werbunghc | 18.04.2014 14:23 | Übernimmt der Wiederherstellungspunkt eigentlich nicht diese Aufgabe der Registry-Wiederherstellung? Oder bin ich nur nicht weit genug nach hinten gegangen?
Was ist mit den Dateien noch zu sehen?
Schöne Ostertage
H. Chr.
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by HaChr (administrator) on HARALD-NEU on 18-04-2014 15:12:34
Running from C:\Users\HaChr\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(B.H.A Corporation) C:\Windows\SysWOW64\bgsvcgen.exe
() C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NlsSrv32.exe
() C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
() C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Copernic Inc.) C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-16] (AVAST Software)
HKU\S-1-5-21-258700698-2089955094-1210647631-1000\...\Run: [Copernic Desktop Search - Home] => C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [1692200 2013-01-28] (Copernic Inc.)
HKU\S-1-5-21-258700698-2089955094-1210647631-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-258700698-2089955094-1210647631-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-258700698-2089955094-1210647631-1000\...\MountPoints2: {6e46b6a8-c067-11df-8589-002564db93ce} - J:\USBAutoRun.exe
Startup: C:\Users\Admin-Konto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Testkonto-Software\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
GroupPolicyUsers\S-1-5-21-258700698-2089955094-1210647631-1019\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {B2FCB22C-9A06-4265-A843-46BF1B6C5C7F} URL =
SearchScopes: HKCU - {190097FA-2F4E-468D-AD04-B0A24724E92F} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKCU - {20255E5D-5A6A-4199-B147-0E583BE725CF} URL =
SearchScopes: HKCU - {B2FCB22C-9A06-4265-A843-46BF1B6C5C7F} URL =
BHO: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win64\NotebookPlugin.dll (SMART Technologies ULC.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\Win32\NotebookPlugin.dll (SMART Technologies ULC.)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.10
FireFox:
========
FF ProfilePath: C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Keyword.URL: hxxp://de.search.yahoo.com/search?fr=mcafee&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @garmin.com/GpsControl - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @mcafee.com/SAFFPlugin - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\2020Player@2020Technologies.com [2011-03-09]
FF Extension: Garmin Communicator - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-03-29]
FF Extension: DownloadHelper - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]
FF Extension: Opencaching Pretty Printing - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\showcache@von-eitzen.de.xpi [2011-06-29]
FF Extension: FlashGot - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2012-03-08]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-21]
FF Extension: Fast Video Download (with SearchMenu) - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}.xpi [2013-03-28]
FF Extension: DownThemAll! - C:\Users\HaChr\AppData\Roaming\Mozilla\Firefox\Profiles\p2s4jkwn.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2010-10-25]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-18]
FF HKCU\...\Firefox\Extensions: [{57319509-7821-41B0-9FDF-3B58F146AE33}] - c:\program files (x86)\copernic desktop search - home\firefoxconnector
FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic desktop search - home\firefoxconnector [2013-03-05]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll (McAfee, Inc.)
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Drive) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-05]
CHR Extension: (YouTube) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-18]
CHR Extension: (Google-Suche) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-18]
CHR Extension: (SiteAdvisor) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2012-03-18]
CHR Extension: (Chrome In-App Payments service) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-05]
CHR Extension: (Google Mail) - C:\Users\HaChr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-18]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\HaChr\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2012-03-18]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2012-02-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-02]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-16] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109048 2014-04-16] (AVAST Software)
S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] ()
R2 BotkindSyncService; C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe [182272 2011-12-27] ()
R2 NMSAccess; C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096 2010-03-04] ()
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [384072 2013-10-09] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2013-11-14] ()
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-04-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-16] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [445304 2014-04-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-16] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-16] ()
R1 cdrbsdrv; C:\Windows\System32\Drivers\cdrbsdrv.sys [39208 2006-08-25] (B.H.A Corporation)
S3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [41032 2009-06-18] (McAfee, Inc.)
S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-11-04] (McAfee, Inc.)
S3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-11-04] (McAfee, Inc.)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [13168 2011-07-13] (SMART Technologies ULC)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [16368 2011-07-13] (SMART Technologies ULC)
R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24944 2011-07-13] (SMART Technologies ULC)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [5504 2009-11-12] ()
S3 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [7168 2009-11-12] ()
S3 TTUSB2BDA_NTAMD64; C:\Windows\System32\DRIVERS\ttusb2bda_amd64.sys [747808 2010-01-30] (TechnoTrend Görler GmbH)
S3 LgBttPort; system32\DRIVERS\lgbtpt64.sys [X]
S3 lgbusenum; system32\DRIVERS\lgbtbs64.sys [X]
S3 LGVMODEM; system32\DRIVERS\lgvmdm64.sys [X]
S3 usbbus; system32\DRIVERS\lgx64bus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgx64diag.sys [X]
S3 USBModem; system32\DRIVERS\lgx64modem.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-18 15:12 - 2014-04-18 15:12 - 00023317 _____ () C:\Users\HaChr\Downloads\FRST.txt
2014-04-18 15:11 - 2014-04-18 15:12 - 02158592 _____ (Farbar) C:\Users\HaChr\Downloads\FRST64.exe
2014-04-17 13:21 - 2014-04-17 13:22 - 00000000 ____D () C:\Users\HaChr\Documents\KyoceraClassicU...ified131209
