Hallo, Leo,
danke für die schnelle Antwort. Hier die Logs:
AdwCleaner Logfile: Code:
# AdwCleaner v3.003 - Bericht erstellt am 14/09/2013 um 17:36:31
# Updated 07/09/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Hans-Dieter - HDS-NEU
# Gestartet von : E:\Downloads\windows\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{8A9386B4-E958-4C4C-ADF4-8F26DB3E4829}
Ordner Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\firejump@firejump.net
Datei Gelöscht : C:\Users\HANS-D~1\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\\invalidprefs.js
Datei Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\babylon1.xml
Datei Gelöscht : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [firejump@firejump.net]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasmancs
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0041560.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0041560.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0041560.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0041560.Sandbox.1
Schlüssel Gelöscht : HKCU\Software\aedd8cb63eeb48
Schlüssel Gelöscht : HKLM\SOFTWARE\aedd8cb63eeb48
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_abbyy-finereader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_abbyy-finereader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cognitive-openocr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_cognitive-openocr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_iconphile_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_iconphile_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411151160}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151160}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411151160}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110411151160}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411151160}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411151160}
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D85FFE92-BF14-4E9B-BCCD-E5C16069E65F}_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16686
-\\ Mozilla Firefox v23.0.1 (de)
[ Datei : C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.50dffd6f812b6.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.swe[...]
Zeile gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.id", "a83e2279000000000000782bcb7ff466");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15706");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.rvrt", "false");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=a83e2279000000000000782bcb7ff466&q=");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Zeile gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110195&tt=0113_3");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.218:46:08");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14116558bd663f3be5ad311a7dc52fd4");
[ Datei : C:\Users\Katalin\AppData\Roaming\Mozilla\Firefox\Profiles\399zx62w.default\prefs.js ]
-\\ Google Chrome v29.0.1547.66
[ Datei : C:\Users\Hans-Dieter\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : icon_url
Gelöscht : urls_to_restore_on_startup
*************************
AdwCleaner[R0].txt - [9970 octets] - [14/09/2013 17:35:10]
AdwCleaner[S0].txt - [8873 octets] - [14/09/2013 17:36:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8933 octets] ########## --- --- ---
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-09-2013 04
Ran by Hans-Dieter (administrator) on HDS-NEU on 14-09-2013 17:40:21
Running from E:\Downloads\windows
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Location Finder\LocationFinder.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
() C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
(Akamai Technologies, Inc.) C:\Users\Hans-Dieter\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Hans-Dieter\AppData\Local\Akamai\netsession_win.exe
(TomTom) C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe
(AVM Berlin) C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(Visagesoft) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspdfprsrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Microsoft Location Finder] - C:\Program Files (x86)\Microsoft Location Finder\LocationFinder.exe [121640 2006-11-14] (Microsoft Corporation)
HKCU\...\Run: [AVMUSBFernanschluss] - C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2013-01-27] (AVM Berlin)
HKCU\...\Run: [NokiaSuite.exe] - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1086376 2012-08-03] (Nokia)
HKCU\...\Run: [PC Suite Tray] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1479680 2010-05-14] (Nokia)
HKCU\...\Run: [dradio-RecorderTimer] - C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe [41472 2012-04-03] ()
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Hans-Dieter\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKCU\...\Run: [MyTomTomSA.exe] - C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe [455608 2013-05-23] (TomTom)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoControlPanel] 0
HKCU\...\Policies\Explorer: [NoFind] 0
HKCU\...\Policies\Explorer: [MaxRecentDocs] 20
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [GDFirewallTray] - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1854928 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-05-19] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5993216 2012-06-28] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Family Tree Builder Update] - C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe [2528256 2013-07-03] (MyHeritage)
HKLM-x32\...\Run: [ZALFree] - C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [12999984 2013-07-18] (Zemana Ltd.)
HKLM-x32\...\Run: [vspdfprsrv.exe] - C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspdfprsrv.exe [6078464 2012-04-23] (Visagesoft)
HKLM-x32\...\Run: [G Data AntiVirus Tray] - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe [1444304 2013-03-22] (G Data Software AG)
HKLM-x32\...\Run: [KeePass 2 PreLoad] - C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1937920 2013-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [G Data ASM] - C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [472016 2013-02-25] (G Data Software AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe [234872 2013-03-12] (Oracle Corporation)
HKU\Katalin\...\Policies\system: [DisableRegistryTools] 1
HKU\Katalin\...\Policies\system: [DisableLockWorkstation] 0
HKU\Katalin\...\Policies\system: [DisableTaskMgr] 1
HKU\Katalin\...\Policies\system: [DisableClock] 1
HKU\Katalin\...\Policies\system: [LogonHoursAction] 2
HKU\Katalin\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE4249~1.DLL [89936 2013-07-18] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL,c:\progra~3\browse~1\261040~1.25\{c16c1~1\browse~1.dll [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.search.yahoo.com/?fr=avantsearch7
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: FRITZ!Box Addon BHO - {C0C86BBE-9509-4296-8459-FDBFDAF4B673} - C:\Program Files\FRITZ!Box\AddOn (IE)\FBoxIESplitButton.dll (AVM Berlin)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
DPF: HKLM-x32 {210D0CBC-8B17-48D1-B294-1A338DD2EB3A} hxxp://bmontessori12.dyndns.org:1119/VatDec.cab
DPF: HKLM-x32 {45830FF9-D9E6-4F41-86ED-B266933D8E90} hxxp://bmontessori12.dyndns.org:1114/RtspVaPgDec.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default
FF DefaultSearchEngine: Wikipedia (de)
FF SelectedSearchEngine: Wikipedia (de)
FF Homepage: about:home
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "ftp", "87.250.52.230"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "87.250.52.230"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "87.250.52.230"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "87.250.52.230"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files (x86)\dradio-Recorder\npphonostarDetectNP.dll No File
FF SearchPlugin: C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\searchplugins\wikipdia-fr.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\951bb5c8-a6ed-4af6-a53c-1d3eec03d6dd@b61ef5da-5b52-4500-a9b4-273eca044964.com
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\fb_add_on@avm.de
FF Extension: Shopping-preise.de - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\mail@shopping-preise.de
FF Extension: Nokia Maps 3D browser plugin - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\maps@ovi.com
FF Extension: Forecastfox - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
FF Extension: WOT - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: DownloadHelper - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Cookies Manager+ - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}
FF Extension: client - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\client@anonymox.net.xpi
FF Extension: extension - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\extension@preispilot.com.xpi
FF Extension: jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0 - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\jid0-Oh6YfHwkh8Cb1Y4efKhBukwKfB0@jetpack.xpi
FF Extension: stealthyextension - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\stealthyextension@gmail.com.xpi
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{a3a5c777-f583-4fef-9380-ab4add1bc2a5}.xpi
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{BCC877E7-7F3F-4632-8338-DAEE4475DE35}.xpi
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi
FF Extension: No Name - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\extensions\mail@shopping-preise.de
FF Extension: Shopping-preise.de - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\Hans-Dieter\AppData\Roaming\Mozilla\Firefox\Profiles\l63f1fcz.default\extensions\extension@preispilot.com
Chrome:
=======
CHR HomePage: {"backup":{"homepage":true,"homepage_is_newtabpage":false,"session":{"restore_on_startup":4,"urls_to_restore_on_startup":["hxxp://www.google.com":1}}
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (YouTube) - C:\Users\HANS-D~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1
CHR Extension: (Google Search) - C:\Users\HANS-D~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1
CHR Extension: (TubeSaver-1) - C:\Users\HANS-D~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kenjjinakdkeiddddjnjpfcopdohlfem\1.24.17_0
CHR Extension: (Gmail) - C:\Users\HANS-D~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [nlnhpfecnnhhkemiahhebmfhnapimecl] - C:\ProgramData\SaveByclick\nlnhpfecnnhhkemiahhebmfhnapimecl.crx
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-09-26] ()
R2 AdobeActiveFileMonitor6.0; C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [1957840 2013-03-22] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [635344 2013-02-25] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2556384 2013-07-02] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2926672 2013-03-22] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [696808 2013-02-25] (G Data Software AG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-04-12] (Nero AG)
R2 OS Selector; C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2155848 2011-11-15] ()
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1328736 2012-09-24] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [656480 2012-09-24] (Secunia)
S4 Xmliwcdmp;
==================== Drivers (Whitelisted) ====================
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2013-01-27] (AVM Berlin)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [60248 2013-06-05] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [130392 2013-07-23] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [62808 2013-05-28] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64856 2013-07-23] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-08-10] (G Data Software)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-08-10] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [65368 2013-06-05] (G Data Software AG)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [25568 2013-07-18] (Zemana Ltd.)
