DA69B64-ACB1-43A5-AE76-8900DC574D7C} => C:\Users\Heiner\Documents\Downloads\microphotoed.exe
Task: {2AB24122-0EAE-4D37-AD6D-115C5DACA819} - System32\Tasks\{F5AB068E-5947-4A04-A33A-3BAE76C0A58F} => D:\Downloads\DVD\DVD Shrink.exe [2012-04-26] (www.download-sponsor.de)
Task: {2FA97941-05B6-456A-970F-B86D4E42CB4D} - System32\Tasks\{05D9FB28-AC1E-407D-A26C-DA992299B262} => D:\Patiencen\patipak.exe
Task: {36BC8854-528E-4ECD-B3B2-30427E2B4DBB} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {37E5C3AD-7A5E-4907-AF0E-2A1A4B903E9C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {3B6BD6B2-32F8-43A4-AE88-8ABE6B5B60AF} - System32\Tasks\{A377CDEC-6265-47E7-8F95-306EB96A1348} => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-02-14] (Samsung Electronics Co., Ltd.)
Task: {4221945C-C938-4607-8907-E63519C9551A} - System32\Tasks\{A0CF2158-4F2D-4BF8-8D35-01927F7722EA} => C:\Program Files (x86)\DEUTSCHLAND SPIELT\RitterArthur3\RitterArthur3_og.exe [2011-09-19] ()
Task: {424CF20A-196B-4F8C-826B-0C2D8E98817E} - System32\Tasks\{E9F64151-59BB-4A2D-AEFD-FC9974E909F4} => C:\WINPROV\PROVEX.EXE [2000-03-25] ()
Task: {42E1DCCC-B1BF-4AF6-9082-5521B983EAD7} - System32\Tasks\{3FA3D464-BB66-475A-B67D-41777D09EEC3} => D:\Downloads\DVD\DVD Shrink.exe [2012-04-26] (www.download-sponsor.de)
Task: {453C0A7C-83FF-49C0-AFE6-518B3F880312} - System32\Tasks\{DEDB5CEF-F8C3-4398-86B8-2F69CAADB9D6} => D:\Downloads\DVD\DVD Shrink.exe [2012-04-26] (www.download-sponsor.de)
Task: {48548F49-79B5-439E-BD63-BB645E444317} - System32\Tasks\{207771AB-87A6-4DA6-8285-CF3225B2A6FE} => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-02-14] (Samsung Electronics Co., Ltd.)
Task: {4B790BF0-52BB-4A57-AAB5-5EA1741814A3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {4B80B91B-8307-47AC-AEA8-B16CACE2AAC9} - System32\Tasks\FF Watcher {8F273583-E67F-4A5B-BE5B-F9941B213C99} => C:\Program Files\V-bates\PrefHelper.exe
Task: {4DF67846-6F85-4FBA-8C84-92E8C31CBBEA} - System32\Tasks\{DDA70186-FED9-4946-A4E5-90AE5103A6C6} => X:\Thumbs32\Thumbs.exe
Task: {5237A3A7-6A27-4E1C-A70A-7A817A0DCF40} - System32\Tasks\{12E7D124-9590-48FC-8C30-547A37A68900} => C:\Program Files (x86)\DVDFab Mein Filmkopierer\Passkey_mogen312.exe
Task: {66528F0E-CFBD-4D0D-87F1-D661A3BE1FBE} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe [2013-04-24] (Crystal Dew World)
Task: {67F44284-F367-4C9D-90A1-F7628BE33035} - System32\Tasks\{83FE75BE-B444-46C9-A8A4-9274D571B556} => F:\win-7\ZEHBESOFT\Geburtstagsmahner\GebEdit.exe
Task: {6BE2A88D-AFF1-4046-90EA-3C66762BCBE6} - System32\Tasks\{209CAB11-0569-48BA-A020-3405E26449F0} => C:\Program Files (x86)\DVDFab Mein Filmkopierer\Passkey_mogen312.exe
Task: {72A59A48-08AF-4E49-975F-D544BC45CD28} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-30] (Adobe Systems Incorporated)
Task: {7704E756-7309-439C-A5E2-56B395184E2A} - System32\Tasks\{438D002F-EBA9-4FC8-AA1A-9B602940377B} => C:\NOF 11\NetObjectsFusion11.exe
Task: {7C912EB6-4593-4537-B120-C469A0A6837D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {85801777-28B0-485C-8D8B-AF94227BF0EF} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {878271C5-0B38-4CE7-B583-0D36C70E2365} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {87EDEAE0-DA83-40A4-A60A-A3E5040F8E09} - System32\Tasks\{7490306D-356B-4D80-97AF-2B7C26FCE2D4} => C:\Users\Heiner\Downloads\Kies_2.3.2.12054_19_1.exe [2012-06-08] (Samsung Electronics Co., Ltd. )
Task: {8C42A418-E1EA-49AB-A69A-0A4C0D1F8C74} - System32\Tasks\StartupStar Firewall => C:\Program Files (x86)\StartupStar\StartupStar.exe [2014-03-18] (Ascora GmbH)
