| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Eventueller Virenbefall durch Netzwerk?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
29.06.2014, 19:56
| #1 |
 |  Windows 7: Eventueller Virenbefall durch Netzwerk? Hallo, der Laptop meiner Frau war mit Malware infiziert und ich wollte kurz fragen, ob ich durch unser Heimnetzwerk eventuell etwas "abbekommen" habe? Hier meine log-Files: defogger_disable.txt Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 20:09 on 29/06/2014 (Richerts)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:28-06-2014 02
Ran by Richerts (administrator) on RICHERTS-PC on 29-06-2014 20:11:29
Running from C:\Users\Richerts\Downloads
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(BUFFALO INC.) C:\Program Files\BUFFALO\NASNAVI\nassvc.exe
(pdfforge GbR) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files\PDF Architect\ConversionService.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Check Point Software Technologies, Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Check Point Software Technologies Ltd.) C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1637528 2012-10-09] (CANON INC.)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24Creator\pdf24.exe [162856 2013-07-22] (Geek Software GmbH)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ZoneAlarm] => C:\Program Files\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2263252255-1708856640-2164245826-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-2263252255-1708856640-2164245826-1000\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843568 2014-05-28] (Samsung)
HKU\S-1-5-21-2263252255-1708856640-2164245826-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKU\S-1-5-21-2263252255-1708856640-2164245826-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1563440 2014-05-28] (Samsung)
HKU\S-1-5-21-2263252255-1708856640-2164245826-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.search.yahoo.com/?type=501549&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8D34185D0C35CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {FB442BEF-A6F0-4316-8168-EC3575B2A5C2} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
SearchScopes: HKCU - {FB442BEF-A6F0-4316-8168-EC3575B2A5C2} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=501549&p={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\Profiles\2sa4jryb.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=501549&p=
FF Homepage: https://de.search.yahoo.com/?type=501549&fr=spigot-yhp-ff
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF SearchPlugin: C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\Profiles\2sa4jryb.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2014-03-26]
FF Extension: No Name - C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-03-26]
FF Extension: HDvid Codec - C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\profiles\extensions\hdvc@hdvc.com.xpi [2013-04-17]
FF Extension: No Name - C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\Profiles\2sa4jryb.default\Extensions\staged [2014-03-26]
FF Extension: Snap.Do - C:\Users\Richerts\AppData\Roaming\Mozilla\Firefox\Profiles\2sa4jryb.default\Extensions\{f9fc93be-f796-7006-7b62-402a556f07a7} [2014-03-26]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-01-07]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-01-15]
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-01-15]
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "https://www.google.de/"
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility for IJ) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-29]
CHR Extension: (WOT) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-04-29]
CHR Extension: (YouTube) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-29]
CHR Extension: (Ciuvo Preisvergleich) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmmkkbjmcidpennbibfkncodjenfpjh [2013-04-29]
CHR Extension: (Adblock Plus) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-04-29]
CHR Extension: (Google-Suche) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-29]
CHR Extension: (Readium) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2014-05-30]
CHR Extension: (3D-Bowling) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\gemohgpikgjbgmdfbfjdailocichgbjm [2013-04-29]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-06-22]
CHR Extension: (LearningApps.org) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkpajokdkoidfiohkeknhhheinfpimfc [2014-03-31]
CHR Extension: (World Data Atlas) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\knlgfedckdhkgjinnhogmhkbcjpmmhko [2014-03-31]
CHR Extension: (WorkFlowy) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\koegeopamaoljbmhnfjbclbocehhgmkm [2014-03-31]
CHR Extension: (Google Wallet) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-06-22]
CHR Extension: (Google Mail) - C:\Users\Richerts\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-29]
CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Richerts\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12]
========================== Services (Whitelisted) =================
R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] () [File not signed]