S3 Pcouffin64; C:\Windows\System32\Drivers\pcouffin64a.sys [54816 2013-04-11] (VSO Software)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26936 2012-06-22] (Synaptics Incorporated)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-09-14 17:33 - 2013-09-14 17:36 - 00000000 ____D C:\AdwCleaner
2013-09-14 17:19 - 2013-09-14 17:19 - 00001088 _____ C:\Windows\system32\SettingsFile
2013-09-14 17:09 - 2013-09-14 17:09 - 00003108 _____ C:\Windows\System32\Tasks\{F06C9513-835E-4B07-A270-3BE8272F8E35}
2013-09-14 16:46 - 2013-09-14 16:46 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-09-14 16:45 - 2013-09-14 16:45 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\TuneUp Software
2013-09-14 16:44 - 2013-09-14 16:44 - 00003456 _____ C:\Windows\System32\Tasks\Reimage Reminder
2013-09-14 16:43 - 2013-09-14 16:44 - 00000000 ____D C:\rei
2013-09-14 16:43 - 2013-09-14 16:43 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\AVG SafeGuard toolbar
2013-09-14 16:43 - 2013-09-14 16:43 - 00000000 ____D C:\ProgramData\CDB
2013-09-14 16:41 - 2013-09-14 16:44 - 00000162 _____ C:\Windows\Reimage.ini
2013-09-14 14:56 - 2013-09-14 14:56 - 00096442 _____ C:\Users\Hans-Dieter\Desktop\gmer.txt
2013-09-14 14:22 - 2013-09-14 14:22 - 00000000 ____D C:\FRST
2013-09-13 09:57 - 2013-09-14 17:37 - 00001302 _____ C:\Windows\Tasks\TubeSaver-1-updater.job
2013-09-13 09:57 - 2013-09-14 17:37 - 00001206 _____ C:\Windows\Tasks\TubeSaver-1-codedownloader.job
2013-09-13 09:57 - 2013-09-14 17:37 - 00001106 _____ C:\Windows\Tasks\TubeSaver-1-enabler.job
2013-09-13 09:57 - 2013-09-13 09:57 - 00004332 _____ C:\Windows\System32\Tasks\TubeSaver-1-updater
2013-09-13 09:57 - 2013-09-13 09:57 - 00004236 _____ C:\Windows\System32\Tasks\TubeSaver-1-codedownloader
2013-09-13 09:57 - 2013-09-13 09:57 - 00004136 _____ C:\Windows\System32\Tasks\TubeSaver-1-enabler
2013-09-13 09:56 - 2013-09-14 17:37 - 00001914 _____ C:\Windows\Tasks\TubeSaver-1-chromeinstaller.job
2013-09-13 09:56 - 2013-09-14 17:37 - 00001838 _____ C:\Windows\Tasks\TubeSaver-1-firefoxinstaller.job
2013-09-13 09:56 - 2013-09-13 09:57 - 00000000 ____D C:\Program Files (x86)\TubeSaver-1
2013-09-12 22:52 - 2013-08-10 07:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-12 22:52 - 2013-08-10 07:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-12 22:52 - 2013-08-10 07:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-12 22:52 - 2013-08-10 07:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-12 22:52 - 2013-08-10 07:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-12 22:52 - 2013-08-10 07:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-12 22:52 - 2013-08-10 07:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-12 22:52 - 2013-08-10 05:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 22:52 - 2013-08-10 05:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 22:52 - 2013-08-10 05:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 22:52 - 2013-08-10 05:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-12 22:52 - 2013-08-10 05:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 22:52 - 2013-08-10 04:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-09-12 22:52 - 2013-08-10 04:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-12 15:36 - 2013-08-08 03:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-12 15:36 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2013-09-12 15:36 - 2013-08-02 04:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-09-12 15:36 - 2013-08-02 04:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-09-12 15:36 - 2013-08-02 04:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-09-12 15:36 - 2013-08-02 04:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-09-12 15:36 - 2013-08-02 04:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-09-12 15:36 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-09-12 15:36 - 2013-08-02 04:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-09-12 15:36 - 2013-08-02 04:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-09-12 15:36 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-12 15:36 - 2013-08-02 03:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-12 15:36 - 2013-08-02 03:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-12 15:36 - 2013-08-02 03:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-12 15:36 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-12 15:36 - 2013-08-02 03:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-09-12 15:36 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-09-12 15:36 - 2013-08-02 02:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-12 15:36 - 2013-08-02 02:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-12 15:36 - 2013-08-02 02:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-12 15:36 - 2013-08-02 02:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-12 15:36 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-12 15:36 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-12 15:36 - 2013-07-26 04:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-09-12 15:36 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-09-12 15:36 - 2013-07-26 03:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-12 15:36 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-12 14:42 - 2013-09-12 14:42 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\G Data
2013-09-07 14:59 - 2013-09-07 14:59 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Outlook
2013-09-05 15:52 - 2013-09-05 15:52 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\HTC Sync
2013-09-05 15:52 - 2013-09-05 15:52 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\HTC
2013-09-05 15:52 - 2013-09-05 15:52 - 00000000 ____D C:\ProgramData\HTC
2013-09-05 15:51 - 2013-09-14 17:38 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\HTC MediaHub
2013-09-05 15:51 - 2013-09-05 15:52 - 00000000 ____D C:\Users\Hans-Dieter\Documents\HTC
2013-09-05 15:51 - 2013-09-05 15:51 - 00000000 ____D C:\Users\Hans-Dieter\.android
2013-09-05 15:51 - 2013-09-05 15:51 - 00000000 ____D C:\ProgramData\Motorola
2013-09-05 15:50 - 2013-09-05 15:50 - 00001991 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2013-09-05 15:50 - 2013-09-05 15:50 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2013-09-05 15:50 - 2013-09-05 15:50 - 00000000 ____D C:\Program Files (x86)\HTC