Task: {90A52081-54D3-41C9-A716-2FC4C72651E0} - System32\Tasks\{49E87411-F615-466C-A839-E14238618FC4} => C:\Program Files (x86)\DATA BECKER\CD-DVD Druckerei 7 LE\cdd7le.exe [2009-11-17] (H.Phlipsen - Softwareentwicklung (hxxp://www.phlipsen.de))
Task: {966E6D5F-106F-49AB-B5FA-C9DF9804F216} - System32\Tasks\{80F1F312-D9D8-4DA4-823B-6DF6ABFF1515} => C:\Program Files (x86)\DEUTSCHLAND SPIELT\RitterArthur3\RitterArthur3_og.exe [2011-09-19] ()
Task: {9ECF9C3F-75BC-4EFD-8B02-8A6444E23255} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {A3DC59AD-14C1-4C91-895F-6EC6E38C8443} - System32\Tasks\{67C7E33E-52E7-4178-A345-0E3D8CAD952B} => C:\Program Files (x86)\NetObjects\NetObjects Fusion 1&1 Edition\Fusion-Lite.exe
Task: {A62736E5-9D6E-4A26-AB14-8287D164AAA3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {AEF931EC-C9E8-4371-862E-30A3D0DA95F0} - System32\Tasks\HPCeeScheduleForHeiner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {B0C2DCF1-AECD-4B21-8458-36EAE5960904} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2012-08-23] (Hewlett-Packard)
Task: {B0F7ADAA-23FD-4EC8-B928-A78F68B13C51} - System32\Tasks\{61591E19-00CD-40E5-A9E8-696A42DAD574} => C:\Program Files (x86)\DEUTSCHLAND SPIELT\RitterArthur3\RitterArthur3_og.exe [2011-09-19] ()
Task: {B9105CF7-19C2-4205-9224-06B5F3F14B6A} - System32\Tasks\{EB6A9F57-B403-4D44-BD31-56C56A204518} => C:\WINPROV\PROVEX.EXE [2000-03-25] ()
Task: {BE646BB8-623C-40DF-B571-5C122D2E58BD} - System32\Tasks\DriverDoc_UPDATES => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe [2012-10-05] (Solvusoft Corporation)
Task: {C1C02DBB-0AE1-48A7-A5D3-387EC2D1C68D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Task: {C64420B8-4465-4EE9-9CCA-85904DBC77DB} - System32\Tasks\{4525A462-29D6-4A40-9289-9B0E7021CA28} => C:\WINPROV\PROVEX.EXE [2000-03-25] ()
Task: {CEC38045-575A-42D5-8204-B9E04D7244CA} - System32\Tasks\{A1452094-D68B-4CEE-9064-5891FA62E8F8} => D:\NetObjektsFusion 11\Fusion-Lite.exe
Task: {CECC5E33-2091-4998-8415-5494311B52BF} - System32\Tasks\{4861292C-014D-4292-A21B-416D290D9B54} => C:\Program Files (x86)\DATA BECKER\CD-DVD Druckerei 7 LE\cdd7le.exe [2009-11-17] (H.Phlipsen - Softwareentwicklung (hxxp://www.phlipsen.de))
Task: {D391985E-09C3-4E96-9671-28C0F3180469} - System32\Tasks\DivX-Online-Aktualisierungsprogramm => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2013-02-13] ()
Task: {DE047D14-82B0-4CDA-8FAD-515FC2EC427E} - System32\Tasks\{B799625F-375D-4E0A-A224-259E5A3994F7} => C:\Program Files (x86)\NetObjects\NetObjects Fusion 1&1 Edition\Fusion-Lite.exe
Task: {DF04659D-50AF-4868-9408-27B54EEDD648} - System32\Tasks\{08E77ADF-4B60-4664-9037-41FB83E10982} => F:\win-7\ZEHBESOFT\Geburtstagsmahner\GebEdit.exe
Task: {E0257E8C-AFC0-4A4E-AF90-8E31B20AA4A0} - System32\Tasks\{32596735-6652-415C-8E6B-01D767887CAD} => C:\Program Files (x86)\DVDFab Mein Filmkopierer\Passkey_mogen312.exe
Task: {E03A4BB7-C7AD-4C89-9271-7EFB937678E2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {E2BD79FF-9419-448C-982E-D9BCEEDF9A44} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {E54D9390-CCBB-4D37-9881-0B7510C51376} - System32\Tasks\{937B2B51-FA12-4CC1-9D67-A9E8AE4B11D8} => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2014-02-14] (Samsung Electronics Co., Ltd.)
Task: {EBE7B988-F210-407D-973A-B23CC42B637F} - System32\Tasks\NetFusion 12 => C:\Program Files (x86)\NetObjects\NetObjects Fusion 12.0\Fusion.exe [2011-12-05] (NetObjects)
Task: {FA6E6733-24EE-477D-9C37-B0E8F89E927A} - System32\Tasks\{59736D31-F61C-4388-955C-F5DCE4C388B8} => C:\Users\Heiner\Documents\Downloads\microphotoed.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverDoc_UPDATES.job => C:\Program Files (x86)\DriverDoc\Solvusoftdd.exe