S2 FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-01-13] (Ellora Assets Corp.) [File not signed]
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-02-05] (Teruten) [File not signed]
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 NasPmService; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [251760 2014-01-05] (BUFFALO INC.)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [32568 2014-05-02] (The OpenVPN Project)
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
R2 vsmon; C:\Program Files\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
==================== Drivers (Whitelisted) ====================
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [135776 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [488032 2014-04-30] (Kaspersky Lab ZAO)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [15688 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [10320 2013-09-30] ()
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [35288 2013-08-22] (The OpenVPN Project)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [456088 2014-05-30] (Check Point Software Technologies Ltd.)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [74848 2014-04-30] (Kaspersky Lab ZAO)
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-29 20:12 - 2014-06-29 20:12 - 00000000 ____D () C:\Users\Richerts\Desktop\Trojaner Board
2014-06-29 20:11 - 2014-06-29 20:12 - 00022110 _____ () C:\Users\Richerts\Downloads\FRST.txt
2014-06-29 20:11 - 2014-06-29 20:11 - 00000000 ____D () C:\FRST
2014-06-29 20:10 - 2014-06-29 20:11 - 01073664 _____ (Farbar) C:\Users\Richerts\Downloads\FRST.exe
2014-06-29 20:09 - 2014-06-29 20:09 - 00000478 _____ () C:\Users\Richerts\Downloads\defogger_disable.log
2014-06-29 20:09 - 2014-06-29 20:09 - 00000000 _____ () C:\Users\Richerts\defogger_reenable
2014-06-29 20:08 - 2014-06-29 20:08 - 00050477 _____ () C:\Users\Richerts\Downloads\Defogger.exe
2014-06-29 19:14 - 2014-06-29 19:16 - 00104960 _____ () C:\Users\Richerts\Desktop\Lied zum Abschied Kl 4a Rischenau.pub
2014-06-29 19:11 - 2014-06-29 19:14 - 00097792 _____ () C:\Users\Richerts\Downloads\Lied zum Abschied.pub
2014-06-26 21:09 - 2014-06-26 21:09 - 154764088 _____ () C:\Users\Richerts\Documents\Amazing Modern Dancing Airport Flashmob 2014.mp4
2014-06-23 22:51 - 2014-06-23 22:51 - 00023843 _____ () C:\Users\Richerts\Downloads\UR_Entwurf_ Napoleon _ Kaiser der Franzosen.zip
2014-06-23 22:28 - 2014-06-23 22:50 - 07610880 _____ () C:\Users\Richerts\Downloads\Napoleon Bonaparte.ppt
2014-06-23 16:25 - 2014-06-23 16:25 - 00868352 _____ () C:\Users\Richerts\Downloads\206.ppt
2014-06-23 16:24 - 2014-06-23 16:24 - 01362944 _____ () C:\Users\Richerts\Downloads\202.ppt
2014-06-23 16:23 - 2014-06-23 16:23 - 00338432 _____ () C:\Users\Richerts\Downloads\195.ppt
2014-06-23 16:23 - 2014-06-23 16:23 - 00104960 _____ () C:\Users\Richerts\Downloads\197.ppt
2014-06-23 16:21 - 2014-06-23 16:21 - 00582144 _____ () C:\Users\Richerts\Downloads\193.ppt
2014-06-23 16:18 - 2014-06-23 16:18 - 00384512 _____ () C:\Users\Richerts\Downloads\199.ppt
2014-06-22 23:19 - 2014-03-31 09:35 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-06-22 23:15 - 2014-06-28 00:01 - 00008969 ____H () C:\Windows\system32\BTImages.dat
2014-06-22 22:52 - 2014-06-22 22:52 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-06-22 22:52 - 2014-04-30 11:01 - 00488032 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-06-22 22:52 - 2014-04-30 11:01 - 00074848 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-06-22 22:52 - 2014-04-30 11:00 - 00135776 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-06-22 22:51 - 2014-06-22 22:51 - 00000732 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-06-22 22:51 - 2014-06-22 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-06-22 22:48 - 2014-06-22 22:48 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Richerts\Downloads\zaSetupWeb_132_015_000 (1).exe
2014-06-22 22:47 - 2014-06-22 22:51 - 00000000 ____D () C:\Program Files\CheckPoint
2014-06-22 22:47 - 2014-06-22 22:47 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Richerts\Downloads\zaSetupWeb_132_015_000.exe
2014-06-22 22:47 - 2014-06-22 22:47 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\Check Point Software Technologies LTD
2014-06-22 22:47 - 2014-06-22 22:47 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-22 22:47 - 2014-06-22 22:47 - 00000000 ____D () C:\Program Files\Check Point Software Technologies LTD
2014-06-22 22:21 - 2014-06-22 22:22 - 00000000 ____D () C:\Users\Richerts\Desktop\Wir sind die Maus Wave Datei
2014-06-22 22:19 - 2014-06-22 22:19 - 00002178 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-06-22 22:17 - 2014-06-22 22:17 - 34314288 _____ (DVDVideoSoft Ltd. ) C:\Users\Richerts\Downloads\FreeAudioConverter5.0.43.605.exe
2014-06-22 22:07 - 2014-06-26 21:06 - 00000000 ____D () C:\Users\Richerts\Desktop\Videos 8c
2014-06-22 21:19 - 2014-06-22 21:19 - 00810950 _____ () C:\Users\Richerts\Downloads\sprachgeschichte_offen.zip
2014-06-22 18:01 - 2014-06-22 18:01 - 142293945 _____ () C:\Users\Richerts\Desktop\Die großen Entdecker der Welt_ Cook, Kolumbus, Vespucci, ect..mp4