2013-09-04 09:40 - 2013-09-04 09:40 - 00000051 _____ C:\Users\Hans-Dieter\Desktop\doodle.txt
2013-09-02 18:21 - 2013-09-02 19:49 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\vlc
2013-09-02 18:21 - 2013-09-02 18:21 - 00001026 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-27 18:33 - 2013-08-27 18:33 - 00001985 _____ C:\Users\Public\Desktop\Samsung AllShare.lnk
2013-08-18 09:13 - 2013-08-18 09:13 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\Program Files\iTunes
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\Program Files\iPod
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 09:28 - 2013-08-17 09:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-08-15 07:30 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 07:30 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 07:30 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 07:30 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-15 07:30 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-15 07:30 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-15 07:30 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-15 07:30 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-15 07:29 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-15 07:29 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-15 07:29 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 07:29 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-15 07:29 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 07:29 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-15 07:29 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 07:29 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
==================== One Month Modified Files and Folders =======
2013-09-14 17:38 - 2013-09-05 15:51 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\HTC MediaHub
2013-09-14 17:37 - 2013-09-13 09:57 - 00001302 _____ C:\Windows\Tasks\TubeSaver-1-updater.job
2013-09-14 17:37 - 2013-09-13 09:57 - 00001206 _____ C:\Windows\Tasks\TubeSaver-1-codedownloader.job
2013-09-14 17:37 - 2013-09-13 09:57 - 00001106 _____ C:\Windows\Tasks\TubeSaver-1-enabler.job
2013-09-14 17:37 - 2013-09-13 09:56 - 00001914 _____ C:\Windows\Tasks\TubeSaver-1-chromeinstaller.job
2013-09-14 17:37 - 2013-09-13 09:56 - 00001838 _____ C:\Windows\Tasks\TubeSaver-1-firefoxinstaller.job
2013-09-14 17:37 - 2012-09-26 13:19 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-14 17:37 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-14 17:37 - 2009-07-14 06:51 - 00098905 _____ C:\Windows\setupact.log
2013-09-14 17:36 - 2013-09-14 17:33 - 00000000 ____D C:\AdwCleaner
2013-09-14 17:36 - 2012-09-25 18:19 - 01224634 _____ C:\Windows\WindowsUpdate.log
2013-09-14 17:34 - 2009-07-14 06:45 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-14 17:34 - 2009-07-14 06:45 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-14 17:26 - 2012-09-25 17:59 - 00564538 _____ C:\Windows\PFRO.log
2013-09-14 17:19 - 2013-09-14 17:19 - 00001088 _____ C:\Windows\system32\SettingsFile
2013-09-14 17:09 - 2013-09-14 17:09 - 00003108 _____ C:\Windows\System32\Tasks\{F06C9513-835E-4B07-A270-3BE8272F8E35}
2013-09-14 16:57 - 2012-09-26 13:19 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-14 16:46 - 2013-09-14 16:46 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute
2013-09-14 16:45 - 2013-09-14 16:45 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\TuneUp Software
2013-09-14 16:44 - 2013-09-14 16:44 - 00003456 _____ C:\Windows\System32\Tasks\Reimage Reminder
2013-09-14 16:44 - 2013-09-14 16:43 - 00000000 ____D C:\rei
2013-09-14 16:44 - 2013-09-14 16:41 - 00000162 _____ C:\Windows\Reimage.ini
2013-09-14 16:43 - 2013-09-14 16:43 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\AVG SafeGuard toolbar
2013-09-14 16:43 - 2013-09-14 16:43 - 00000000 ____D C:\ProgramData\CDB
2013-09-14 16:04 - 2012-09-26 16:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-14 14:56 - 2013-09-14 14:56 - 00096442 _____ C:\Users\Hans-Dieter\Desktop\gmer.txt
2013-09-14 14:22 - 2013-09-14 14:22 - 00000000 ____D C:\FRST
2013-09-14 13:55 - 2012-09-26 16:03 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-14 13:55 - 2012-09-26 16:03 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-14 13:55 - 2012-09-26 12:15 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-14 13:54 - 2012-09-25 18:16 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\Adobe
2013-09-14 10:40 - 2013-05-24 12:05 - 00003440 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-09-13 19:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-09-13 10:52 - 2012-09-25 18:14 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Adobe
2013-09-13 10:52 - 2012-09-25 18:14 - 00000000 ____D C:\ProgramData\Adobe
2013-09-13 09:57 - 2013-09-13 09:57 - 00004332 _____ C:\Windows\System32\Tasks\TubeSaver-1-updater
2013-09-13 09:57 - 2013-09-13 09:57 - 00004236 _____ C:\Windows\System32\Tasks\TubeSaver-1-codedownloader
2013-09-13 09:57 - 2013-09-13 09:57 - 00004136 _____ C:\Windows\System32\Tasks\TubeSaver-1-enabler
2013-09-13 09:57 - 2013-09-13 09:56 - 00000000 ____D C:\Program Files (x86)\TubeSaver-1
2013-09-13 09:57 - 2012-11-13 12:28 - 00000000 ____D C:\Users\Hans-Dieter\Documents\Outlook-Dateien
2013-09-13 07:40 - 2012-09-26 15:42 - 00000000 ___RD C:\Users\Hans-Dieter\Virtual Machines
2013-09-13 07:40 - 2012-09-25 18:26 - 00000000 ___RD C:\Users\Hans-Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-09-13 07:40 - 2012-09-25 18:26 - 00000000 ___RD C:\Users\Hans-Dieter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-09-13 07:38 - 2009-07-14 06:45 - 00510088 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-12 22:53 - 2012-09-26 10:52 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-12 22:52 - 2013-08-02 09:35 - 00000000 ____D C:\Windows\system32\MRT
2013-09-12 22:47 - 2012-09-26 16:42 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-12 14:42 - 2013-09-12 14:42 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\G Data
2013-09-12 09:44 - 2012-09-26 12:19 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\CoreFTP
2013-09-11 18:21 - 2012-11-24 16:23 - 00000302 _____ C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job