2014-04-17 12:56 - 2014-04-17 12:56 - 00000000 ____D () C:\Users\HaChr\Documents\KX_611118_UPD_signed
2014-04-17 12:45 - 2014-04-17 12:45 - 00002169 _____ () C:\Users\Public\Desktop\StarMoney 9.0.lnk
2014-04-17 12:43 - 2014-04-17 12:48 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-04-17 11:52 - 2014-04-17 11:52 - 00000000 __SHD () C:\Users\HaChr\AppData\Local\EmieUserList
2014-04-17 11:52 - 2014-04-17 11:52 - 00000000 __SHD () C:\Users\HaChr\AppData\Local\EmieSiteList
2014-04-17 01:03 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-17 01:03 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-17 01:03 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-17 01:03 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-17 01:03 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-17 01:03 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-17 01:03 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-17 01:03 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-17 01:03 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-17 01:03 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-17 01:03 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-17 01:03 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-17 01:03 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-17 01:03 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-17 01:03 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-17 01:03 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-17 01:03 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-17 01:03 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-17 01:03 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-17 01:03 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-17 01:03 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-17 01:03 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-17 01:03 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-17 01:03 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-17 01:03 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-17 01:03 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-17 01:03 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-17 01:03 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-17 01:03 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-17 01:03 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-17 01:03 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-17 01:03 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-17 01:03 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-17 01:03 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-17 01:02 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-17 01:02 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-17 01:02 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-17 01:02 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-17 01:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-17 01:02 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-17 01:02 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-17 01:02 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-17 01:02 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-17 01:02 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-17 01:02 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-17 01:02 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-17 01:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-17 01:02 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 19:11 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-16 19:11 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-16 19:11 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-16 19:11 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-16 19:11 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-16 19:11 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-16 19:11 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-16 19:11 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-16 19:11 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-16 19:11 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-16 19:11 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-16 19:11 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-16 19:11 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-16 19:11 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-16 19:11 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-16 19:11 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-16 19:11 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-16 19:06 - 2014-04-16 19:06 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-16 19:06 - 2014-04-16 19:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-16 18:19 - 2014-04-16 18:19 - 00000000 ____D () C:\Windows\system32\config\HiveBackup
2014-04-16 14:54 - 2014-04-16 15:10 - 185324024 _____ () C:\Users\HaChr\Downloads\smoney.exe
2014-04-16 13:32 - 2014-04-16 13:32 - 01035926 _____ () C:\Users\HaChr\Downloads\MozBackup-1.5.1-EN.exe
2014-04-16 13:32 - 2014-04-16 13:32 - 00001029 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-04-16 13:32 - 2014-04-16 13:32 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-13 10:20 - 2014-04-18 15:12 - 00000000 ____D () C:\FRST
2014-04-13 04:06 - 2014-04-13 04:06 - 00000000 ____D () C:\Emergency
2014-04-09 21:34 - 2014-04-14 12:53 - 00000000 ____D () C:\Program Files (x86)\Lernwerkstatt 9
2014-04-09 21:34 - 2014-04-13 08:10 - 00000000 ____D () C:\ProgramData\Lernwerkstatt 9
2014-04-07 20:57 - 2014-04-07 20:57 - 00000000 ____D () C:\Users\HaChr\AppData\Local\{218DA3AB-6ACB-48EC-8083-954CF6B61EA5}
2014-04-07 20:52 - 2014-04-13 08:09 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-04-07 20:50 - 2014-04-07 21:03 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-04-07 20:50 - 2014-04-07 20:50 - 00000000 ____D () C:\Users\HaChr\Documents\eRightSoft
2014-04-01 21:09 - 2014-04-01 21:09 - 00003012 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest-Retry
2014-03-31 22:54 - 2014-03-31 22:54 - 01141856 _____ (Igor Pavlov) C:\Users\HaChr\Desktop\SD1.1.0.325_Setup.exe
2014-03-31 22:54 - 2014-03-31 22:54 - 00001058 _____ () C:\Users\Public\Desktop\Shadow Defender.lnk
2014-03-31 22:54 - 2014-03-31 22:54 - 00000048 _____ () C:\Windows\diskpt.crt
2014-03-31 22:54 - 2014-03-31 22:54 - 00000000 ____D () C:\Program Files (x86)\Shadow Defender
2014-03-31 22:54 - 2010-02-08 07:24 - 00191432 _____ (SHADOWDEFENDER.COM) C:\Windows\SysWOW64\Drivers\diskpt.sys
2014-03-31 22:53 - 2014-03-31 22:53 - 00386896 _____ (Softonic ) C:\Users\HaChr\Downloads\SoftonicDownloader_for_shadow-defender(1).exe
2014-03-31 22:51 - 2014-03-31 22:51 - 00386896 _____ (Softonic ) C:\Users\HaChr\Downloads\SoftonicDownloader_for_shadow-defender.exe