Task: C:\Windows\Tasks\FF Watcher {8F273583-E67F-4A5B-BE5B-F9941B213C99}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHEINER-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForHeiner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\StartupStar Firewall.job => C:\Program Files (x86)\StartupStar\StartupStar.exe
==================== Loaded Modules (whitelisted) =============
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-08-20 18:42 - 2012-07-30 09:48 - 01518504 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
2014-04-26 14:36 - 2014-04-26 14:35 - 01260648 _____ () C:\Users\Heiner\AppData\Roaming\InetStat\inetstat.exe
2014-04-29 11:31 - 2014-03-18 13:32 - 00053536 _____ () C:\Program Files (x86)\StartupStar\AbSettings.dll
2014-04-29 11:31 - 2014-03-18 13:32 - 01398560 _____ () C:\Program Files (x86)\StartupStar\AbGui.dll
2014-04-29 11:31 - 2014-03-18 13:32 - 00014112 _____ () C:\Program Files (x86)\StartupStar\AbAutostartManager.dll
2014-04-29 11:31 - 2014-03-18 13:32 - 00041248 _____ () C:\Program Files (x86)\StartupStar\AbApi.dll
2014-04-29 11:31 - 2014-03-18 13:32 - 00039712 _____ () C:\Program Files (x86)\StartupStar\StartupLogic.dll
2013-09-13 13:17 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-06-01 08:14 - 2011-06-01 08:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-12 02:20 - 2011-04-12 02:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-12 02:20 - 2011-04-12 02:20 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2014-04-08 17:42 - 2014-04-08 17:42 - 00199336 _____ () C:\Program Files (x86)\Steganos Online Shield\openvpn64\liblzo2-2.dll
2014-04-08 17:42 - 2014-04-08 17:42 - 00117464 _____ () C:\Program Files (x86)\Steganos Online Shield\openvpn64\libpkcs11-helper-1.dll
2014-05-06 21:37 - 2014-05-06 21:37 - 02253824 _____ () C:\Program Files\AVAST Software\Avast\defs\14050601\algo.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-06 16:47 - 2014-05-06 16:47 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-12-20 20:27 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-20 20:27 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2012-12-20 20:27 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-20 20:27 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2012-12-20 20:27 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-12-20 20:27 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2014-04-29 16:12 - 2014-04-22 11:25 - 03845232 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-21 10:13 - 2014-03-21 10:13 - 01020928 _____ () C:\Users\Heiner\AppData\Roaming\Mozilla\Firefox\Profiles\ekhthtf0.default-1380005200022\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-04-29 09:01 - 2014-04-30 23:29 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2012-03-08 18:11 - 2013-10-24 01:20 - 03008624 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2012-03-08 18:11 - 2013-10-24 01:20 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2012-03-08 18:11 - 2013-10-24 01:20 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-07-26 08:35 - 2012-09-24 16:35 - 00168448 _____ () C:\Program Files (x86)\DriverDoc\unrar.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\ProgramData\Temp:B24B19F1
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\Services: UxTuneUp => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^honestech Audio Recorder 2.0 Deluxe Launcher.lnk => C:\Windows\pss\honestech Audio Recorder 2.0 Deluxe Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk =>