2013-09-09 21:39 - 2012-09-26 11:12 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Skype
2013-09-09 09:15 - 2012-09-26 04:14 - 00701326 _____ C:\Windows\system32\perfh007.dat
2013-09-09 09:15 - 2012-09-26 04:14 - 00150226 _____ C:\Windows\system32\perfc007.dat
2013-09-09 09:15 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-08 09:47 - 2012-09-27 13:45 - 00027648 _____ C:\Users\Hans-Dieter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-07 14:59 - 2013-09-07 14:59 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Outlook
2013-09-05 15:52 - 2013-09-05 15:52 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\HTC Sync
2013-09-05 15:52 - 2013-09-05 15:52 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\HTC
2013-09-05 15:52 - 2013-09-05 15:52 - 00000000 ____D C:\ProgramData\HTC
2013-09-05 15:52 - 2013-09-05 15:51 - 00000000 ____D C:\Users\Hans-Dieter\Documents\HTC
2013-09-05 15:52 - 2012-09-25 18:43 - 00147424 _____ C:\Users\Hans-Dieter\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-05 15:51 - 2013-09-05 15:51 - 00000000 ____D C:\Users\Hans-Dieter\.android
2013-09-05 15:51 - 2013-09-05 15:51 - 00000000 ____D C:\ProgramData\Motorola
2013-09-05 15:51 - 2012-10-18 17:16 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\Apple Computer
2013-09-05 15:51 - 2012-09-30 07:24 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Apple Computer
2013-09-05 15:51 - 2012-09-25 18:25 - 00000000 ____D C:\Users\Hans-Dieter
2013-09-05 15:50 - 2013-09-05 15:50 - 00001991 _____ C:\Users\Public\Desktop\HTC Sync Manager.lnk
2013-09-05 15:50 - 2013-09-05 15:50 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2013-09-05 15:50 - 2013-09-05 15:50 - 00000000 ____D C:\Program Files (x86)\HTC
2013-09-05 15:50 - 2012-09-26 18:24 - 00055590 _____ C:\Windows\DPINST.LOG
2013-09-05 15:49 - 2012-09-25 18:36 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\Downloaded Installations
2013-09-04 12:00 - 2012-09-26 13:20 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-04 09:40 - 2013-09-04 09:40 - 00000051 _____ C:\Users\Hans-Dieter\Desktop\doodle.txt
2013-09-02 19:49 - 2013-09-02 18:21 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\vlc
2013-09-02 18:21 - 2013-09-02 18:21 - 00001026 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-08-31 14:04 - 2012-09-26 18:25 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\PC Suite
2013-08-29 11:04 - 2013-01-26 13:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-08-29 11:04 - 2012-09-26 11:12 - 00000000 ____D C:\ProgramData\Skype
2013-08-27 18:33 - 2013-08-27 18:33 - 00001985 _____ C:\Users\Public\Desktop\Samsung AllShare.lnk
2013-08-27 18:33 - 2013-03-04 19:47 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Samsung
2013-08-27 18:33 - 2013-03-04 19:47 - 00000000 ____D C:\Program Files (x86)\Samsung
2013-08-25 19:05 - 2012-10-09 14:10 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\Nero
2013-08-25 18:05 - 2012-11-23 16:55 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Local\Nero
2013-08-19 12:33 - 2012-10-02 15:44 - 00000000 ____D C:\Users\Hans-Dieter\AppData\Roaming\XnView
2013-08-19 07:06 - 2012-09-25 18:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-08-18 09:13 - 2013-08-18 09:13 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\Program Files\iTunes
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\Program Files\iPod
2013-08-18 09:13 - 2013-08-18 09:13 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-08-17 09:28 - 2013-08-17 09:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
Some content of TEMP:
====================
C:\Users\Hans-Dieter\AppData\Local\Temp\AVG_AV_Setup.exe
C:\Users\Hans-Dieter\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Hans-Dieter\AppData\Local\Temp\oi_{00C24E89-E05D-4274-BDC2-723556120346}.exe
C:\Users\Hans-Dieter\AppData\Local\Temp\Quarantine.exe
C:\Users\Hans-Dieter\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Hans-Dieter\AppData\Local\Temp\vlc-2.0.8-win32.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-09-11 08:02
==================== End Of Log ============================ --- --- ---
--- --- ---
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2013 04
Ran by Hans-Dieter at 2013-09-14 17:41:41
Running from E:\Downloads\windows
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
Acoustica 4.1 (x32 Version: 4.1)
Acronis*Disk*Director*11*Home (x32 Version: 11.0.2343)
Acronis*True*Image*Home 2012 (x32 Version: 15.0.7133)
Adobe AIR (x32 Version: 2.7.1.19610)
Adobe Anchor Service CS4 (x32 Version: 2.0)
Adobe Bridge CS4 (x32 Version: 3)
Adobe CMaps CS4 (x32 Version: 2.0)
Adobe CSI CS4 (x32 Version: 1)
Adobe CSI CS4 x64 (Version: 1)
Adobe Default Language CS4 (x32 Version: 2.0)
Adobe Device Central CS4 (x32 Version: 2)
Adobe Dreamweaver CS4 (x32 Version: 10.0)
Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0)
Adobe Extension Manager CS4 (x32 Version: 2.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.174)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Media Player (x32 Version: 0.0.0)
Adobe Media Player (x32 Version: 1.1)
Adobe Output Module (x32 Version: 2.0)
Adobe PDF Library Files CS4 (x32 Version: 9.0)
Adobe Photoshop CS (x32 Version: CS)
Adobe Photoshop Elements 6.0 (x32 Version: 6.0)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Adobe Search for Help (x32 Version: 1.0)
Adobe Service Manager Extension (x32 Version: 1.0)
Adobe Setup (x32 Version: 2.0)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.2.122)
Adobe Type Support CS4 (x32 Version: 9.0)
Adobe Update Manager CS4 (x32 Version: 6.0.0)
Adobe XMP Panels CS4 (x32 Version: 2.0)
Advanced Driver Updater (x32 Version: 2.1.1086.14563)
Akamai NetSession Interface (HKCU)
AntiLogger Free version 1.6.2.242 (x32 Version: 1.6.2.242)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 11.6.0.51110)
ATI Catalyst Install Manager (Version: 3.0.800.0)
Autodesk DWG TrueView 2014 (Version: 19.1.18.0)
AVM FRITZ!Box AddOn (IE) (x64) (Version: 1.7.0)
BCL easyConverter Desktop 3 (Word Version) (x32 Version: 3.0.18)
Bonjour (Version: 3.0.0.10)
Broadcom NetXtreme-I Netlink Driver and Management Installer (Version: 12.54.02)
Brother MFL-Pro Suite MFC-J625DW (x32 Version: 1.0.19.0)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (x32 Version: 1.5.0.3)
Canon Internet Library for ZoomBrowser EX (x32 Version: 1.6.1.6)
Canon RAW Image Task for ZoomBrowser EX (x32 Version: 3.3.0.5)
Canon Utilities CameraWindow (x32 Version: 7.1.0.2)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (x32 Version: 6.4.2.16)
Canon Utilities Digital Photo Professional 3.4 (x32 Version: 3.4.0.0)
Canon Utilities EOS Utility (x32 Version: 2.4.0.1)
Canon Utilities MyCamera (x32 Version: 6.4.0.5)
Canon Utilities PhotoStitch (x32 Version: 3.1.21.45)
Canon Utilities Picture Style Editor (x32 Version: 1.3.0.0)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (x32 Version: 1.7.1.9)
Canon Utilities WFT-E1/E2/E3 Utility (x32 Version: 3.2.1.1)
Canon Utilities ZoomBrowser EX (x32 Version: 6.1.1.21)
Canon ZoomBrowser EX Memory Card Utility (x32 Version: 1.1.0.8)
capella 7 (x32 Version: 7.1.16)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.1110.1532.27809)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.1110.1532.27809)
Catalyst Control Center InstallProxy (x32 Version: 2010.1110.1532.27809)
Catalyst Control Center Localization All (x32 Version: 2010.1110.1532.27809)
CCC Help Chinese Standard (x32 Version: 2010.1110.1531.27809)
CCC Help Chinese Traditional (x32 Version: 2010.1110.1531.27809)
CCC Help Czech (x32 Version: 2010.1110.1531.27809)
CCC Help Danish (x32 Version: 2010.1110.1531.27809)
CCC Help Dutch (x32 Version: 2010.1110.1531.27809)
CCC Help English (x32 Version: 2010.1110.1531.27809)
CCC Help Finnish (x32 Version: 2010.1110.1531.27809)
CCC Help French (x32 Version: 2010.1110.1531.27809)
CCC Help German (x32 Version: 2010.1110.1531.27809)
CCC Help Greek (x32 Version: 2010.1110.1531.27809)
CCC Help Hungarian (x32 Version: 2010.1110.1531.27809)
CCC Help Italian (x32 Version: 2010.1110.1531.27809)
CCC Help Japanese (x32 Version: 2010.1110.1531.27809)
CCC Help Korean (x32 Version: 2010.1110.1531.27809)
CCC Help Norwegian (x32 Version: 2010.1110.1531.27809)
CCC Help Polish (x32 Version: 2010.1110.1531.27809)
CCC Help Portuguese (x32 Version: 2010.1110.1531.27809)
CCC Help Russian (x32 Version: 2010.1110.1531.27809)
CCC Help Spanish (x32 Version: 2010.1110.1531.27809)
CCC Help Swedish (x32 Version: 2010.1110.1531.27809)
CCC Help Thai (x32 Version: 2010.1110.1531.27809)
CCC Help Turkish (x32 Version: 2010.1110.1531.27809)
ccc-core-static (x32 Version: 2010.1110.1532.27809)
ccc-utility64 (Version: 2010.1110.1532.27809)
Connect (x32 Version: 1.0.0.1)
Core FTP LE (x64) (x32)
Core FTP LE 2.1 (x32)
D3DX10 (x32 Version: 15.4.2368.0902)
DDBAC (x32 Version: 5.3.3)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Der Stammbaum 2.0 (x32 Version: 1.00.0000)
DHTML Editing Component (x32 Version: 6.02.0001)
dradio-Recorder Version 3.02.6 (x32)
Dropbox (HKCU Version: 2.2.3)
E-Postbrief Add-In für Microsoft Word Version 1.17 (x32 Version: 1.17)
eReg (x32 Version: 1.20.138.34)
eXPert PDF Editor (x32 Version: 1.5.1050.0)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.23.0)
Free PDF to Word Doc Converter v1.1 (x32 Version: 1.1)
FreeOCR v4.2 (x32)
FRITZ!Box USB-Fernanschluss (HKCU Version: 2.3.0.2)
G Data InternetSecurity 2014 (x32 Version: 24.0.2.5)
Garmin BaseCamp (x32 Version: 4.1.2)
Garmin USB Drivers (x32 Version: 2.3.1.0)
GeoSetter 3.4.16 (x32)
Google Chrome (x32 Version: 29.0.1547.66)
Google Earth (x32 Version: 7.1.1.1888)
Google Update Helper (x32 Version: 1.3.21.153)
GrampsAIO32 (x32 Version: 3.4.2-1)
HTC Driver Installer (x32 Version: 4.3.0.001)
HTC Sync Manager (x32 Version: 2.1.55.0)
IPTInstaller (x32 Version: 4.0.8)
IrfanView (remove only) (x32 Version: 4.36)
iTunes (Version: 11.0.5.5)
Java 7 Update 13 (64-bit) (Version: 7.0.130)
Java Auto Updater (x32 Version: 2.1.9.5)
JavaFX 2.2.5 (64-bit) (Version: 2.2.5)
KeePass Password Safe 2.21 (x32)
Kindersicherung 2012 (x32)
kuler (x32 Version: 2.0)
Lexware Info Service (x32 Version: 2.90.00.0009)
Lexware online banking (x32 Version: 15.00.00.0005)
LightScribe System Software (x32 Version: 1.18.22.2)
Logitech SetPoint 6.32 (Version: 6.32.20)
Lotus Notes 6.5.1 de (x32 Version: 6.501.421)
Lupas Rename 2000 v5.0 Release (x32)
MAGIX Digital Foto Maker 9 Download-Version (x32 Version: 7.0.0.49)
MAGIX Fotobuch 3.6 (x32 Version: 3.6)
MAGIX Online Druck Service (x32 Version: 3.4.3.0)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Xtreme Foto Designer 6 (x32 Version: 6.0.28.0)
MailAppEML 2012.8.10 (x32)
MetaEditor (x32 Version: 1.0.0)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.1.0.0)
Microsoft Corporation (x32 Version: 9.1.0.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Location Finder (x32 Version: 3.0)
Microsoft Office 2010 Primary Interop Assemblies (x32 Version: 14.0.4763.1150)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.7015.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Single Image 2010 (Version: 14.0.7015.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1)
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1)
MozBackup 1.5.1 (x32)
Mozilla Firefox 23.0.1 (x86 de) (x32 Version: 23.0.1)
Mozilla Maintenance Service (x32 Version: 23.0.1)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
MSVC80_x64_v2 (Version: 1.0.3.0)
MSVC80_x86_v2 (x32 Version: 1.0.3.0)
MSVC90_x64 (Version: 1.0.1.2)
MSVC90_x86 (x32 Version: 1.0.1.2)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSVCRT110 (x32 Version: 16.4.1108.0727)
MSVCRT110_amd64 (Version: 16.4.1109.0912)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Multimedia Card Reader (x32 Version: 1.6.915.87)
My Dell (Version: 3.3.6280.92)
MyHeritage Family Tree Builder (x32 Version: 7.0.0.7117)
MyTomTom 3.2.0.1116 (x32 Version: 3.2.0.1116)
Nero 11 Cliparts (x32 Version: 11.0.11200.12.0)
Nero 11 Platinum (x32 Version: 11.2.00700)
Nero 11 Video Samples (x32 Version: 11.0.11200.12.0)
Nero Abstract Themes (x32 Version: 12.0.11500)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0)
Nero BackItUp 11 (x32 Version: 6.2.18400.2.100)
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Backup Drivers (Version: 12.0.4000)
Nero Blu-ray Player (x32 Version: 12.0.17700)
Nero Burning ROM 11 (x32 Version: 11.2.10300.0.0)
Nero Burning ROM 11 Help (CHM) (x32 Version: 11.0.10300)
Nero ControlCenter (x32 Version: 11.0.15500)
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Core Components (x32 Version: 11.0.19400)
Nero CoverDesigner 11 (x32 Version: 6.0.11000.13.100)