2014-03-31 22:27 - 2014-03-31 22:35 - 00000680 __RSH () C:\Users\HaChr\ntuser.pol
2014-03-29 09:04 - 2014-03-29 09:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-26 21:23 - 2014-03-26 21:23 - 00129976 _____ () C:\Users\HaChr\Documents\cc_20140326_202342.reg
2014-03-26 21:18 - 2014-03-26 21:18 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-26 21:18 - 2014-03-26 21:18 - 00001019 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-26 21:14 - 2014-03-26 21:14 - 04787368 _____ (Piriform Ltd) C:\Users\HaChr\Downloads\ccsetup412.exe
2014-03-23 18:38 - 2014-03-23 18:38 - 00000965 _____ () C:\Users\HaChr\Desktop\HTTrack Website Copier.lnk
2014-03-23 18:38 - 2014-03-23 18:38 - 00000000 ____D () C:\Program Files (x86)\WinHTTrack
2014-03-23 18:35 - 2014-03-23 18:35 - 03963242 _____ (HTTrack ) C:\Users\HaChr\Downloads\httrack-3.47.27.exe
2014-03-23 17:33 - 2014-03-23 17:33 - 00543780 _____ () C:\Users\HaChr\Downloads\Tour_64586.gpx
2014-03-23 17:28 - 2014-03-23 17:28 - 00156704 _____ () C:\Users\HaChr\Downloads\Tour_64599.gpx
2014-03-23 14:07 - 2014-03-23 14:07 - 00055127 _____ () C:\Users\HaChr\Downloads\Tour_10363.gpx
==================== One Month Modified Files and Folders =======
2014-04-18 15:13 - 2010-01-30 18:56 - 00001134 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 15:12 - 2014-04-18 15:12 - 00023317 _____ () C:\Users\HaChr\Downloads\FRST.txt
2014-04-18 15:12 - 2014-04-18 15:11 - 02158592 _____ (Farbar) C:\Users\HaChr\Downloads\FRST64.exe
2014-04-18 15:12 - 2014-04-13 10:20 - 00000000 ____D () C:\FRST
2014-04-18 15:10 - 2009-12-03 19:00 - 00387544 _____ () C:\Users\HaChr\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-18 14:32 - 2009-07-14 07:10 - 01417187 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 14:28 - 2012-10-14 18:39 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-18 14:27 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 14:27 - 2009-07-14 06:45 - 00014032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 14:21 - 2012-07-09 21:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-18 14:20 - 2010-10-20 03:04 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cb6ff2c9d3adc4.job
2014-04-18 14:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 14:18 - 2013-06-09 21:38 - 00239284 _____ () C:\Windows\PFRO.log
2014-04-18 14:18 - 2013-06-01 15:00 - 00002704 _____ () C:\Windows\setupact.log
2014-04-18 14:18 - 2009-11-30 21:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-18 14:18 - 2009-07-14 06:45 - 01367872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-17 13:29 - 2009-12-20 22:03 - 00000000 ____D () C:\Program Files\Kyocera
2014-04-17 13:22 - 2014-04-17 13:21 - 00000000 ____D () C:\Users\HaChr\Documents\KyoceraClassicU...ified131209
2014-04-17 12:56 - 2014-04-17 12:56 - 00000000 ____D () C:\Users\HaChr\Documents\KX_611118_UPD_signed
2014-04-17 12:48 - 2014-04-17 12:43 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-04-17 12:45 - 2014-04-17 12:45 - 00002169 _____ () C:\Users\Public\Desktop\StarMoney 9.0.lnk
2014-04-17 12:45 - 2013-10-30 22:46 - 00000000 ____D () C:\ProgramData\StarMoney 9.0
2014-04-17 12:44 - 2009-07-14 04:34 - 00017486 _____ () C:\Windows\system32\Drivers\etc\services
2014-04-17 12:13 - 2009-11-30 21:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-17 11:52 - 2014-04-17 11:52 - 00000000 __SHD () C:\Users\HaChr\AppData\Local\EmieUserList
2014-04-17 11:52 - 2014-04-17 11:52 - 00000000 __SHD () C:\Users\HaChr\AppData\Local\EmieSiteList
2014-04-17 10:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-17 01:04 - 2009-11-30 21:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-17 01:02 - 2013-08-15 10:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-17 00:59 - 2009-12-04 23:54 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-16 20:34 - 2014-03-13 07:35 - 00000298 _____ () C:\Windows\Tasks\Synology Data Replicator 3-Harald-Neu-HaChr.job
2014-04-16 19:10 - 2012-09-08 23:53 - 00000000 ____D () C:\Program Files (x86)\StarMoney 8.0 S-Edition
2014-04-16 19:07 - 2012-07-29 00:58 - 00001974 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-04-16 19:06 - 2014-04-16 19:06 - 00445304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-04-16 19:06 - 2014-04-16 19:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-16 19:06 - 2014-01-05 19:27 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-16 19:06 - 2013-03-17 11:31 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-16 19:06 - 2013-03-17 11:31 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-16 19:06 - 2012-03-18 23:39 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-04-16 19:06 - 2012-03-18 23:28 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-16 19:06 - 2012-03-18 23:28 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-04-16 19:06 - 2012-03-18 23:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-16 19:06 - 2012-03-18 23:28 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-16 19:06 - 2012-03-18 23:28 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-16 19:04 - 2009-07-14 19:58 - 00709900 _____ () C:\Windows\system32\perfh007.dat
2014-04-16 19:04 - 2009-07-14 19:58 - 00154336 _____ () C:\Windows\system32\perfc007.dat
2014-04-16 19:04 - 2009-07-14 07:13 - 01649556 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-16 19:02 - 2013-11-02 14:06 - 00002034 _____ () C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-04-16 18:56 - 2012-04-29 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-16 18:19 - 2014-04-16 18:19 - 00000000 ____D () C:\Windows\system32\config\HiveBackup
2014-04-16 15:10 - 2014-04-16 14:54 - 185324024 _____ () C:\Users\HaChr\Downloads\smoney.exe
2014-04-16 15:07 - 2009-12-09 22:58 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-04-16 14:57 - 2009-12-03 19:00 - 00000000 ____D () C:\Users\HaChr
2014-04-16 14:44 - 2013-07-27 18:16 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-04-16 14:09 - 2013-05-26 18:25 - 00000000 ____D () C:\Program Files\My Dell
2014-04-16 14:09 - 2009-11-30 21:53 - 00000000 ____D () C:\ProgramData\PCDr
2014-04-16 13:32 - 2014-04-16 13:32 - 01035926 _____ () C:\Users\HaChr\Downloads\MozBackup-1.5.1-EN.exe
2014-04-16 13:32 - 2014-04-16 13:32 - 00001029 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-04-16 13:32 - 2014-04-16 13:32 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-04-16 13:07 - 2012-03-18 23:31 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-14 12:53 - 2014-04-09 21:34 - 00000000 ____D () C:\Program Files (x86)\Lernwerkstatt 9
2014-04-14 12:53 - 2012-10-13 12:06 - 00000000 ____D () C:\Users\HaChr\AppData\Roaming\MediaMonkey
2014-04-14 12:53 - 2010-01-24 23:47 - 00000000 ____D () C:\Users\Testkonto-Software
2014-04-14 12:53 - 2009-12-13 22:13 - 00000000 ____D () C:\Users\Admin-Konto