2014-06-22 17:55 - 2014-06-22 17:55 - 165446210 _____ () C:\Users\Richerts\Desktop\DOKU_Christoph Kolumbus - Die Wahre Biografie_DEUTSCH _ 2014.mp4
2014-06-22 17:44 - 2014-06-22 17:44 - 00001919 _____ () C:\Users\Richerts\Desktop\Sync Folder.lnk
2014-06-22 17:43 - 2014-06-22 23:02 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-22 17:43 - 2014-06-22 17:43 - 00001049 _____ () C:\Users\Richerts\Desktop\MyPC Backup.lnk
2014-06-22 17:43 - 2014-06-22 17:43 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-22 17:42 - 2014-06-22 17:42 - 00001251 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-06-22 17:42 - 2014-06-22 17:42 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-06-22 17:41 - 2014-06-22 17:41 - 11227432 _____ () C:\Users\Richerts\Downloads\YTDSetup481.exe
2014-06-12 10:19 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 10:19 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 10:19 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 10:19 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 10:19 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 10:19 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 10:19 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 10:19 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 10:19 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 10:19 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 10:19 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 10:19 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 10:19 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 10:19 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 10:19 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 10:19 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 10:19 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 10:19 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 10:19 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 10:19 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 10:19 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 10:19 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 10:19 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 10:19 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 10:19 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 10:19 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 10:19 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 10:19 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 10:18 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 10:18 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-12 10:18 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 10:18 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 10:18 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 10:18 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 10:18 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 10:18 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 10:17 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 10:08 - 2014-06-22 23:15 - 00000965 _____ () C:\Windows\setupact.log
2014-06-12 10:08 - 2014-06-22 22:59 - 00016678 _____ () C:\Windows\PFRO.log
2014-06-12 10:08 - 2014-06-12 10:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-11 09:37 - 2014-05-08 11:06 - 02742784 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 09:37 - 2014-05-08 11:06 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-09 13:32 - 2014-06-09 13:32 - 00015872 _____ () C:\Users\Richerts\Downloads\Rueckmeldebogen Schuelerverhalten_positive Verstaerkung.xls
2014-06-03 20:45 - 2014-06-03 20:45 - 00691572 _____ () C:\Users\Richerts\Downloads\kommunikation.hlp
2014-06-03 20:22 - 2014-06-12 13:52 - 00000000 ____D () C:\Users\Richerts\Desktop\UPPs
2014-06-03 17:53 - 2014-06-03 17:53 - 00000000 ____D () C:\Users\Richerts\AppData\Local\PDFCreator
2014-06-02 19:00 - 2014-06-02 19:00 - 00417416 _____ () C:\Users\Richerts\Downloads\diversevorlagen.zip
2014-06-02 16:53 - 2014-06-02 16:53 - 13525781 _____ () C:\Users\Richerts\Downloads\tesseract-ocr-setup-3.02.02.exe
2014-06-02 16:50 - 2014-06-05 17:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-02 16:50 - 2014-06-02 16:50 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\pdfforge
2014-06-02 16:50 - 2014-06-02 16:50 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-02 16:50 - 2014-04-17 19:36 - 00095928 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-06-02 16:49 - 2014-06-02 16:50 - 01825064 _____ () C:\Users\Richerts\Downloads\tesseract-ocr-3.02.deu.tar.gz
2014-06-02 10:44 - 2014-06-02 10:44 - 25055960 _____ (pdfforge ) C:\Users\Richerts\Downloads\PDFCreator-1_9_3-setup.exe
2014-06-01 22:29 - 2014-06-01 22:29 - 00045541 _____ () C:\Users\Richerts\Downloads\marseillaise_military.mid
2014-06-01 22:28 - 2014-06-01 22:28 - 00007107 _____ () C:\Users\Richerts\Downloads\marseillaise.mid
2014-06-01 22:09 - 2014-06-01 22:09 - 03238941 _____ () C:\Users\Richerts\Downloads\Sicherung_Millionenshow_AntikesGriechenland.zip
2014-06-01 21:59 - 2014-06-01 21:59 - 00102978 _____ () C:\Users\Richerts\Downloads\12Maerchen.zip
2014-05-31 12:12 - 2014-05-31 12:12 - 00000000 ____D () C:\Users\Richerts\Documents\Eendsoft