Nero CoverDesigner 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Disc Menus 1 (x32 Version: 12.0.11500)
Nero Disc Menus 2 (x32 Version: 12.0.11500)
Nero Disc Menus 3 (x32 Version: 12.0.11500)
Nero Disc Menus Basic (x32 Version: 12.0.11500)
Nero Effects Basic (x32 Version: 12.0.11500)
Nero Express 11 (x32 Version: 11.2.10300.0.0)
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Family and Events Themes (x32 Version: 12.0.11500)
Nero Football (Soccer) Themes (x32 Version: 12.0.11500)
Nero Holiday and Sports Themes (x32 Version: 12.0.11500)
Nero Image Samples (x32 Version: 12.0.11500)
Nero Kwik Media (x32 Version: 1.18.19600)
Nero Kwik Media Help (CHM) (x32 Version: 12.0.3000)
Nero Kwik Themes Basic (x32 Version: 12.0.11500)
Nero PiP Effects 1 (x32 Version: 12.0.11500)
Nero PiP Effects Basic (x32 Version: 12.0.11500)
Nero Recode 11 (x32 Version: 5.2.10900.0.0)
Nero Recode 11 Help (CHM) (x32 Version: 11.0.10600)
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100)
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400)
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0)
Nero SoundTrax 11 (x32 Version: 5.0.10700.6.100)
Nero SoundTrax 11 Help (CHM) (x32 Version: 11.0.10400)
Nero Update (x32 Version: 11.0.11500.28.0)
Nero Video 11 (x32 Version: 8.2.15700.3.100)
Nero Video 11 Help (CHM) (x32 Version: 11.0.10300)
Nero Video Transitions 1 (x32 Version: 12.0.11500)
Nero WaveEditor 11 (x32 Version: 6.2.11300.0.100)
Nero WaveEditor 11 Help (CHM) (x32 Version: 11.0.10400)
nero.prerequisites.msi (x32 Version: 11.0.20010)
Nokia Connectivity Cable Driver (x32 Version: 7.1.78.0)
Nokia PC Suite (x32 Version: 7.1.51.0)
Nokia Suite (x32 Version: 3.5.34.0)
PC Connectivity Solution (x32 Version: 12.0.32.0)
PDF Architect (x32 Version: 1.1.83.9982)
PDF Editor 3 (x32)
PDF Experte 8 Professional (x32 Version: 8.0.0140.0)
PDFCreator (x32 Version: 1.7.1)
Photoshop Camera Raw (x32 Version: 5.0)
Picasa 3 (x32 Version: 3.9)
Plus Pack für Acronis True Image Home 2012 (x32 Version: 15.0.7133)
Poedit (x32 Version: 1.5.4)
Preispilot für Firefox (x32 Version: 2.0)
Quicken 2011 - ServicePack 4 (x32 Version: 18.04.00.0123)
Quicken 2011 (x32 Version: 18.00.00.0084)
Quicken Deluxe 2011 (x32 Version: 18.00.00.0084)
Quicken DELUXE Jubiläumsversion (x32 Version: 20.36.00.0134)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6716)
Recuva (Version: 1.47)
Rossmann Fotowelt Software 4.12.1 (x32 Version: 4.12.1)
Samsung AllShare (x32 Version: 2.1.0.12031_10)
Secunia PSI (3.0.0.4001) (x32 Version: 3.0.0.4001)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition
shopping-preise.de AddOn Firefox (x32 Version: 2.81)
SIW version 2011.10.29 (x32 Version: 2011.10.29)
Skype™ 6.6 (x32 Version: 6.6.106)
SMOz (x32 Version: 0.7.1)
Suite Shared Configuration CS4 (x32 Version: 1.0)
swMSM (x32 Version: 12.0.0.1)
TAXMAN 2012 spezial (x32 Version: 18.09.00.0004)
TAXMAN 2013 spezial (x32 Version: 19.06.00.0003)
TeamViewer 8 (x32 Version: 8.0.19617)
TomTom HOME (x32 Version: 2.9.5)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2)
T-Online 6.0 (x32)
T-Online WLAN-Access Finder (x32)
TubeSaver-1 (x32 Version: 1.28.153.3)
Universal Password Manager (x32 Version: 1.8)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0)
Visual Studio C++ 9.0 Runtime (x32 Version: 1.0.0)
VLC media player 2.0.8 (x32 Version: 2.0.8)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205)
Windows Live Essentials (x32 Version: 16.4.3508.0205)
Windows Live Family Safety (Version: 16.4.3508.0205)
Windows Live Family Safety (x32 Version: 16.4.3508.0205)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0)
Windows Live Installer (x32 Version: 16.4.3508.0205)
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205)
Windows Live SOXE (x32 Version: 16.4.3508.0205)
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205)
Windows Live UX Platform (x32 Version: 16.4.3508.0205)
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
Windows-Treiberpaket - Nokia Modem (06/09/2010 4.5) (Version: 06/09/2010 4.5)
Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.7) (Version: 06/09/2010 7.01.0.7)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0)
XnView 1.99.1 (x32 Version: 1.99.1)
Xvid Video Codec (x32 Version: 1.3.2)
Yahoo! Detect (x32)
zebNet Windows Keyfinder 2012 R2 (x32 Version: 4.0.0)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2012-11-11 10:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {0072F6B6-CD40-475F-AF67-31FB14029C85} - System32\Tasks\TubeSaver-1-firefoxinstaller => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-firefoxinstaller.exe [2013-09-13] (YTSsaver)
Task: {044A6734-E90E-4F8F-B357-B2DC8AB3B5EC} - System32\Tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime => Sc.exe start w32time task_started
Task: {06C50921-D78C-4329-B09E-38741FAB48BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26] (Google Inc.)
Task: {06FE04F4-6B78-42D3-BA85-CF79E8A6422B} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files (x86)\Advanced Driver Updater\adu.exe [2012-10-19] (Systweak Inc)
Task: {10CD61D0-138F-4353-99F1-45B674406A7F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2B6B6F9B-4766-412D-914C-FE78D7409027} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-20] (Microsoft Corporation)
Task: {530E7746-1882-42DE-A044-7F45F875F014} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {5D90C769-1E23-4661-A98A-1202EEA75A81} - System32\Tasks\TubeSaver-1-codedownloader => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-codedownloader.exe [2013-09-13] (YTSsaver)
Task: {5E0AF02F-FAC0-4E44-89CA-037198D94E44} - System32\Tasks\TubeSaver-1-chromeinstaller => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-chromeinstaller.exe [2013-09-13] (YTSsaver)
Task: {5F6691DD-F23D-4A94-9D8C-D942E6F84C23} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-14] (Adobe Systems Incorporated)
Task: {5FAA746C-77FE-4B61-8451-AC9D350055BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-26] (Google Inc.)
Task: {6454DC62-1E23-4CAF-8D58-D3703037882F} - System32\Tasks\TubeSaver-1-enabler => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-enabler.exe [2013-09-13] (YTSsaver)
Task: {8907512D-7C98-4990-9234-5DB1BBDF7C36} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-07-18] (PC-Doctor, Inc.)
Task: {908F764E-10EB-4561-9132-BCE0319A1DB9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-05-07] (PC-Doctor, Inc.)
Task: {990CFBF3-BFE1-4F4C-8F63-171B41FD14EA} - System32\Tasks\SystemToolsDailyTest => C:\Windows\System32\uaclauncher.exe
Task: {A2557FFD-E60A-433B-A2C3-475B699C1342} - System32\Tasks\TubeSaver-1-updater => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-updater.exe [2013-09-13] (YTSsaver)
Task: {AEADC084-2779-4919-B214-C79FD461FBD2} - System32\Tasks\{310B137E-8DFE-4876-A49D-855298A69D8D} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.2.0.158.259&LastError=404
Task: {C44533E5-CF9A-450E-BCAC-560086CD44C2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C4AD9D93-76FD-4A47-A531-DCDA09158736} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files (x86)\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\TubeSaver-1-chromeinstaller.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-chromeinstaller.exe
Task: C:\Windows\Tasks\TubeSaver-1-codedownloader.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-codedownloader.exe
Task: C:\Windows\Tasks\TubeSaver-1-enabler.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-enabler.exe
Task: C:\Windows\Tasks\TubeSaver-1-firefoxinstaller.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-firefoxinstaller.exe
Task: C:\Windows\Tasks\TubeSaver-1-updater.job => C:\Program Files (x86)\TubeSaver-1\TubeSaver-1-updater.exe
==================== Loaded Modules (whitelisted) =============
2013-01-09 16:31 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-21 14:18 - 2013-07-18 15:03 - 00089936 _____ (Zemana Ltd.) C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(9).dll
2009-07-14 02:22 - 2009-07-14 03:38 - 00081408 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Windows\System32\l3codeca.acm
2009-07-14 01:37 - 2009-07-14 03:39 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\Dwm.exe
2012-09-26 07:48 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\Explorer.EXE
2013-06-14 01:00 - 2013-06-14 01:00 - 00164016 _____ (Dropbox, Inc.) C:\Users\Hans-Dieter\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
2012-06-28 20:49 - 2012-06-28 20:49 - 03851928 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2012-03-16 14:02 - 2012-03-16 14:02 - 00325984 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\timounter64.dll
2013-02-25 05:16 - 2013-02-25 05:16 - 01514448 ____N (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Shredder\Reisswlf64.dll
2013-08-15 18:19 - 2013-08-15 18:19 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-09-26 12:14 - 2012-04-03 17:14 - 00041472 _____ () C:\Program Files (x86)\dradio-Recorder\phonostarTimer.exe
2013-06-05 01:01 - 2013-06-05 01:01 - 04489472 _____ (Akamai Technologies, Inc.) C:\Users\Hans-Dieter\AppData\Local\Akamai\netsession_win.exe
2013-01-27 09:42 - 2013-01-27 09:42 - 00322032 ____N (AVM Berlin) C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe
2009-07-14 01:56 - 2009-07-14 03:39 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\NOTEPAD.EXE
2013-03-22 04:55 - 2013-03-22 04:55 - 01854928 ____N (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
2012-06-28 20:46 - 2012-06-28 20:46 - 05993216 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2013-07-03 13:52 - 2013-07-03 13:52 - 02528256 _____ (MyHeritage) C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
2013-01-26 16:44 - 2013-07-18 15:03 - 12999984 _____ (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
2013-03-06 18:50 - 2012-04-23 15:45 - 06078464 _____ (Visagesoft) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspdfprsrv.exe
2013-03-22 05:04 - 2013-03-22 05:04 - 01444304 ____N (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
2013-02-25 04:58 - 2013-02-25 04:58 - 00729552 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe
2013-02-25 04:57 - 2013-02-25 04:57 - 00305104 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeLDR64.dll
2013-02-25 05:18 - 2013-02-25 05:18 - 00472016 ____N (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe
2012-09-26 07:48 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2012-09-26 07:46 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2012-09-26 10:03 - 2012-09-06 08:32 - 01411584 _____ (Brother Industries, Ltd.) C:\Windows\system32\spool\DRIVERS\x64\3\BRUIIB1A.DLL
2012-09-26 10:03 - 2012-09-06 08:32 - 00090624 _____ (Brother Industries Ltd.) C:\Windows\system32\spool\DRIVERS\x64\3\BRDSMB00.DLL
2012-09-26 10:03 - 2012-09-06 08:32 - 00114688 _____ (Brother Industries, Ltd.) C:\Windows\system32\spool\DRIVERS\x64\3\BRLGIB1A_0007.DLL
2013-09-14 14:21 - 2013-09-14 14:21 - 01950312 _____ (Farbar) E:\Downloads\windows\FRST64.exe
2012-09-26 07:47 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-07-21 14:18 - 2013-07-18 15:03 - 00082696 _____ (Zemana Ltd.) C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(9).dll
2012-08-03 16:06 - 2012-08-03 16:06 - 08506792 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 02353576 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 01013672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00363944 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 02480552 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 01346472 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00205736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 02652584 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00032680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00035240 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00206760 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 11166120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2012-08-03 16:07 - 2012-08-03 16:07 - 00276392 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2012-07-02 11:29 - 2012-07-02 11:29 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2012-07-02 11:29 - 2012-07-02 11:29 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00437672 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00445864 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00520104 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2012-08-03 16:06 - 2012-08-03 16:06 - 00720296 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2012-08-03 16:05 - 2012-08-03 16:05 - 00604072 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2012-07-02 11:28 - 2012-07-02 11:28 - 00110080 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\mediaservice\dsengine.dll
2012-05-21 14:21 - 2012-05-21 14:21 - 00430080 _____ (Emuzed Inc. ) C:\Program Files (x86)\Common Files\Nokia\Codecs\EmzMp4Source.dll
2008-08-12 11:16 - 2008-08-12 11:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 14:01 - 2008-07-29 14:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 13:50 - 2008-07-29 13:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 14:47 - 2008-07-29 14:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 14:11 - 2008-07-29 14:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00026040 _____ () C:\Program Files (x86)\MyTomTom 3\DeviceDetection.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00074680 _____ () C:\Program Files (x86)\MyTomTom 3\TomTomSupporterBase.dll
2012-12-07 11:50 - 2012-12-07 11:50 - 02555392 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files (x86)\MyTomTom 3\QtCore4.dll
2013-05-23 13:53 - 2013-05-23 13:53 - 00279480 _____ () C:\Program Files (x86)\MyTomTom 3\TomTomSupporterProxy.dll
2012-12-07 11:52 - 2012-12-07 11:52 - 01028096 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files (x86)\MyTomTom 3\QtNetwork4.dll
2012-12-07 11:50 - 2012-12-07 11:50 - 00355840 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files (x86)\MyTomTom 3\QtXml4.dll
2012-12-07 12:08 - 2012-12-07 12:08 - 08090112 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Program Files (x86)\MyTomTom 3\QtGui4.dll
2013-01-27 09:42 - 2013-01-27 09:42 - 00215040 _____ (AVM Berlin) C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\avmacc32.dll
2013-01-27 09:42 - 2013-01-27 09:42 - 00126960 _____ (AVM Berlin GmbH) C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\managedupnp.DLL
2013-01-27 09:42 - 2013-01-27 09:42 - 00756224 _____ (AVM Berlin) C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\avmcsock.dll
2013-01-27 09:42 - 2013-01-27 09:42 - 00305664 _____ (AVM Berlin) C:\Users\Hans-Dieter\AppData\Local\Apps\2.0\P2EZC2G6.D1J\ZTJ8VNON.6C0\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\upnpapicli.dll
2013-02-25 04:12 - 2013-02-25 04:12 - 01019344 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\ObjBrwse.dll
2013-02-25 14:59 - 2013-02-25 14:59 - 01633768 _____ (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Common\AVKRes.dll
2012-09-26 10:03 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-05-03 14:50 - 2012-05-03 14:50 - 00116064 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2012-02-27 12:44 - 2012-02-27 12:44 - 00267616 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\SnapAPI\snapapi.dll