2014-04-14 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-14 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-04-13 08:10 - 2014-04-09 21:34 - 00000000 ____D () C:\ProgramData\Lernwerkstatt 9
2014-04-13 08:09 - 2014-04-07 20:52 - 00000000 ____D () C:\Program Files (x86)\AviSynth 2.5
2014-04-13 04:06 - 2014-04-13 04:06 - 00000000 ____D () C:\Emergency
2014-04-07 21:03 - 2014-04-07 20:50 - 00000000 ____D () C:\Program Files (x86)\eRightSoft
2014-04-07 20:57 - 2014-04-07 20:57 - 00000000 ____D () C:\Users\HaChr\AppData\Local\{218DA3AB-6ACB-48EC-8083-954CF6B61EA5}
2014-04-07 20:57 - 2010-11-10 23:01 - 00000000 ____D () C:\Users\HaChr\AppData\Local\Windows Live
2014-04-07 20:50 - 2014-04-07 20:50 - 00000000 ____D () C:\Users\HaChr\Documents\eRightSoft
2014-04-06 22:03 - 2011-09-14 22:10 - 00000000 ____D () C:\ProgramData\LAT 2.0 Deutsch
2014-04-01 21:09 - 2014-04-01 21:09 - 00003012 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest-Retry
2014-03-31 22:54 - 2014-03-31 22:54 - 01141856 _____ (Igor Pavlov) C:\Users\HaChr\Desktop\SD1.1.0.325_Setup.exe
2014-03-31 22:54 - 2014-03-31 22:54 - 00001058 _____ () C:\Users\Public\Desktop\Shadow Defender.lnk
2014-03-31 22:54 - 2014-03-31 22:54 - 00000048 _____ () C:\Windows\diskpt.crt
2014-03-31 22:54 - 2014-03-31 22:54 - 00000000 ____D () C:\Program Files (x86)\Shadow Defender
2014-03-31 22:53 - 2014-03-31 22:53 - 00386896 _____ (Softonic ) C:\Users\HaChr\Downloads\SoftonicDownloader_for_shadow-defender(1).exe
2014-03-31 22:51 - 2014-03-31 22:51 - 00386896 _____ (Softonic ) C:\Users\HaChr\Downloads\SoftonicDownloader_for_shadow-defender.exe
2014-03-31 22:35 - 2014-03-31 22:27 - 00000680 __RSH () C:\Users\HaChr\ntuser.pol
2014-03-31 22:27 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-31 09:35 - 2012-03-19 18:14 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:07 - 2010-10-20 03:04 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cb6ff2c9d3adc4
2014-03-31 03:07 - 2010-01-30 18:56 - 00004130 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 09:35 - 2011-02-06 11:39 - 00000000 ____D () C:\Users\HaChr\AppData\Roaming\GARMIN
2014-03-29 09:04 - 2014-03-29 09:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-26 21:45 - 2009-12-03 23:12 - 00000000 ____D () C:\Installationen
2014-03-26 21:42 - 2013-05-30 18:07 - 00000000 ____D () C:\Users\HaChr\AppData\Roaming\inkscape
2014-03-26 21:42 - 2011-03-06 22:06 - 00000000 ____D () C:\Users\HaChr\AppData\Local\MediaMonkey
2014-03-26 21:35 - 2010-12-03 22:08 - 00000538 _____ () C:\Windows\SysWOW64\tts.log
2014-03-26 21:35 - 2010-12-03 22:08 - 00000000 ____D () C:\Program Files (x86)\ViaVoiceTTS
2014-03-26 21:23 - 2014-03-26 21:23 - 00129976 _____ () C:\Users\HaChr\Documents\cc_20140326_202342.reg
2014-03-26 21:18 - 2014-03-26 21:18 - 00002784 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-26 21:18 - 2014-03-26 21:18 - 00001019 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-26 21:18 - 2011-07-22 21:18 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2014-03-26 21:14 - 2014-03-26 21:14 - 04787368 _____ (Piriform Ltd) C:\Users\HaChr\Downloads\ccsetup412.exe
2014-03-24 07:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-23 18:38 - 2014-03-23 18:38 - 00000965 _____ () C:\Users\HaChr\Desktop\HTTrack Website Copier.lnk
2014-03-23 18:38 - 2014-03-23 18:38 - 00000000 ____D () C:\Program Files (x86)\WinHTTrack
2014-03-23 18:35 - 2014-03-23 18:35 - 03963242 _____ (HTTrack ) C:\Users\HaChr\Downloads\httrack-3.47.27.exe
2014-03-23 18:32 - 2013-09-18 20:52 - 00000000 ____D () C:\Program Files (x86)\phase5
2014-03-23 17:33 - 2014-03-23 17:33 - 00543780 _____ () C:\Users\HaChr\Downloads\Tour_64586.gpx
2014-03-23 17:28 - 2014-03-23 17:28 - 00156704 _____ () C:\Users\HaChr\Downloads\Tour_64599.gpx
2014-03-23 14:07 - 2014-03-23 14:07 - 00055127 _____ () C:\Users\HaChr\Downloads\Tour_10363.gpx
2014-03-19 21:03 - 2014-03-18 22:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-19 21:03 - 2014-02-04 23:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird.bak
Some content of TEMP:
====================
C:\Users\Testkonto-Software\AppData\Local\Temp\SetupProfiSet.exe
C:\Users\Testkonto-Software\AppData\Local\Temp\SetupUebungsSet.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-16 19:36
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by HaChr at 2014-04-18 15:13:11
Running from C:\Users\HaChr\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
7Smoker Pro 1.0 (HKLM-x32\...\7Smoker Pro_is1) (Version: 1.0 - WareSoft Software)
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
ActivDriver x64 v5.7 (HKLM\...\{F15D3F83-06DD-40AE-B7FC-AF720B154589}) (Version: 5.7.22.1 - Promethean)
ActivInspire Core Resources (DEU) v1 (HKLM-x32\...\{382BE32D-6CFD-4F62-B072-B2B87C0DFEB7}) (Version: 1.5.2 - Promethean)
ActivInspire Help (DEU) v1 (HKLM-x32\...\{79314E44-DF84-4A58-AD2A-802DE91033C3}) (Version: 1.6.1 - Promethean)
ActivInspire HWR Resources (DEU) v1 (HKLM-x32\...\{DBF47CB5-73EC-4DB3-B5A8-A961F41F5F1D}) (Version: 1.5.2 - Promethean)
ActivInspire v1 (HKLM-x32\...\{D7F4028A-4A92-4501-896C-3B707E843D7B}) (Version: 1.7.58968 - Promethean)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Allway Sync version 12.0.0 (HKLM-x32\...\Allway Sync_is1) (Version: - Botkind Inc)
Ani...Paint 3 Standard Edition (HKLM-x32\...\Ani...Paint 3 Standard Edition) (Version: - )
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoftware Multimediawerkstatt 2.3 (HKLM-x32\...\AquaSoftware Multimediawerkstatt 2.3) (Version: 2.3 - AquaSoftware)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.12 - Audible, Inc.)
avast! Internet Security (HKLM-x32\...\avast) (Version: 9.0.2016 - Avast Software)
Avery Wizard 3.1 (HKLM-x32\...\{77077FFF-8831-470F-9627-E86F06A50CCD}) (Version: 3.1.8 - Avery)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
bcTester 4.9 (de) (HKLM-x32\...\{CD27A577-BD77-481D-9E07-314AE9059A77}) (Version: 4.9.0 - QS QualitySoft GmbH)
BilliBanni: Erste Schritte (HKLM-x32\...\RRTW32.EXE) (Version: - )
BlueGriffon Version 1.7.2 (HKLM-x32\...\{A9015334-10BE-4D64-A776-203336EFE806}_is1) (Version: 1.7.2 - Disruptive Innovations SAS)
BlueVoda Website Builder 11.4G (HKLM-x32\...\BlueVoda_Website_Builder_1.0) (Version: - )
Budenberg Software Mehrplatz 5/13 WIN (HKLM-x32\...\Budenberg_is1) (Version: Budenberg 5/13 - Budenberg Software)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Canon SELPHY CP800 (HKLM\...\Canon SELPHY CP800) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.2.2140 - CDBurnerXP)
Celestia 1.6.1 (HKLM-x32\...\Celestia_is1) (Version: - Shatters Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copernic Desktop Search - Home (HKLM-x32\...\CopernicDesktopSearch2) (Version: - Copernic Inc.)