MSCONFIG\startupfolder: C:^Users^Heiner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Alamandi tray notifier =>
MSCONFIG\startupreg: Alle meine Passworte => C:\PROGRA~2\AMP\AMP.EXE
MSCONFIG\startupreg: COMPUTERBILD-Abzockschutz Premium => "C:\Program Files (x86)\COMPUTERBILD-Abzockschutz Premium\bin\COMPUTERBILD-Abzockschutz Premium.exe"
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: Spiele Post => C:\Program Files (x86)\OXXOGames\GPlayer\GameCenterNotifier.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/06/2014 09:49:52 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x53180888
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002853
ID des fehlerhaften Prozesses: 0x16b4
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/06/2014 09:44:38 PM) (Source: Service1) (User: ) (EventID: 0)
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (05/06/2014 09:36:15 PM) (Source: Service1) (User: ) (EventID: 0)
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (05/06/2014 06:01:52 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x53180888
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002853
ID des fehlerhaften Prozesses: 0x1730
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/06/2014 06:00:41 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x53180888
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002853
ID des fehlerhaften Prozesses: 0xce4
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/06/2014 05:58:59 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x53180888
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002853
ID des fehlerhaften Prozesses: 0x186c
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/06/2014 05:55:54 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x53180888
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002853
ID des fehlerhaften Prozesses: 0x1384
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/06/2014 05:54:34 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17041, Zeitstempel: 0x53180888
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002853
ID des fehlerhaften Prozesses: 0x11bc
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (05/06/2014 05:40:42 PM) (Source: Service1) (User: ) (EventID: 0)
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (05/06/2014 05:12:14 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5180f322
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5393cc49
ID des fehlerhaften Prozesses: 0x1af4
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
System errors:
=============
Error: (05/06/2014 09:45:11 PM) (Source: WMPNetworkSvc) (User: ) (EventID: 14319)
Description: WMPNetworkSvc
Error: (05/06/2014 09:44:58 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Online Shield Starter Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (05/06/2014 09:42:28 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (05/06/2014 09:36:41 PM) (Source: WMPNetworkSvc) (User: ) (EventID: 14319)
Description: WMPNetworkSvc
Error: (05/06/2014 08:10:04 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (05/06/2014 05:41:23 PM) (Source: WMPNetworkSvc) (User: ) (EventID: 14319)
Description: WMPNetworkSvc
Error: (05/06/2014 05:41:11 PM) (Source: Service Control Manager) (User: ) (EventID: 7000)
Description: Der Dienst "Online Shield Starter Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5
Error: (05/06/2014 05:39:25 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (05/06/2014 05:39:15 PM) (Source: DCOM) (User: ) (EventID: 10010)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/06/2014 04:43:47 PM) (Source: WMPNetworkSvc) (User: ) (EventID: 14319)
Description: WMPNetworkSvc