2012-06-28 20:46 - 2012-06-28 20:46 - 13005184 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2012-06-28 16:12 - 2012-06-28 16:12 - 00288128 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\Common\libssl10.dll
2012-06-28 16:11 - 2012-06-28 16:11 - 01328512 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\Common\libcrypto10.dll
2012-06-28 16:22 - 2012-06-28 16:22 - 00027008 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\Common\thread_pool.dll
2012-06-28 20:27 - 2012-06-28 20:27 - 00234880 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\Common\sync_agent_api.dll
2012-06-28 20:23 - 2012-06-28 20:23 - 00058240 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\Common\rpc_client.dll
2012-04-27 17:50 - 2012-04-27 17:50 - 03471648 _____ (Acronis) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\tdrpapi.dll
2013-03-06 18:50 - 2012-04-23 15:45 - 01186816 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\TMSlite160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 03660800 _____ (Project JEDI) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\Jcl160.bpl
2013-03-06 18:50 - 2012-04-11 20:06 - 00087552 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspropsaver160.bpl
2013-03-06 18:50 - 2012-04-11 20:06 - 02478080 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vsvector160.bpl
2013-03-06 18:50 - 2012-03-29 18:00 - 04119552 _____ (visagesoft) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vsgdi.dll
2013-03-06 18:50 - 2012-04-23 15:45 - 04681216 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspdfcore160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 02693120 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\BBlite160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 00025088 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vstrees160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 00064512 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vsprinters160.bpl
2013-03-06 18:50 - 2012-04-11 20:06 - 00064512 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspdfprinter160.bpl
2013-03-06 18:50 - 2011-09-30 19:10 - 00684032 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\js32.dll
2013-03-06 18:50 - 2012-04-23 15:45 - 00097280 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\expertpdfcore160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 00253952 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\IndySystem160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 02506752 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\IndyProtocols160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 00387584 _____ (Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\IndyCore160.bpl
2013-03-06 18:50 - 2012-04-11 20:06 - 02253824 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\PKIECtrl160.bpl
2013-03-06 18:50 - 2012-04-23 15:45 - 00517120 _____ () C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\vspdfeditor160.bpl
2013-03-06 18:50 - 2011-01-19 17:49 - 00156160 _____ (Avanquest Software) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\Snapu.dll
2013-03-06 18:50 - 2010-04-06 15:41 - 00316416 _____ (Avanquest Software) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\OLRegist.dll
2013-03-06 18:50 - 2010-08-05 10:57 - 00599296 _____ (Avanquest Software) C:\Program Files (x86)\Avanquest\PDF Experte 8 Professional\bvrpctln.dll
2013-02-25 14:59 - 2013-02-25 14:59 - 00601576 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\kidsafe.dll
2013-02-25 04:57 - 2013-02-25 04:57 - 00264144 ____N (G Data Software AG) C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeLDR.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 00053608 _____ (Open Source Software community project) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-30 23:05 - 2011-08-30 23:05 - 00085864 _____ (Apple Inc.) C:\Windows\system32\dnssd.dll
2012-06-28 20:17 - 2012-06-28 20:17 - 02057600 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\fox.dll
2012-06-28 20:48 - 2012-06-28 20:48 - 00402816 _____ (Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll
2012-06-28 17:34 - 2012-06-28 17:34 - 00018816 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (whitelisted) ==========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/14/2013 05:38:23 PM) (Source: MsiInstaller) (User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
Error: (09/14/2013 05:27:42 PM) (Source: MsiInstaller) (User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
Error: (09/14/2013 05:06:07 PM) (Source: MsiInstaller) (User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
Error: (09/14/2013 01:58:29 PM) (Source: MsiInstaller) (User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.
Error: (09/14/2013 08:48:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006
Error: (09/14/2013 08:48:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006
Error: (09/14/2013 08:48:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/14/2013 08:48:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
Error: (09/14/2013 08:48:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
Error: (09/14/2013 08:48:14 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (09/14/2013 05:38:48 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 05:38:43 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 05:27:34 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 05:27:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 05:05:49 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 05:05:44 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 05:05:18 PM) (Source: NetBT) (User: )
Description: Der Name "HDSHOME :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.29
registriert werden. Der Computer mit IP-Adresse 192.168.178.27 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (09/14/2013 01:58:39 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 01:58:34 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (09/14/2013 07:37:05 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Microsoft Office Sessions:
=========================
Error: (09/14/2013 05:38:23 PM) (Source: MsiInstaller)(User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/14/2013 05:27:42 PM) (Source: MsiInstaller)(User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/14/2013 05:06:07 PM) (Source: MsiInstaller)(User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/14/2013 01:58:29 PM) (Source: MsiInstaller)(User: HDS-Neu)
Description: Product: Java Auto Updater -- Error 1730.You must be an Administrator to remove this application. To remove this application, you can log on as an Administrator, or contact your technical support group for assistance.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (09/14/2013 08:48:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6006
Error: (09/14/2013 08:48:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6006
Error: (09/14/2013 08:48:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/14/2013 08:48:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
Error: (09/14/2013 08:48:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
Error: (09/14/2013 08:48:14 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
CodeIntegrity Errors:
===================================
Date: 2013-04-11 12:48:07.778
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pcouffin64a.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-11 12:48:07.715
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pcouffin64a.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-11 12:46:35.057
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pcouffin64a.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-11 12:46:34.995
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\pcouffin64a.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-11 09:37:57.525
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-11-11 09:37:57.478
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 6103.12 MB
Available physical RAM: 3707.18 MB
Total Pagefile: 12204.42 MB
Available Pagefile: 9122.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:205.97 GB) (Free:104.98 GB) NTFS
Drive d: () (Fixed) (Total:425.58 GB) (Free:261.34 GB) NTFS
Drive e: (Eigene Dateien) (Fixed) (Total:554.98 GB) (Free:350.25 GB) NTFS
Drive i: () (Fixed) (Total:662.53 GB) (Free:330.83 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 61E6A12E)
Partition 1: (Not Active) - (Size=150 MB) - (Type=DE)
Partition 2: (Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=206 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=-434772115456) - (Type=OF Extended)
==================== End Of Log ============================ --- --- --- |