Corel Applications (HKLM-x32\...\Corel Applications) (Version: - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{B16BB34E-B7BF-47DF-8658-BEABCF40CD6A}) (Version: 16.1.0.843 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.1.843 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.1.843 - Corel Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.36 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0009 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Diercke Grundschul-Globus (HKLM-x32\...\Diercke Grundschul-Globus) (Version: 2.0 - Imagon GmbH)
DriverEasy 4.2.0 (HKLM\...\DriverEasy_is1) (Version: 4.2.0.0 - Easeware)
DVR-Studio Light (HKLM-x32\...\{BD60F72D-3F1F-4DE1-9C41-3CF75B2CA59A}) (Version: - Haenlein Software)
eJay Street Style - Deinstallation (HKLM-x32\...\Dance eJay3) (Version: - )
ELFE 1-6 (HKLM-x32\...\ELFE) (Version: 1-6 - Hogrefe)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.1.1.8531p) (Version: 15.0.13345 - Landesfinanzdirektion Thüringen)
ElsterFormular 2008/2009 (HKLM-x32\...\{04830D0F-F980-4EC0-89F1-594F2FD2A1B5}) (Version: 10.3.2.0 - Steuerverwaltung des Bundes und der Länder)
Encarta Suchleiste (64-bits) (HKLM\...\{08104040-959A-4B0D-8825-2C533F0DDB19}) (Version: 1.0.0 - Microsoft)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FotoSketcher 1.95 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free Video to DVD Converter version 5.0.4.1228 (HKLM-x32\...\Free Video to DVD Converter_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.20.423 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.20.423 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
FreeRIP v3.66 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 3.66 - GreenTree Applications SRL)
ftp-uploader (HKLM-x32\...\ftp-uploader) (Version: 3.3.0.0 - Firma Gregor Schommer Systemberatung, Raderthaler Str. 31, D-50968 Köln)
G DATA Logox4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version: - G DATA Software AG)
Garmin BaseCamp (HKLM-x32\...\{25C65D81-1C50-497D-9246-F17824CCC966}) (Version: 3.1.2 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT v9 (HKLM-x32\...\{29EA075F-2C61-472F-B01D-80E8D8F023F1}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{B1EE1CC5-6CED-4801-BFFF-8454F21A245A}) (Version: 2.9.3 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin Training Center (HKLM-x32\...\{B005695F-BA47-4C2B-B999-D786B71BED34}) (Version: 3.5.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM-x32\...\{00FE2935-FB56-4410-AB5F-D6E70C1771D2}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
Generic MP3 Player USB Driver for Win98 (HKLM-x32\...\Generic MP3 Player USB Driver for Win98) (Version: - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.6.8 (HKLM-x32\...\WinGimp-2.0_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
grafstat4 (HKLM-x32\...\{58AEE3E0-8746-11DD-81B6-000AE67E2618}_is1) (Version: 4.19 - DrSoft)
HD Writer AE 2.0 (HKLM-x32\...\{84639CB3-04D4-4758-B1D0-82E531D21F59}) (Version: 2.00.142.1031 - Panasonic Corporation)
Hill Solutions Medien Center Edition 3.20 (HKLM-x32\...\{FB7C8995-8F58-4F44-99DE-E694D4C212D5}) (Version: 3.20 - Hill Solutions)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Officejet Pro 8500 A910 - Grundlegende Software für das Gerät (HKLM\...\{E0FE1E14-3A7A-4DB0-9FFA-0DD945AE84DB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet Pro 8500 A910 Hilfe (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HyperVcam Mobile (HKLM-x32\...\Camera) (Version: - )
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Resizer Powertoy Clone for Windows (64 bit) (HKLM\...\{C862EC05-1C15-4327-B15D-C7788D6CFF73}) (Version: 2.1.1 - Brice Lambson)
ImageConverter Plus 8.0 (HKLM-x32\...\ImageConverter Plus_is1) (Version: - fCoder Group, Inc.)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 14 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
Lernwerkstatt 8 (HKLM-x32\...\InstallShield_{08BE0A17-0AB8-4B0C-88E2-EB1B4977A511}) (Version: 8.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH)
Lernwerkstatt 8 (x32 Version: 8.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH) Hidden
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LogView V2 (HKLM-x32\...\LogView V2) (Version: LogView V2 2 - LogView.info - D.Schmidt / H.Hemmecke)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Marble (remove only) (HKLM-x32\...\Marble) (Version: - )
MATHEARBEIT G 4.5 (HKLM-x32\...\MATHEARBEIT G) (Version: 4.5 - MA-Software)
MATHEARBEIT S 6.2 (HKLM-x32\...\MATHEARBEIT S) (Version: 6.2 - Ernst Schillinger)
MATHE-AVANTI 1.3 (HKLM-x32\...\MATHE-AVANTI) (Version: 1.3 - MA-Software)
MATHE-PROFI 3.5 (HKLM-x32\...\MATHE-PROFI) (Version: 3.5 - MA-Software)
MATHETEXT G 1.2 (HKLM-x32\...\MATHETEXT G) (Version: 1.2 - )
MatheTris (HKCU\...\MatheTris) (Version: - )
MediaConverter 1.2.8 (HKLM-x32\...\MediaConverter) (Version: 1.2.8 - SoMud)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
MIADoc (HKLM-x32\...\MIADoc_is1) (Version: 1.0.18 - Schnuppig.de)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Encarta 2009 - Enzyklopädie (HKLM-x32\...\{09100081-2C94-4A67-8E55-8483C019C7D2}) (Version: 2009 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version: - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MP3jam 1.0.0.4 (HKLM-x32\...\MP3jam_is1) (Version: 1.0.0.4 - MP3jam)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Editor Free (HKLM-x32\...\Music Editor Free) (Version: - MusicEditorFree Inc.)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6422.14 - PC-Doctor, Inc.)
MyScript HWR (German) (HKLM-x32\...\{415CD877-0970-4CB6-B178-1E72F7DC60E7}) (Version: 4.4.5.1 - SMART Technologies ULC)
Naviextras Toolbox (HKLM-x32\...\Naviextras Toolbox) (Version: 3.11.0.24188 - NNG Llc.)
Naviextras Toolbox Prerequesities (HKLM-x32\...\{537575D6-3B96-474C-BD8F-DFF667363DBD}) (Version: 1.0.0 - NNG Llc.)
NumNumSpiel (HKLM-x32\...\NumNumSpiel) (Version: - )
NVIDIA 3D Vision Controller-Treiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Office-Bibliothek (HKLM-x32\...\{5C81B189-5456-40C4-9313-7FE6FA6DD64C}) (Version: 5.01 - Bibliographisches Institut & F.A. Brockhaus AG)
OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PC Inspector smart recovery (HKLM-x32\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
PDF24 Creator 5.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDF2Word Converter Version 1.0.9 (Build 174) (HKLM-x32\...\PDF2Word Converter_is1) (Version: PDF2Word Converter - Version 1.0.9 (Build 174) - Th. Hodes Software)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Philips Vesta Camera WebUpdate (HKLM-x32\...\Phlips Vesta Camera WebUpdate Uninstall) (Version: - )
Photo Gadget (HKLM-x32\...\Photo Gadget_is1) (Version: - XemiComputers)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PixiePack Codec Pack (HKLM-x32\...\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}) (Version: 1.1.1200.0 - None)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Pointofix (HKLM-x32\...\Pointofix_is1) (Version: - Amerigomedia)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Radiotracker (HKLM-x32\...\{1E863F44-2D2D-4BD7-B25B-EDA9FF622267}) (Version: 6.2.13700.0 - RapidSolution Software AG)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5864 - Realtek Semiconductor Corp.)