2014-05-31 12:12 - 2014-05-31 12:12 - 00000000 ____D () C:\ProgramData\firebird
2014-05-31 12:10 - 2014-05-31 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto-Selector
2014-05-31 12:03 - 2014-05-31 12:10 - 00000000 ____D () C:\Program Files\Picto Selector
2014-05-31 11:59 - 2014-05-31 12:03 - 230896024 _____ (M.C. van der Kooij ) C:\Users\Richerts\Downloads\setup_complete.exe
2014-05-31 09:23 - 2014-05-31 09:23 - 00003332 _____ () C:\Users\Richerts\Downloads\McPower_Flag_of_Germany_(with_wind).svg
2014-05-31 09:14 - 2014-05-31 09:14 - 02086912 _____ () C:\Users\Richerts\Downloads\UE-Saeuren_im_Alltag.ppt
2014-05-30 23:48 - 2014-05-30 23:54 - 00000000 ____D () C:\Users\Richerts\Documents\Calibre-Bibliothek
2014-05-30 23:48 - 2014-05-30 23:48 - 00000000 ____D () C:\Users\Richerts\AppData\Local\calibre-cache
2014-05-30 23:47 - 2014-05-30 23:52 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\calibre
2014-05-30 23:47 - 2014-05-30 23:47 - 00000930 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-05-30 23:47 - 2014-05-30 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-05-30 23:47 - 2014-05-30 23:47 - 00000000 ____D () C:\Program Files\Calibre2
2014-05-30 23:44 - 2014-05-30 23:44 - 00961360 _____ (Chip Digital GmbH) C:\Users\Richerts\Downloads\Calibre 32 Bit - CHIP-Installer.exe
2014-05-30 23:39 - 2014-05-30 23:42 - 208218905 _____ () C:\Users\Richerts\Downloads\eBook_OER_fuer_alle_Version2.0.epub
2014-05-30 10:08 - 2014-06-23 23:32 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\Copernic
2014-05-30 10:08 - 2014-06-23 23:32 - 00000000 ____D () C:\Program Files\Common Files\Copernic
2014-05-30 10:08 - 2007-11-15 12:22 - 00110110 _____ () C:\Windows\CopernicAgentUninstall.exe
2014-05-30 02:35 - 2014-05-30 02:35 - 00456088 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
==================== One Month Modified Files and Folders =======
2014-06-29 20:12 - 2014-06-29 20:12 - 00000000 ____D () C:\Users\Richerts\Desktop\Trojaner Board
2014-06-29 20:12 - 2014-06-29 20:11 - 00022110 _____ () C:\Users\Richerts\Downloads\FRST.txt
2014-06-29 20:11 - 2014-06-29 20:11 - 00000000 ____D () C:\FRST
2014-06-29 20:11 - 2014-06-29 20:10 - 01073664 _____ (Farbar) C:\Users\Richerts\Downloads\FRST.exe
2014-06-29 20:10 - 2012-11-24 15:46 - 01209123 _____ () C:\Windows\WindowsUpdate.log
2014-06-29 20:09 - 2014-06-29 20:09 - 00000478 _____ () C:\Users\Richerts\Downloads\defogger_disable.log
2014-06-29 20:09 - 2014-06-29 20:09 - 00000000 _____ () C:\Users\Richerts\defogger_reenable
2014-06-29 20:09 - 2012-11-24 15:51 - 00000000 ____D () C:\Users\Richerts
2014-06-29 20:08 - 2014-06-29 20:08 - 00050477 _____ () C:\Users\Richerts\Downloads\Defogger.exe
2014-06-29 19:54 - 2013-04-29 18:49 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-29 19:50 - 2012-12-04 21:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-29 19:16 - 2014-06-29 19:14 - 00104960 _____ () C:\Users\Richerts\Desktop\Lied zum Abschied Kl 4a Rischenau.pub
2014-06-29 19:14 - 2014-06-29 19:11 - 00097792 _____ () C:\Users\Richerts\Downloads\Lied zum Abschied.pub
2014-06-28 22:54 - 2013-04-29 18:49 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-28 20:56 - 2013-09-30 22:09 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-06-28 20:16 - 2012-11-24 15:53 - 01622904 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-28 12:59 - 2013-07-27 23:02 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\KeePass
2014-06-28 00:01 - 2014-06-22 23:15 - 00008969 ____H () C:\Windows\system32\BTImages.dat
2014-06-27 23:59 - 2013-05-25 22:45 - 00000000 ____D () C:\Program Files\Schulfix
2014-06-27 23:58 - 2013-12-16 18:26 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-06-26 22:48 - 2013-06-14 10:38 - 00000000 ____D () C:\Users\Richerts\Desktop\Referendariat
2014-06-26 21:09 - 2014-06-26 21:09 - 154764088 _____ () C:\Users\Richerts\Documents\Amazing Modern Dancing Airport Flashmob 2014.mp4
2014-06-26 21:06 - 2014-06-22 22:07 - 00000000 ____D () C:\Users\Richerts\Desktop\Videos 8c
2014-06-26 17:42 - 2009-07-14 06:34 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-26 17:42 - 2009-07-14 06:34 - 00013792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-23 23:32 - 2014-05-30 10:08 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\Copernic
2014-06-23 23:32 - 2014-05-30 10:08 - 00000000 ____D () C:\Program Files\Common Files\Copernic
2014-06-23 22:51 - 2014-06-23 22:51 - 00023843 _____ () C:\Users\Richerts\Downloads\UR_Entwurf_ Napoleon _ Kaiser der Franzosen.zip
2014-06-23 22:50 - 2014-06-23 22:28 - 07610880 _____ () C:\Users\Richerts\Downloads\Napoleon Bonaparte.ppt
2014-06-23 16:26 - 2012-12-01 22:03 - 00000000 ____D () C:\Users\Richerts\AppData\Local\Microsoft Help
2014-06-23 16:25 - 2014-06-23 16:25 - 00868352 _____ () C:\Users\Richerts\Downloads\206.ppt
2014-06-23 16:24 - 2014-06-23 16:24 - 01362944 _____ () C:\Users\Richerts\Downloads\202.ppt
2014-06-23 16:23 - 2014-06-23 16:23 - 00338432 _____ () C:\Users\Richerts\Downloads\195.ppt
2014-06-23 16:23 - 2014-06-23 16:23 - 00104960 _____ () C:\Users\Richerts\Downloads\197.ppt
2014-06-23 16:21 - 2014-06-23 16:21 - 00582144 _____ () C:\Users\Richerts\Downloads\193.ppt