Microsoft Office Sessions:
=========================
Error: (05/06/2014 09:49:52 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe11.0.9600.1704153180888msvcrt.dll7.0.7601.177444eeb033fc0000005000000000000285316b401cf69642b47fde9C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\msvcrt.dll964d13fb-d557-11e3-9a82-38607789d681
Error: (05/06/2014 09:44:38 PM) (Source: Service1) (User: ) (EventID: 0)
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (05/06/2014 09:36:15 PM) (Source: Service1) (User: ) (EventID: 0)
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (05/06/2014 06:01:52 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe11.0.9600.1704153180888msvcrt.dll7.0.7601.177444eeb033fc00000050000000000002853173001cf694458d51295C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\msvcrt.dllbc6d9163-d537-11e3-a206-38607789d681
Error: (05/06/2014 06:00:41 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe11.0.9600.1704153180888msvcrt.dll7.0.7601.177444eeb033fc00000050000000000002853ce401cf69441f18de8aC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\msvcrt.dll927b09e6-d537-11e3-a206-38607789d681
Error: (05/06/2014 05:58:59 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe11.0.9600.1704153180888msvcrt.dll7.0.7601.177444eeb033fc00000050000000000002853186c01cf6943add02fe6C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\msvcrt.dll5537c4c2-d537-11e3-a206-38607789d681
Error: (05/06/2014 05:55:54 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe11.0.9600.1704153180888msvcrt.dll7.0.7601.177444eeb033fc00000050000000000002853138401cf69437e0cecddC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\msvcrt.dlle761db9c-d536-11e3-a206-38607789d681
Error: (05/06/2014 05:54:34 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: iexplore.exe11.0.9600.1704153180888msvcrt.dll7.0.7601.177444eeb033fc0000005000000000000285311bc01cf69430d5d7338C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\msvcrt.dllb796d046-d536-11e3-a206-38607789d681
Error: (05/06/2014 05:40:42 PM) (Source: Service1) (User: ) (EventID: 0)
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (05/06/2014 05:12:14 PM) (Source: Application Error) (User: ) (EventID: 1000)
Description: MsiExec.exe5.0.7601.175144ce792c4QuickTime.qts_unloaded0.0.0.05180f322c00000055393cc491af401cf693d8f58bf56C:\Windows\syswow64\MsiExec.exeQuickTime.qtscda91655-d530-11e3-913c-38607789d681
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 8178.82 MB
Available physical RAM: 3500.94 MB
Total Pagefile: 16355.82 MB
Available Pagefile: 10718.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:585.94 GB) (Free:125.48 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1264.33 GB) (Free:855.02 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:12.65 GB) (Free:1.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (EXTERN) (Fixed) (Total:931.51 GB) (Free:490.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0D08D81B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=586 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-841464414208) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 932 GB) (Disk ID: 7AABCF89)
Partition: GPT Partition Type.
==================== End Of Log ============================
Jetzt noch ein Screenshot vom Taskmanager: 
__________________ |
|
| Themen zu posadi17 im IE |
| .com, avast, bericht, desktop, detected, erstellt, explorer, home, internet, internet explorer, link, malwarebytes, posadi17, posadi17 entfernen, registrierungsdatenbank, roaming, schutz, service, suche, webseite, webseiten, windows, windows 7 |
Hybrid-Darstellung