Redfish Slimline Convertor (HKLM-x32\...\{4B3E4976-3A19-4372-BB26-7BF26221BD0E}) (Version: 1.01.0000 - Redfish)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.0 - Roxio)
Roxio Burn (x32 Version: 1.0.0 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
S.O.S. Tiefsee (HKLM-x32\...\Tiefsee) (Version: - )
Sansa Updater (HKCU\...\Sansa Updater) (Version: 1.301 - SanDisk Corporation)
SchulleiterABC Bayern (HKLM-x32\...\MGOberfranken_SchulleiterABC_by) (Version: - Mediengruppe Oberfranken)
Sigel BusinessCardSoftware (HKLM-x32\...\Sigel BusinessCardSoftware) (Version: - )
SimilarImages (HKLM-x32\...\SimilarImages) (Version: 2010.09 - Nils Maier)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SMART Common Platform (HKLM-x32\...\{0E5DD7A3-BE29-430C-970B-C553F4A58C39}) (Version: 10.8.159.0 - Ihr Firmenname)
SMART German Language Pack (HKLM-x32\...\{FBD1D659-DFDF-4EFC-9E6E-187CF498380C}) (Version: 10.8.76.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{ED0FF410-41B9-441F-B457-4AC81782E8BF}) (Version: 10.8.364.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{67E6410C-1E97-4D03-BEC2-8E83323A6BBD}) (Version: 10.8.212.0 - SMART Technologies ULC)
SMART Product Update (HKLM-x32\...\{8D4B716A-0ABE-4238-9090-D208E5F57A5E}) (Version: 5.0.108.0 - SMART Technologies ULC)
SmartTools Publishing • Word Falz- und Lochmarken-Assistent (HKLM-x32\...\SmartToolsFalz- und Lochmarken-Assistentv5.00) (Version: v5.00 - SmartTools Publishing)
Some PDF to Word Converter 1.5 (HKLM-x32\...\Some PDF to Word Converter_is1) (Version: - SomePDF.com)
StarMoney (x32 Version: 1.0 - StarFinanz) Hidden
StarMoney (x32 Version: 2.0 - StarFinanz) Hidden
StarMoney (x32 Version: 3.0.4.48 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.2.34 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.4.16 - StarFinanz) Hidden
StarMoney 8.0 S-Edition (HKLM-x32\...\{528BD0FE-4BEF-498B-981A-0DCE1838E7FB}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 8.0 S-Edition (HKLM-x32\...\{69A37933-0575-4C47-BAF3-908243A09978}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 8.0 S-Edition (HKLM-x32\...\{69B0C60A-5747-4168-A19B-197E07833759}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0 (HKLM-x32\...\{17D1F8B7-C4FA-4315-AA04-4D57783041C1}) (Version: 9.0 - Star Finanz GmbH)
Stellarium 0.10.6.1 (HKLM-x32\...\Stellarium_is1) (Version: - )
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
streamWriter (HKLM-x32\...\streamWriter_is1) (Version: - )
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
Synology Data Replicator 3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
Technotrend Viewer (HKLM-x32\...\TT-Viewer_is1) (Version: - CM&V)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
TT-Media Center (HKLM-x32\...\{3648DB03-30F4-4383-95AC-AE793825184C}) (Version: 1.00.0000 - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version: - Ozone)
Visitenkarten in 2 Minuten (HKLM-x32\...\Visitenkarten in 2 Minuten) (Version: - )
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VSO Image Resizer 4.0.2.5 (HKLM-x32\...\{8969CD6F-5B75-40B9-8701-86ECA4C1F263}_is1) (Version: 4.0.2.5 - VSO-Software)
Welt der Zahl 3 (HKLM-x32\...\Welt der Zahl 3) (Version: - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Welt der Zahl 4 (HKLM-x32\...\Welt der Zahl 4) (Version: - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Willi 2.9 (HKLM-x32\...\Willi_is1) (Version: - )
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinHTTrack Website Copier 3.47-27 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WÖRTER-ZIRKUS 1.2 (HKLM-x32\...\WÖRTER-ZIRKUS) (Version: 1.2 - )
XMind 2012 (v3.3.1) (HKLM-x32\...\XMind_is1) (Version: 3.3.1.201212250029 - XMind Ltd.)
==================== Restore Points =========================
09-04-2014 14:42:39 Windows Update
09-04-2014 19:29:22 Installiert Lernwerkstatt 9
10-04-2014 01:02:06 Windows Update
16-04-2014 13:21:29 Installiert StarMoney
16-04-2014 16:57:39 avast! antivirus system restore point
16-04-2014 17:03:55 Windows Update
16-04-2014 17:08:58 Windows-Sicherung
16-04-2014 22:58:59 Windows Update
17-04-2014 09:01:12 Installiert StarMoney
17-04-2014 10:09:08 Entfernt StarMoney
17-04-2014 10:12:25 Installiert StarMoney
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0FBA24D4-1657-4B87-9CF3-B08FB92F20CD} - System32\Tasks\{0B76CF8B-2E32-4B7F-80DE-2E6CB40808AD} => C:\Users\HaChr\Desktop\photogadgetde.exe
Task: {21C86974-F5E7-45D2-876A-BEF26B7DA959} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {278D291B-21E6-4B66-9832-99991A657A7E} - System32\Tasks\{B5943C52-7AB7-4060-AAA8-C94C4AC6F98B} => E:\LERNLEXI\SETUP.EXE
Task: {27962294-328C-4E9C-BC2D-A67153B86DD1} - System32\Tasks\{2AE695EA-7EA9-48C9-AACE-5BAA48D3B4F8} => K:\1Schule-2012-2013\107.exe
Task: {28A88393-A4C7-47EE-AB94-659624573C75} - System32\Tasks\Synology Data Replicator 3-Harald-Neu-HaChr => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe [2013-10-09] (Synology Inc.)