2014-06-23 16:18 - 2014-06-23 16:18 - 00384512 _____ () C:\Users\Richerts\Downloads\199.ppt
2014-06-22 23:15 - 2014-06-12 10:08 - 00000965 _____ () C:\Windows\setupact.log
2014-06-22 23:02 - 2014-06-22 17:43 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-22 22:59 - 2014-06-12 10:08 - 00016678 _____ () C:\Windows\PFRO.log
2014-06-22 22:59 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 22:52 - 2014-06-22 22:52 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-06-22 22:51 - 2014-06-22 22:51 - 00000732 _____ () C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2014-06-22 22:51 - 2014-06-22 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2014-06-22 22:51 - 2014-06-22 22:47 - 00000000 ____D () C:\Program Files\CheckPoint
2014-06-22 22:48 - 2014-06-22 22:48 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Richerts\Downloads\zaSetupWeb_132_015_000 (1).exe
2014-06-22 22:47 - 2014-06-22 22:47 - 03394856 _____ (Check Point Software Technologies Ltd.) C:\Users\Richerts\Downloads\zaSetupWeb_132_015_000.exe
2014-06-22 22:47 - 2014-06-22 22:47 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\Check Point Software Technologies LTD
2014-06-22 22:47 - 2014-06-22 22:47 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-22 22:47 - 2014-06-22 22:47 - 00000000 ____D () C:\Program Files\Check Point Software Technologies LTD
2014-06-22 22:36 - 2013-03-29 19:39 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\QuickScan
2014-06-22 22:22 - 2014-06-22 22:21 - 00000000 ____D () C:\Users\Richerts\Desktop\Wir sind die Maus Wave Datei
2014-06-22 22:19 - 2014-06-22 22:19 - 00002178 _____ () C:\Users\Public\Desktop\Free Audio Converter.lnk
2014-06-22 22:19 - 2014-03-26 23:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-22 22:19 - 2014-03-26 23:02 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-06-22 22:19 - 2014-03-26 23:02 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-06-22 22:19 - 2013-05-10 22:16 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\DVDVideoSoft
2014-06-22 22:17 - 2014-06-22 22:17 - 34314288 _____ (DVDVideoSoft Ltd. ) C:\Users\Richerts\Downloads\FreeAudioConverter5.0.43.605.exe
2014-06-22 21:19 - 2014-06-22 21:19 - 00810950 _____ () C:\Users\Richerts\Downloads\sprachgeschichte_offen.zip
2014-06-22 18:01 - 2014-06-22 18:01 - 142293945 _____ () C:\Users\Richerts\Desktop\Die großen Entdecker der Welt_ Cook, Kolumbus, Vespucci, ect..mp4
2014-06-22 17:55 - 2014-06-22 17:55 - 165446210 _____ () C:\Users\Richerts\Desktop\DOKU_Christoph Kolumbus - Die Wahre Biografie_DEUTSCH _ 2014.mp4
2014-06-22 17:44 - 2014-06-22 17:44 - 00001919 _____ () C:\Users\Richerts\Desktop\Sync Folder.lnk
2014-06-22 17:43 - 2014-06-22 17:43 - 00001049 _____ () C:\Users\Richerts\Desktop\MyPC Backup.lnk
2014-06-22 17:43 - 2014-06-22 17:43 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-06-22 17:42 - 2014-06-22 17:42 - 00001251 _____ () C:\Users\Public\Desktop\YTD Video Downloader.lnk
2014-06-22 17:42 - 2014-06-22 17:42 - 00000000 ____D () C:\Program Files\GreenTree Applications
2014-06-22 17:42 - 2014-03-26 22:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2014-06-22 17:41 - 2014-06-22 17:41 - 11227432 _____ () C:\Users\Richerts\Downloads\YTDSetup481.exe
2014-06-18 17:02 - 2013-01-09 16:23 - 00000000 ____D () C:\Users\Richerts\Documents\Steuerfälle
2014-06-17 07:01 - 2014-04-26 13:12 - 00002175 _____ () C:\Users\Public\Desktop\SteuerSparErklärung 2014.lnk
2014-06-12 18:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-12 15:27 - 2014-05-07 21:53 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-12 13:52 - 2014-06-03 20:22 - 00000000 ____D () C:\Users\Richerts\Desktop\UPPs
2014-06-12 10:08 - 2014-06-12 10:08 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-12 00:15 - 2013-08-24 12:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 00:15 - 2012-12-01 22:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 00:13 - 2012-11-24 16:51 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 17:51 - 2014-04-11 14:17 - 00000000 ____D () C:\Users\Richerts\Desktop\DUA_DUA_zeitreise_2_NRW_451026
2014-06-09 13:32 - 2014-06-09 13:32 - 00015872 _____ () C:\Users\Richerts\Downloads\Rueckmeldebogen Schuelerverhalten_positive Verstaerkung.xls
2014-06-08 10:48 - 2014-06-12 10:18 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-12 10:18 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 17:05 - 2014-06-02 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-03 20:45 - 2014-06-03 20:45 - 00691572 _____ () C:\Users\Richerts\Downloads\kommunikation.hlp
2014-06-03 17:53 - 2014-06-03 17:53 - 00000000 ____D () C:\Users\Richerts\AppData\Local\PDFCreator
2014-06-02 19:00 - 2014-06-02 19:00 - 00417416 _____ () C:\Users\Richerts\Downloads\diversevorlagen.zip
2014-06-02 16:53 - 2014-06-02 16:53 - 13525781 _____ () C:\Users\Richerts\Downloads\tesseract-ocr-setup-3.02.02.exe
2014-06-02 16:50 - 2014-06-02 16:50 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\pdfforge
2014-06-02 16:50 - 2014-06-02 16:50 - 00000000 ____D () C:\Program Files\PDFCreator
2014-06-02 16:50 - 2014-06-02 16:49 - 01825064 _____ () C:\Users\Richerts\Downloads\tesseract-ocr-3.02.deu.tar.gz
2014-06-02 10:44 - 2014-06-02 10:44 - 25055960 _____ (pdfforge ) C:\Users\Richerts\Downloads\PDFCreator-1_9_3-setup.exe
2014-06-01 22:29 - 2014-06-01 22:29 - 00045541 _____ () C:\Users\Richerts\Downloads\marseillaise_military.mid
2014-06-01 22:28 - 2014-06-01 22:28 - 00007107 _____ () C:\Users\Richerts\Downloads\marseillaise.mid
2014-06-01 22:09 - 2014-06-01 22:09 - 03238941 _____ () C:\Users\Richerts\Downloads\Sicherung_Millionenshow_AntikesGriechenland.zip
2014-06-01 21:59 - 2014-06-01 21:59 - 00102978 _____ () C:\Users\Richerts\Downloads\12Maerchen.zip
2014-05-31 12:12 - 2014-05-31 12:12 - 00000000 ____D () C:\Users\Richerts\Documents\Eendsoft
2014-05-31 12:12 - 2014-05-31 12:12 - 00000000 ____D () C:\ProgramData\firebird
2014-05-31 12:10 - 2014-05-31 12:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picto-Selector
2014-05-31 12:10 - 2014-05-31 12:03 - 00000000 ____D () C:\Program Files\Picto Selector
2014-05-31 12:03 - 2014-05-31 11:59 - 230896024 _____ (M.C. van der Kooij ) C:\Users\Richerts\Downloads\setup_complete.exe
2014-05-31 09:23 - 2014-05-31 09:23 - 00003332 _____ () C:\Users\Richerts\Downloads\McPower_Flag_of_Germany_(with_wind).svg
2014-05-31 09:14 - 2014-05-31 09:14 - 02086912 _____ () C:\Users\Richerts\Downloads\UE-Saeuren_im_Alltag.ppt
2014-05-30 23:54 - 2014-05-30 23:48 - 00000000 ____D () C:\Users\Richerts\Documents\Calibre-Bibliothek
2014-05-30 23:52 - 2014-05-30 23:47 - 00000000 ____D () C:\Users\Richerts\AppData\Roaming\calibre
2014-05-30 23:48 - 2014-05-30 23:48 - 00000000 ____D () C:\Users\Richerts\AppData\Local\calibre-cache
2014-05-30 23:47 - 2014-05-30 23:47 - 00000930 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk
2014-05-30 23:47 - 2014-05-30 23:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
2014-05-30 23:47 - 2014-05-30 23:47 - 00000000 ____D () C:\Program Files\Calibre2
2014-05-30 23:44 - 2014-05-30 23:44 - 00961360 _____ (Chip Digital GmbH) C:\Users\Richerts\Downloads\Calibre 32 Bit - CHIP-Installer.exe
2014-05-30 23:42 - 2014-05-30 23:39 - 208218905 _____ () C:\Users\Richerts\Downloads\eBook_OER_fuer_alle_Version2.0.epub
2014-05-30 11:18 - 2014-06-12 10:19 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 11:02 - 2014-06-12 10:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 11:02 - 2014-06-12 10:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 10:44 - 2014-06-12 10:19 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 10:43 - 2014-06-12 10:19 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 10:42 - 2014-06-12 10:19 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 10:19 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 10:34 - 2014-06-12 10:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 10:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 10:30 - 2014-06-12 10:19 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 10:28 - 2014-06-12 10:19 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 10:28 - 2014-06-12 10:19 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 10:27 - 2014-06-12 10:19 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 10:21 - 2014-06-12 10:19 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 10:16 - 2014-06-12 10:19 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 10:19 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 10:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:04 - 2014-06-12 10:19 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 10:19 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 09:57 - 2014-06-12 10:19 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 09:56 - 2014-06-12 10:19 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 09:54 - 2014-06-12 10:19 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 10:19 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 10:19 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 09:40 - 2014-06-12 10:19 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:21 - 2014-06-12 10:19 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:15 - 2014-06-12 10:19 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:13 - 2014-06-12 10:19 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 02:35 - 2014-05-30 02:35 - 00456088 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
Some content of TEMP:
====================
C:\Users\Richerts\AppData\Local\Temp\avgnt.exe
C:\Users\Richerts\AppData\Local\Temp\BackupSetup.exe
C:\Users\Richerts\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Richerts\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Richerts\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Richerts\AppData\Local\Temp\TUUUninstallHelper.exe
C:\Users\Richerts\AppData\Local\Temp\vcredist_x86.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-29 17:44
==================== End Of Log ============================
Additions.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:28-06-2014 02
Ran by Richerts at 2014-06-29 20:12:41
Running from C:\Users\Richerts\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installed Programs ======================
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
AudibleManager (HKLM\...\AudibleManager) (Version: 2007521904.48.56.4001002 - Audible, Inc.)
AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version: - AVM Berlin)
BCL easyConverter 3.0 Licensing Module (BCL License) (Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (Version: 3.0.18 - BCL Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO NAS Navigator2 (HKLM\...\UN060501) (Version: - )
calibre (HKLM\...\{39509A2F-C63C-404E-A4DC-7E6D4FCB6D66}) (Version: 1.39.0 - Kovid Goyal)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: - )
Canon MG4100 series Benutzerregistrierung (HKLM\...\Canon MG4100 series Benutzerregistrierung) (Version: - )
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - Canon Inc.)
Canon MG4100 series On-screen Manual (HKLM\...\Canon MG4100 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cornelsen Werkzeuge 3.6 (HKLM\...\{C55F20AB-2B65-434E-ABA7-6B70232B4602}) (Version: 3.6.0 - Cornelsen Verlag, Berlin)
Cornelsen Werkzeuge 3.6 Deutschbuch 5 DA (HKLM\...\{EBD27E31-235C-46B9-AC81-5FB466585A91}) (Version: 3.6.0 - Cornelsen Verlag)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Filzip 3.06 (HKLM\...\Filzip 3.0.6.93_is1) (Version: 3.0.6 - Philipp Engel)
Free Audio Converter version 5.0.43.605 (HKLM\...\Free Audio Converter_is1) (Version: 5.0.43.605 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.37.325 (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.37.325 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Google Calendar Sync (HKLM\...\Google Calendar Sync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Outlook Contact Sync 0.9.1.0 (HKLM\...\{3D6E90E1-602D-48C8-BBD2-28D1E183AE50}_is1) (Version: - Daniel Polistchuck)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{0718A90E-93AA-49AF-A4FE-0165ACD91DF0}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 1.26 (HKLM\...\KeePass Password Safe_is1) (Version: 1.26 - Dominik Reichl)
KeePass Password Safe 2.26 (HKLM\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.70.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 26.0 (x86 de) (HKLM\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMicroBalance (HKLM\...\{CAF30EE3-A2E2-47BE-A37B-96524BCB3EF5}) (Version: 2.5.5 - startzentrum GmbH & Co KG)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
OfficeOne AutoDateTime 5.2 (HKLM\...\AutoDateTime_is1) (Version: 5.2 - OfficeOne)
OpenVPN 2.3.4-I001 (HKLM\...\OpenVPN) (Version: 2.3.4-I001 - )
PDF Architect (HKLM\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDF24 Creator 5.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF2Word Converter Version 1.1.0 (Build 164) (HKLM\...\PDF2Word Converter_is1) (Version: PDF2Word Converter - Version 1.1.0 (Build 164) - Th. Hodes Software)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.9.3 - pdfforge)
Pfadfinder 2.0 (HKLM\...\{F0AF5265-0E76-4AC0-AE45-ACA6428D5EDA}) (Version: 1.0.18 - Bildungshaus Schulbuchverlage GmbH, Braunschweig)
Picto-Selector 1.6 (HKLM\...\{8032E8DE-1764-4F00-B19E-EF2DBBDB649B}_is1) (Version: - M.C. van der Kooij)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rund um (2.0) ... denkmal 1 NRW (HKLM\...\{CDC513C3-CC2E-4DAC-B5CA-6DB6442D9076}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Rund um (2.0) ... denkmal 2 NRW (HKLM\...\{6D1EF682-6935-4439-96F1-F4C379AB0D39}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Rund um (2.0) ... denkmal 3 NRW (HKLM\...\{77033758-56F0-4CD8-8838-013343D2C2B3}) (Version: 1.00.0000 - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Snap.Do Engine (HKCU\...\{40a7fe5c-faae-4b78-9a13-7f1da2b486a3}) (Version: 10.213.1.15234 - ReSoft Ltd.) <==== ATTENTION
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.0.12 - Safer-Networking Ltd.)
SteuerSparErklärung 2014 (HKLM\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.11.90 - Akademische Arbeitsgemeinschaft)
Sweet Home 3D version 4.1 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.201 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.8.9 - Shark007)
YTD Toolbar v8.9 (HKLM\...\{DA36FB9E-9020-47E6-9BDE-B33A6E36F0F4}) (Version: 8.9 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.8.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.1 - GreenTree Applications SRL)
ZoneAlarm Antivirus (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar (HKLM\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
==================== Restore Points =========================
20-06-2014 12:14:57 Geplanter Prüfpunkt
22-06-2014 21:19:04 Windows Update
27-06-2014 08:31:04 Windows Update
27-06-2014 21:57:36 TuneUp Utilities 2014 wird entfernt
27-06-2014 21:58:57 TuneUp Utilities 2014 (de-DE) wird entfernt
27-06-2014 21:59:55 Removed YTD Toolbar v8.9.
27-06-2014 22:00:34 Removed YTD Toolbar v8.9.
27-06-2014 22:01:16 Removed YTD Toolbar v8.9.
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {13085105-8B60-4C50-881B-8FE7DFE4E52D} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {182B6906-7E85-44F9-AD33-B2FEB3FA353B} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {19E08C53-8AE5-4866-9D2D-835371580F04} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {1AD36E28-3B09-4809-8DD7-77EE8B7A3133} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {2F35B5CC-B7BA-4891-8897-84C85AE5F617} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)
Task: {5541AC2F-47AD-41F8-899F-F6D8FDDCEA76} - System32\Tasks\Google Updater and Installer => C:\Users\Richerts\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {58D86865-3C12-44F7-8668-3E54566D9231} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {7238A56A-4A77-4FDF-A2C2-ECFFA9335ADC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)
Task: {7565736B-5202-4FCF-BD61-773032A4DB4C} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {770DBA33-FBC5-4F90-9343-FB16F8D7A5FF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {AACD8650-76DF-4AD2-8986-4A128CC3867D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {AEAC2326-0EC2-450B-840C-6BE873FECFA7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-29] (Google Inc.)
Task: {C20A1F27-A372-45D9-9A93-E40E55DC022A} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-24] (Samsung Electronics Co., Ltd.)
Task: {CA48358C-65BA-48F5-9971-95B9A86B49D0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {D46FB361-7BCD-4A7F-91CC-1EA2360951EF} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {E800C419-DDA8-4B21-A3F0-6DC9F1D4E375} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {F862C647-516C-423E-B16D-6CC0EAD1D8F4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F914D9F9-F094-403B-A208-6144FA93AB20} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-26 23:04 - 2014-03-26 23:04 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-03-14 16:06 - 2014-03-14 16:06 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-13 23:24 - 2012-11-13 14:06 - 00108960 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-05-13 23:24 - 2012-11-13 14:06 - 00416160 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-05-13 23:24 - 2012-11-13 14:06 - 00528288 _____ () C:\Program Files\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2013-05-13 23:24 - 2012-11-13 14:06 - 00158624 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-05-13 23:24 - 2012-11-13 14:06 - 00554400 _____ () C:\Program Files\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2012-11-25 01:07 - 2004-09-08 14:45 - 00368128 _____ () C:\Program Files\Filzip\fzshext.dll
2013-09-30 22:10 - 2011-02-07 09:56 - 00138192 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2013-05-13 23:24 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-10 22:53 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-10 22:53 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-10 22:53 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-10 22:53 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-10 22:53 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupfolder: C:^Users^Richerts^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/29/2014 07:56:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4945
Error: (06/29/2014 07:56:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4945
Error: (06/29/2014 07:56:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2014 07:56:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3916
Error: (06/29/2014 07:56:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3916
Error: (06/29/2014 07:56:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2014 07:56:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2574
Error: (06/29/2014 07:56:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2574
Error: (06/29/2014 07:56:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2014 07:56:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1435
System errors:
=============
Error: (06/26/2014 10:31:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/26/2014 10:31:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/26/2014 10:31:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/26/2014 10:31:50 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/22/2014 11:00:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/22/2014 11:00:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FreemakeVideoCapture erreicht.
Error: (06/20/2014 06:48:33 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}
Error: (06/18/2014 08:02:43 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TuneUp.UtilitiesSvc erreicht.
Error: (06/18/2014 08:02:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TuneUp.UtilitiesSvc erreicht.
Error: (06/18/2014 03:19:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TuneUp.UtilitiesSvc erreicht.
Microsoft Office Sessions:
=========================
Error: (06/29/2014 07:56:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4945
Error: (06/29/2014 07:56:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4945
Error: (06/29/2014 07:56:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2014 07:56:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3916
Error: (06/29/2014 07:56:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3916
Error: (06/29/2014 07:56:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2014 07:56:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2574
Error: (06/29/2014 07:56:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2574
Error: (06/29/2014 07:56:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2014 07:56:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1435
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3066.61 MB
Available physical RAM: 1556.2 MB
Total Pagefile: 6129.45 MB
Available Pagefile: 4017.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:222.88 GB) (Free:120.74 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: B6394A61)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=223 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Vielen Dank für Eure Mithilfe. Gruß, Peter |
Baum-Darstellung