Task: {2F86628F-FCCB-411B-8D84-3B3C6AE8C349} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {38737CB0-251A-4494-901B-A5E60D357502} - System32\Tasks\{8674108C-47B7-4DD5-B727-55DB65105766} => C:\Program Files (x86)\FRANZIS\Audio180v4\Startup.exe
Task: {3E3D53EB-67BB-4CAD-ACEB-2A1B3EF8403F} - System32\Tasks\{67E18C7B-BBE3-42CE-A7C2-58E9FE2CC5A0} => E:\SETUP.EXE
Task: {47937C57-D0B9-4D9A-A05C-5E44219CC477} - System32\Tasks\{95092EBB-81D1-4302-9902-0CF9C18F8CFF} => C:\Users\HaChr\Downloads\HyperVcam\twunk_32.exe [2000-09-15] (TWAIN Working Group)
Task: {51B0DB5E-67F2-4401-AA74-3599DD150634} - System32\Tasks\{4310D65E-F6F2-4F27-A995-2C4F7079DE07} => C:\Users\HaChr\Downloads\schdivi1\schdivi1.exe [2011-12-20] ()
Task: {530FF5A7-9383-4B27-8EA9-B9354BED3A0B} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {5C31D49D-0AD9-41E1-80AF-FBBCE5209063} - System32\Tasks\{73D56ACB-07BC-452B-8C74-8D6929504FC4} => C:\Users\HaChr\Downloads\multiprog1(1)\multi1\MULTI1.EXE [2011-05-22] ()
Task: {5CCC67BB-7488-4A0B-8ECF-3EDBBC3F27F3} - System32\Tasks\{89ECF617-9411-44CF-80DD-95612B88CBFD} => C:\Users\HaChr\Downloads\multiprog1(1)\multi1\MULTI1.EXE [2011-05-22] ()
Task: {680F0817-6161-42BF-9103-BB62CA3D36D2} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2013-12-19] (PC-Doctor, Inc.)
Task: {6B4B29F6-7F44-4A67-B376-3F9815B6F3BF} - System32\Tasks\{26E04804-751A-48F4-8BE6-0E22D77B91D8} => K:\1Schule-2012-2013\107.exe
Task: {7870FF50-C8EE-43FF-9263-5CE9CD1583AF} - System32\Tasks\{CC5039EE-9E5E-4338-A87F-88A6AD730BB6} => C:\Program Files (x86)\FRANZIS\Audio180v4\Startup.exe
Task: {8338E170-D8A7-4052-BBBE-5240AA5FC91B} - System32\Tasks\{7AB36AF1-7419-4751-93E1-6DA0EF937880} => C:\Users\HaChr\Downloads\multiprog1(1)\multi1\MULTI1.EXE [2011-05-22] ()
Task: {8F80AC80-AF86-4BBC-A077-C6D60B055616} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-16] (AVAST Software)
Task: {98797889-E29E-4EF1-861B-F4F348171096} - System32\Tasks\{E3C8775F-33AE-40DC-B497-FC84B5D603BF} => C:\Users\HaChr\Downloads\multiprog1\multi1\MULTI1.EXE [2011-03-13] ()
Task: {98D66FD6-5E72-47FB-B1BD-83F16A60909A} - System32\Tasks\{31B0C22A-51A7-4C81-9E16-0F7DC1B910E5} => C:\Users\HaChr\Desktop\photogadgetde.exe
Task: {A10F816A-1A73-4943-963B-C3FCC8114099} - System32\Tasks\{843DA5D9-1FAF-4A73-B4A8-88633AA23701} => E:\LERNLEXI\SETUP.EXE
Task: {A430A5A7-AA2A-40F4-B49B-04EE85B1D528} - System32\Tasks\GoogleUpdateTaskMachineCore1cb6ff2c9d3adc4 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.)
Task: {B3074B86-5C9C-4FBD-9C8C-4C649101D252} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2013-12-19] (PC-Doctor, Inc.)
Task: {BB2AF16F-B8D0-4CD0-AA79-02001BA6C9D5} - System32\Tasks\{79CF7ADA-AD1D-45EE-B38F-BBD55C837D6B} => C:\Users\HaChr\Downloads\HyperVcam\twunk_32.exe [2000-09-15] (TWAIN Working Group)
Task: {D24C0381-71DE-410E-86D6-2D4E4083BB82} - System32\Tasks\{A770D459-B042-41EE-B8AB-9815461A24DC} => C:\Users\HaChr\Downloads\schdivi1\schdivi1.exe [2011-12-20] ()
Task: {D60AAD1E-3190-478E-B99E-6B8F1532CDC9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DC2A1F51-08FE-490C-9988-C77D95AFE376} - System32\Tasks\{596F637E-AC63-4158-BA40-102E8420EE9C} => C:\Program Files (x86)\FRANZIS\Audio180v4\Startup.exe
Task: {DCA715F5-13D0-48E9-B825-719F33E8FE98} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-30] (Google Inc.)
Task: {DF055138-CA0E-4E8E-8CFA-E129C2F2CD7C} - System32\Tasks\{AC93E025-98A0-4219-8654-92030FE5261C} => C:\Users\HaChr\Downloads\multiprog1\multi1\MULTI1.EXE [2011-03-13] ()
Task: {E0C710EA-0219-434A-92D4-762988654666} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {EA0C3B27-5410-471E-8E63-7C3B99809A5B} - System32\Tasks\{BC3380E1-D794-464A-8F57-27944E4FBE99} => C:\Users\HaChr\Desktop\photogadgetde.exe
Task: {EBB2666B-0FFA-4521-8CBD-A98121411875} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {FB6635FB-2529-4059-946B-E57564BA3043} - System32\Tasks\{DEACDE8B-C083-4ED1-B606-A99F9202FF2F} => C:\Program Files (x86)\FRANZIS\Audio180v4\Startup.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cb6ff2c9d3adc4.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Synology Data Replicator 3-Harald-Neu-HaChr.job => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
==================== Loaded Modules (whitelisted) =============
2012-12-09 20:14 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-29 14:22 - 2011-12-27 13:32 - 00182272 _____ () C:\Program Files (x86)\Allway Sync\Bin\SyncService.exe
2010-06-08 23:33 - 2010-03-04 23:38 - 00071096 _____ () C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe
2013-10-09 04:52 - 2013-10-09 04:52 - 00384072 _____ () C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
2013-11-14 15:28 - 2013-11-14 15:28 - 00248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2014-04-17 10:44 - 2014-04-17 10:44 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041700\algo.dll
2014-04-18 14:21 - 2014-04-18 14:21 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041800\algo.dll
2009-11-30 21:52 - 2009-08-17 10:29 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-11-30 21:52 - 2009-08-17 10:29 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2013-02-04 22:14 - 2011-01-13 11:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll
2014-04-17 12:44 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
2013-11-02 14:05 - 2013-11-02 14:05 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-18 22:15 - 2014-03-18 22:15 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-18 22:15 - 2014-03-18 22:15 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-18 22:15 - 2014-03-18 22:15 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-01-06 22:53 - 2014-01-06 22:53 - 27379992 _____ () C:\Program Files (x86)\Google\Picasa3\Picasa3i18n.dll
2014-01-06 21:18 - 2014-01-06 21:18 - 00405504 _____ () C:\Program Files (x86)\Google\Picasa3\plugins\CDVDR\CDVDR.yti
2014-01-06 22:30 - 2014-01-06 22:30 - 00430080 _____ () C:\Program Files (x86)\Google\Picasa3\plugins\ytITivo.yti
2014-01-06 22:53 - 2014-01-06 22:53 - 00100632 _____ () C:\Program Files (x86)\Google\Picasa3\qtsupport.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-06 20:46 - 2014-01-06 20:46 - 02351104 _____ () C:\Program Files (x86)\Google\Picasa3\plugins\Red.dll
2014-03-29 09:04 - 2014-03-29 09:04 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 17:28 - 2014-03-12 17:28 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: Wlansvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\Services: WPDBusEnum => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DierckeGlobusBrowserSchnittstelle.lnk => C:\Windows\pss\DierckeGlobusBrowserSchnittstelle.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HD Writer.lnk => C:\Windows\pss\HD Writer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microtek Scanner Finder.lnk => C:\Windows\pss\Microtek Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SELPHY Photo Print Launcher.lnk => C:\Windows\pss\SELPHY Photo Print Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SMART-Board-Werkzeuge.lnk => C:\Windows\pss\SMART-Board-Werkzeuge.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^HaChr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupfolder: C:^Users^HaChr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: ActivControl => C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ANT Agent => C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Copernic Desktop Search - Home => "C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m
MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: Duden Korrektor SysTray => C:\Program Files (x86)\Duden\Duden Korrektor\DKtray.exe
MSCONFIG\startupreg: E09DXLRD_619123944 => "C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 - Enzyklopaedie DVD\EDICT.EXE" -m
MSCONFIG\startupreg: E09DXLRD_761382956 => "C:\Program Files (x86)\Microsoft Encarta\Encarta 2009 - Enzyklopaedie DVD\EDICT.EXE" -m
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
MSCONFIG\startupreg: Launcher => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
MSCONFIG\startupreg: SansaDispatch => C:\Users\HaChr\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe"
MSCONFIG\startupreg: SMART Board Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
MSCONFIG\startupreg: SMART SNMP Agent => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
MSCONFIG\startupreg: STToasterLauncher => C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/17/2014 01:30:26 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: StarMoney.exe, Version: 4.0.4.21, Zeitstempel: 0x53425bd4
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.1, Zeitstempel: 0x4d5f0c22
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001ed7
ID des fehlerhaften Prozesses: 0x1654
Startzeit der fehlerhaften Anwendung: 0xStarMoney.exe0
Pfad der fehlerhaften Anwendung: StarMoney.exe1
Pfad des fehlerhaften Moduls: StarMoney.exe2
Berichtskennung: StarMoney.exe3
Error: (04/17/2014 11:57:25 AM) (Source: Application Hang) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17041 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1090
Startzeit: 01cf5a22c748b248
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (04/17/2014 00:59:00 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (04/16/2014 06:20:55 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (04/16/2014 04:03:59 PM) (Source: Application Hang) (User: )
Description: Programm StarMoney.exe, Version 3.0.6.51 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c20
Startzeit: 01cf5977fad27f9c
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe
Berichts-ID:
Error: (04/16/2014 03:21:47 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (04/16/2014 02:01:24 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: pcdrcui.exe, Version: 6.0.6422.14, Zeitstempel: 0x52998d7a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0x14bc
Startzeit der fehlerhaften Anwendung: 0xpcdrcui.exe0
Pfad der fehlerhaften Anwendung: pcdrcui.exe1
Pfad des fehlerhaften Moduls: pcdrcui.exe2
Berichtskennung: pcdrcui.exe3
Error: (04/16/2014 01:42:00 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: tquery.dll, Version: 7.0.7601.17610, Zeitstempel: 0x4dc0e17a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000eaa56
ID des fehlerhaften Prozesses: 0xf3c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (04/16/2014 07:08:58 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (04/16/2014 07:08:53 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Avast! Firewall Driver.
System Error:
Das System kann die angegebene Datei nicht finden.
.
System errors:
=============
Error: (04/18/2014 02:22:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/18/2014 02:22:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/18/2014 02:21:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/18/2014 02:19:46 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/18/2014 02:19:40 PM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/17/2014 10:48:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (04/17/2014 10:48:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (04/17/2014 10:47:27 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/17/2014 10:47:01 AM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Error: (04/17/2014 10:46:54 AM) (Source: cdrom) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.
Microsoft Office Sessions:
=========================
Error: (01/30/2013 09:49:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 255436 seconds with 6240 seconds of active time. This session ended with a crash.
Error: (01/27/2013 10:46:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 436076 seconds with 33540 seconds of active time. This session ended with a crash.
Error: (01/22/2013 09:37:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 909084 seconds with 10560 seconds of active time. This session ended with a crash.
Error: (12/10/2012 07:51:48 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 33224 seconds with 240 seconds of active time. This session ended with a crash.
Error: (07/14/2012 06:01:29 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5140 seconds with 3540 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-01-26 12:58:59.711
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume20\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-26 12:58:59.711
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume20\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-26 12:58:59.695
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume20\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-26 12:58:59.695
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume20\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 32%
Total physical RAM: 8190.18 MB
Available physical RAM: 5495.71 MB
Total Pagefile: 16378.53 MB
Available Pagefile: 13521.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:531.69 GB) (Free:354.6 GB) NTFS
Drive d: (Musik * Bilder) (Fixed) (Total:736.2 GB) (Free:24.44 GB) NTFS
Drive k: (DATEN) (Fixed) (Total:195.31 GB) (Free:153.5 GB) NTFS
Drive l: (WindowsXP) (Fixed) (Total:195.31 GB) (Free:127 GB) NTFS
Drive m: (Daten-Sicherung) (Fixed) (Total:195.31 GB) (Free:137.29 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 08000000)
Partition 1: (Not Active) - (Size=78 MB) - (Type=DE)
Partition 2: (Active) - (Size=9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=532 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=391 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 96A0BD2A)
Partition 1: (Not Active) - (Size=736 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |