| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win32:Viknok-P [Cryp]Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.01.2014, 15:13
| #1 |
 | ![Win32:Viknok-P [Cryp] - Standard](images/icons/icon1.gif){kind=icon} Win32:Viknok-P [Cryp] Hallo Trojaner-Jäger! Mein avast! hat den o.g. Trojaner gefunden und gelöscht. Ich wollte nun wissen, was das für ein Schädling ist und was er macht. Unter google war nur 1 (!) Werbeeintrag zur Entfernung. Könnte jemand mich schlauer machen? Danke! Waldschratt5 |
|
27.01.2014, 15:40
| #2 |
| /// the machine /// TB-Ausbilder    | Win32:Viknok-P [Cryp] Hi,
__________________wo wurde er gefunden?
__________________ |
|
27.01.2014, 16:35
| #3 |
| | Win32:Viknok-P [Cryp] Mist, ich bin gerade im Büro und der T. wurde zu Hause gefunden.
__________________Ich melde mit heute Abend nochmals. Sorry, bis heute abend! Waldschratt5 Ok, bin wieder zuhause...! Gefunden wurde er auf: C:\Users\MeinName\AppData\Local\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286\Cache |
|
28.01.2014, 12:10
| #4 |
| /// the machine /// TB-Ausbilder | Win32:Viknok-P [Cryp] Im Firefox Cache, das is schonmal halb so wild. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.01.2014, 18:19
| #5 |
| | Win32:Viknok-P [Cryp] anbei die Dateien |
|
29.01.2014, 11:54
| #6 |
| /// the machine /// TB-Ausbilder | Win32:Viknok-P [Cryp] Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Win32:Viknok-P [Cryp] |
|
29.01.2014, 12:29
| #7 |
| | Win32:Viknok-P [Cryp] FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-01-2014 02
Ran by Waldmann (administrator) on WALDMANN-PC on 28-01-2014 18:07:02
Running from C:\Users\Waldmann\Documents\MAGIX\Video_easy_Retten_Sie_Ihre_Videokassetten_6\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Windows\System32\WTMKM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIJCE.EXE
(Improv Electronics) C:\Program Files (x86)\Improv Electronics\Virtual Desktop Companion\BoogieBoardRip.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe
() C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Program Files\ProgDVB\ProgDvbService.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
() C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
() C:\Windows\System32\atwtusb.exe
() C:\Windows\System32\atwtusb.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\Waldmann\AppData\Local\Google\Update\GoogleUpdate.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\Syswow64\CMICNFG3.dll [8151040 2010-04-27] (C-Media Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] - C:\Windows\system32\WTMKM.exe [10893312 2012-01-03] ()
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_MX\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-09-02] (IVT Corporation)
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [106344 2011-05-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-23] (AVAST Software)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Firefox] - C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568 2013-12-11] (Mozilla Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Boogie Board Rip] - C:\Program Files (x86)\Improv Electronics\Virtual Desktop Companion\BoogieBoardRip.exe [1002496 2012-09-04] (Improv Electronics)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
MountPoints2: D - D:\AutoRun\AutoRun.exe
MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {7d1c8674-c94d-11e2-8f65-001d7d01386f} - K:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk
ShortcutTarget: Dragon NaturallySpeaking.lnk -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe (Nuance Communications, Inc.)
Startup: C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC1159ADF4534CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.ixquick.com/deu/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKCU - DefaultScope {D762D0F5-A284-4FB8-866B-4D3665FD1CCE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9SRC
SearchScopes: HKCU - {D762D0F5-A284-4FB8-866B-4D3665FD1CCE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9SRC
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286
FF Homepage: https://ixquick.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Waldmann\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Waldmann\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ghostery - C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286\Extensions\firefox@ghostery.com.xpi [2014-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-12-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\EloFirefoxAddon.xpi [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (avast! Online Security) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-28]
CHR Extension: (Ghostery) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-01-26]
CHR Extension: (Google Mail) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-22]
==================== Services (Whitelisted) =================
S2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-29] (Conexant Systems, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2013-12-23] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [576512 2012-01-25] (Hauppauge Computer Works)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2014-01-26] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-17] (IObit)
R2 MySQL; C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe [9690112 2011-12-16] ()
R2 PaperOfficeMySQL; C:\Program Files (x86)\Realify PaperOffice\mysql\\Realify_PaperOffice.ini [1708 2013-01-12] ()
R2 ProgDVBService; C:\Program Files\ProgDVB\ProgDVBService.exe [60864 2012-01-13] ()
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-09-24] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [553800 2012-09-24] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [275272 2012-09-24] ()
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] ()
R2 WTService; C:\Windows\system32\atwtusb.exe [582144 2012-01-03] ()
S4 x; C:\Program Files (x86)\abylonsoft\SAKeySafe\SATCtrlSerX64.exe [551976 2011-09-09] ()
S2 HPSLPSVC; C:\Users\Waldmann\AppData\Local\Temp\7zS1CC4\hpslpsvc64.dll [x]
==================== Drivers (Whitelisted) ====================
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-09-02] (Conexant Systems Inc.)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-23] ()
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [36872 2009-06-17] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [20488 2009-06-17] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47880 2009-08-28] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24840 2009-08-26] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [34440 2009-08-26] ()
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2010-04-27] (C-Media Inc)
R3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-29] (Conexant Systems, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [23464 2008-12-09] (EldoS Corporation)
S3 hcwAVD2; C:\Windows\System32\drivers\HCWUSB264.sys [197632 2007-07-24] (Conexant Systems, Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-01-26] ()
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [30344 2009-08-26] (IVT Corporation.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PcaSp50; C:\Windows\SysWOW64\Drivers\PcaSp50.sys [52800 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
R3 S332x64; C:\Windows\System32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive )
S3 STCFUx64; C:\Windows\System32\DRIVERS\STCFUx64.SYS [10368 2008-11-13] (SCM Microsystems Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-08-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-08-04] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [17032 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [43912 2009-08-28] (IVT Corporation.)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-08-04] (Acronis International GmbH)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-29] (Conexant Systems, Inc.)
S0 BTHidEnum; System32\Drivers\vbtenum.sys [x]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [x]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-28 18:06 - 2014-01-28 18:06 - 00000000 ____D C:\FRST
2014-01-27 18:16 - 2014-01-27 18:16 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2014-01-27 18:02 - 2014-01-27 18:28 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2014-01-27 18:01 - 2014-01-27 18:01 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2014-01-26 14:43 - 2014-01-26 14:44 - 00000000 ____D C:\Program Files\iTunes
2014-01-26 14:43 - 2014-01-26 14:44 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-26 14:43 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iPod
2014-01-26 13:35 - 2014-01-26 13:35 - 00000000 ____D C:\Program Files (x86)\Artweaver Free 4
2014-01-26 13:02 - 2014-01-26 13:11 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-26 12:57 - 2014-01-26 14:47 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2014-01-26 12:57 - 2014-01-26 13:39 - 00564312 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-01-26 12:57 - 2014-01-26 13:39 - 00518480 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-01-26 12:57 - 2014-01-26 13:39 - 00017416 _____ C:\Windows\system32\Drivers\hmpalert.sys
2014-01-26 12:57 - 2014-01-26 12:57 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-22 17:35 - 2014-01-22 17:35 - 00000000 ____D C:\ProgramData\Protexis
2014-01-20 20:26 - 2014-01-27 19:00 - 00000000 ___HD C:\Users\Waldmann\Desktop\Automatisch beibehalten von Corel
2014-01-20 18:58 - 2014-01-20 18:58 - 00001026 _____ C:\Users\UpdatusUser\Desktop\Quimport.lnk
2014-01-20 18:57 - 2014-01-20 18:57 - 00003396 _____ C:\Windows\System32\Tasks\{B8E76BFE-0D55-438E-AD28-E4DEED26FC48}
2014-01-20 12:29 - 2014-01-20 12:29 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 12:29 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 12:29 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 12:29 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 12:29 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-19 11:29 - 2014-01-27 19:01 - 00000000 ____D C:\Users\Waldmann\AppData\Local\CrashDumps
2014-01-18 19:45 - 2014-01-18 19:45 - 00038400 _____ C:\Users\Waldmann\Documents\Bestätigung zu Ihrer Abonnementbestellung.msg
2014-01-18 19:41 - 2014-01-18 19:41 - 00032768 _____ C:\Users\Waldmann\Documents\Bestätigung Ihrer Zahlung an RegNow.msg
2014-01-17 21:25 - 2014-01-17 21:25 - 00001257 _____ C:\Users\Public\Desktop\PhoneClean.lnk
2014-01-17 21:25 - 2014-01-17 21:25 - 00000000 ____D C:\Program Files (x86)\iMobie
2014-01-17 21:22 - 2014-01-25 17:43 - 00000000 ____D C:\ProgramData\IObit
2014-01-17 21:22 - 2014-01-17 21:22 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-01-17 21:22 - 2014-01-17 21:22 - 00001271 _____ C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-17 21:22 - 2014-01-17 21:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\ProductData
2014-01-17 19:01 - 2014-01-17 19:01 - 00000000 ____D C:\Users\Waldmann\Desktop\Dateien von Edgars Iphone
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\iMobie
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Local\iMobie_Inc
2014-01-15 20:17 - 2014-01-15 20:25 - 00000000 ___RD C:\Users\Waldmann\Desktop\Höllein Lohnunterlagen
2014-01-15 15:47 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 15:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:47 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 12:58 - 2014-01-14 13:08 - 00000000 ____D C:\ProgramData\Protexis64
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\Documents\Corel PaintShop Pro
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel PaintShop Pro
2014-01-14 12:57 - 2014-01-14 12:57 - 00000000 ____D C:\Program Files\Common Files\Protexis
2014-01-14 12:56 - 2014-01-14 12:56 - 00001236 _____ C:\Users\Public\Desktop\Corel PaintShop Pro X6 (64-bit).lnk
2014-01-14 12:55 - 2014-01-14 12:55 - 00000000 ____D C:\Program Files\Corel
2014-01-01 21:20 - 2014-01-01 21:20 - 00002074 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-Bit.lnk
2014-01-01 13:03 - 2014-01-01 13:04 - 00000000 ____D C:\Users\Waldmann\Desktop\Sylvester 2013
2013-12-30 17:21 - 2013-12-30 17:21 - 00000000 ____D C:\Users\Public\Foxit Software
==================== One Month Modified Files and Folders =======
2014-01-28 18:08 - 2012-02-06 19:10 - 03384832 ___SH C:\Users\Waldmann\Desktop\Thumbs.db
2014-01-28 18:08 - 2011-11-06 13:11 - 00000000 ____D C:\Users\Waldmann\Documents\Outlook-Dateien
2014-01-28 18:07 - 2013-02-16 17:36 - 00000000 ____D C:\ProgramData\twonkyserver
2014-01-28 18:06 - 2014-01-28 18:06 - 00000000 ____D C:\FRST
2014-01-28 18:01 - 2012-10-12 16:14 - 00005100 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-01-28 18:01 - 2012-10-12 16:14 - 00000092 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-01-28 18:01 - 2011-10-09 14:52 - 01640650 _____ C:\Windows\WindowsUpdate.log
2014-01-28 18:01 - 2009-09-07 14:42 - 00000932 _____ C:\Windows\SysWOW64\bscs.ini
2014-01-28 17:53 - 2013-12-28 11:42 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-28 17:53 - 2012-10-09 11:53 - 00003830 _____ C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2014-01-28 17:52 - 2011-10-21 17:16 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Downloaded Installations
2014-01-28 17:48 - 2012-06-10 20:27 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000UA.job
2014-01-28 17:42 - 2012-04-01 19:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-28 12:22 - 2013-12-28 11:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-28 08:00 - 2012-11-02 20:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 08:00 - 2012-06-10 20:27 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000Core.job
2014-01-27 19:01 - 2014-01-19 11:29 - 00000000 ____D C:\Users\Waldmann\AppData\Local\CrashDumps
2014-01-27 19:00 - 2014-01-20 20:26 - 00000000 ___HD C:\Users\Waldmann\Desktop\Automatisch beibehalten von Corel
2014-01-27 18:30 - 2012-05-25 15:12 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2014-01-27 18:28 - 2014-01-27 18:02 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2014-01-27 18:16 - 2014-01-27 18:16 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2014-01-27 18:11 - 2011-04-12 08:43 - 00700358 _____ C:\Windows\system32\perfh007.dat
2014-01-27 18:11 - 2011-04-12 08:43 - 00149154 _____ C:\Windows\system32\perfc007.dat
2014-01-27 18:11 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 18:08 - 2013-06-13 11:32 - 00010006 _____ C:\Windows\setupact.log
2014-01-27 18:02 - 2011-12-25 22:29 - 00000000 ____D C:\Users\Waldmann\AppData\Local\TomTom
2014-01-27 18:01 - 2014-01-27 18:01 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2014-01-27 17:53 - 2011-10-21 16:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\apm
2014-01-27 16:49 - 2013-02-03 14:45 - 00000000 ____D C:\Users\Waldmann\Desktop\ELO scan
2014-01-27 16:26 - 2011-11-16 19:57 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2C033427-CB53-4FBD-9F43-42FCC0E9E66B}
2014-01-27 13:50 - 2011-11-01 11:03 - 00000000 ____D C:\Users\Waldmann\Desktop\Security
2014-01-26 15:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2014-01-26 15:07 - 2011-10-19 13:12 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Foxit Software
2014-01-26 15:07 - 2009-07-14 05:45 - 00027152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-26 15:07 - 2009-07-14 05:45 - 00027152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-26 15:03 - 2011-10-13 19:21 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Apple Computer
2014-01-26 15:03 - 2011-10-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-26 14:50 - 2012-12-10 13:30 - 00000000 ___RD C:\Users\Waldmann\Desktop\FAX
2014-01-26 14:50 - 2009-07-14 03:34 - 00000593 _____ C:\Windows\win.ini
2014-01-26 14:48 - 2013-08-22 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-26 14:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-26 14:47 - 2014-01-26 12:57 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2014-01-26 14:44 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iTunes
2014-01-26 14:44 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-26 14:44 - 2013-08-19 09:00 - 00001802 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 14:44 - 2012-09-15 11:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 14:43 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iPod
2014-01-26 14:33 - 2011-12-23 14:38 - 00000000 ___RD C:\Users\Waldmann\Desktop\E-Praxis
2014-01-26 14:33 - 2011-12-11 14:18 - 00000000 ____D C:\Users\Waldmann\Desktop\Edgar
2014-01-26 13:47 - 2012-09-16 15:05 - 00000000 ____D C:\Users\Waldmann\Desktop\Büro
2014-01-26 13:47 - 2011-10-09 16:12 - 00000000 ____D C:\Program Files (x86)\SeaMonkey
2014-01-26 13:39 - 2014-01-26 12:57 - 00564312 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-01-26 13:39 - 2014-01-26 12:57 - 00518480 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-01-26 13:39 - 2014-01-26 12:57 - 00017416 _____ C:\Windows\system32\Drivers\hmpalert.sys
2014-01-26 13:35 - 2014-01-26 13:35 - 00000000 ____D C:\Program Files (x86)\Artweaver Free 4
2014-01-26 13:35 - 2012-02-05 14:57 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Artweaver Free
2014-01-26 13:26 - 2011-10-13 19:19 - 00000000 ____D C:\ProgramData\Apple
2014-01-26 13:11 - 2014-01-26 13:02 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-26 12:57 - 2014-01-26 12:57 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-26 12:38 - 2012-04-01 19:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-26 12:38 - 2012-04-01 19:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-26 12:38 - 2011-10-25 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-26 12:06 - 2013-10-22 17:26 - 00026112 ___SH C:\Users\Waldmann\Thumbs.db
2014-01-26 12:06 - 2011-10-09 14:59 - 00000000 ____D C:\Users\Waldmann
2014-01-26 12:04 - 2013-12-28 21:35 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Mozilla Thunderbird
2014-01-26 11:59 - 2013-06-23 09:36 - 01211034 _____ C:\Windows\PFRO.log
2014-01-25 17:43 - 2014-01-17 21:22 - 00000000 ____D C:\ProgramData\IObit
2014-01-25 17:43 - 2013-12-25 13:00 - 00000000 ____D C:\ProgramData\ProductData
2014-01-25 17:30 - 2013-10-22 17:17 - 00002051 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-25 17:30 - 2013-10-22 17:17 - 00001991 _____ C:\Users\Waldmann\Desktop\avast! Internet Security.lnk
2014-01-25 17:29 - 2013-12-23 13:20 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-25 17:29 - 2012-11-02 20:07 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 17:29 - 2012-11-02 20:06 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 17:28 - 2013-03-06 08:03 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-22 17:35 - 2014-01-22 17:35 - 00000000 ____D C:\ProgramData\Protexis
2014-01-21 19:24 - 2013-02-10 15:01 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-21 19:24 - 2011-12-14 17:13 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-20 18:58 - 2014-01-20 18:58 - 00001026 _____ C:\Users\UpdatusUser\Desktop\Quimport.lnk
2014-01-20 18:57 - 2014-01-20 18:57 - 00003396 _____ C:\Windows\System32\Tasks\{B8E76BFE-0D55-438E-AD28-E4DEED26FC48}
2014-01-20 12:29 - 2014-01-20 12:29 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 12:29 - 2013-11-03 10:27 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 12:29 - 2011-10-09 17:02 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 10:05 - 2011-11-01 23:11 - 00002555 _____ C:\Users\Waldmann\AppData\Roaming\SAS7_000.DAT
2014-01-19 10:03 - 2012-10-12 16:17 - 00000259 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2014-01-18 19:45 - 2014-01-18 19:45 - 00038400 _____ C:\Users\Waldmann\Documents\Bestätigung zu Ihrer Abonnementbestellung.msg
2014-01-18 19:41 - 2014-01-18 19:41 - 00032768 _____ C:\Users\Waldmann\Documents\Bestätigung Ihrer Zahlung an RegNow.msg
2014-01-17 21:25 - 2014-01-17 21:25 - 00001257 _____ C:\Users\Public\Desktop\PhoneClean.lnk
2014-01-17 21:25 - 2014-01-17 21:25 - 00000000 ____D C:\Program Files (x86)\iMobie
2014-01-17 21:22 - 2014-01-17 21:22 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-01-17 21:22 - 2014-01-17 21:22 - 00001271 _____ C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-17 21:22 - 2014-01-17 21:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\ProductData
2014-01-17 19:01 - 2014-01-17 19:01 - 00000000 ____D C:\Users\Waldmann\Desktop\Dateien von Edgars Iphone
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\iMobie
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Local\iMobie_Inc
2014-01-15 20:45 - 2009-07-14 05:45 - 00762120 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:32 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:30 - 2011-10-10 12:04 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 20:25 - 2014-01-15 20:17 - 00000000 ___RD C:\Users\Waldmann\Desktop\Höllein Lohnunterlagen
2014-01-15 20:11 - 2013-02-02 15:45 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Elo
2014-01-15 16:36 - 2013-02-06 15:33 - 00000000 ____D C:\Program Files (x86)\ELOoffice
2014-01-15 16:36 - 2012-01-08 17:43 - 00000000 ____D C:\Users\Waldmann\Desktop\Finanzen
2014-01-14 19:26 - 2013-08-20 16:44 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel
2014-01-14 13:08 - 2014-01-14 12:58 - 00000000 ____D C:\ProgramData\Protexis64
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\Documents\Corel PaintShop Pro
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel PaintShop Pro
2014-01-14 12:58 - 2013-08-13 17:08 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Ulead Systems
2014-01-14 12:57 - 2014-01-14 12:57 - 00000000 ____D C:\Program Files\Common Files\Protexis
2014-01-14 12:56 - 2014-01-14 12:56 - 00001236 _____ C:\Users\Public\Desktop\Corel PaintShop Pro X6 (64-bit).lnk
2014-01-14 12:55 - 2014-01-14 12:55 - 00000000 ____D C:\Program Files\Corel
2014-01-14 12:55 - 2013-08-13 16:52 - 00000000 ____D C:\ProgramData\Corel
2014-01-14 12:53 - 2013-08-13 16:44 - 00000000 ____D C:\Program Files (x86)\Corel
2014-01-12 11:26 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-11 15:25 - 2013-09-13 19:05 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-06 16:03 - 2011-10-14 19:58 - 00000000 ____D C:\Users\Waldmann\Desktop\ScanSnap
2014-01-06 13:02 - 2012-05-13 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-04 19:21 - 2013-06-01 14:28 - 00000000 ____D C:\Users\Waldmann\Desktop\England Urlaub 2013 -alle Bilder-
2014-01-01 21:20 - 2014-01-01 21:20 - 00002074 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-Bit.lnk
2014-01-01 21:19 - 2011-11-01 18:38 - 00000000 ____D C:\Program Files\Adobe
2014-01-01 13:04 - 2014-01-01 13:03 - 00000000 ____D C:\Users\Waldmann\Desktop\Sylvester 2013
2014-01-01 12:46 - 2011-12-14 16:31 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-30 17:21 - 2013-12-30 17:21 - 00000000 ____D C:\Users\Public\Foxit Software
Files to move or delete:
====================
C:\Users\Waldmann\30593-8-CutOut-4-Pro.exe
C:\Users\Waldmann\ATIH2013PP_de-DE.exe
C:\Users\Waldmann\JavaSetup7u25.exe
C:\Users\Waldmann\Lightroom_5_LS11_win_5_2.exe
C:\Users\Waldmann\Setup (1).exe
C:\Users\Waldmann\TuneUpUtilities2014 (1).exe
C:\Users\Waldmann\TuneUpUtilities2014 (2).exe
C:\Users\Waldmann\TuneUpUtilities2014.exe
C:\Users\Waldmann\weprintwin.exe
Some content of TEMP:
====================
C:\Users\Waldmann\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Waldmann\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Waldmann\AppData\Local\Temp\System.Data.SQLite.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-22 15:36
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-01-2014 02
Ran by Waldmann at 2014-01-28 18:09:32
Running from C:\Users\Waldmann\Documents\MAGIX\Video_easy_Retten_Sie_Ihre_Videokassetten_6\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
123 Photo Version 2.0 (x32 Version: 2.0 - Harald Wittke)
7-Zip 9.21 (x32 Version: 9.21.00.0 - Igor Pavlov)
abylon KEYSAFE 9.30.5 (x32 Version: 9.30.5 - abylonsoft)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (x32 Version: 11.0.06 - Adobe Systems Incorporated)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
Anleitung für Epson Connect (x32 Version: - )
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Artweaver Free 3.0 (x32 Version: 3.0 - Boris Eyrich Software)
Artweaver Free 4 (x32 Version: 4.0 - Boris Eyrich Software)
Ashampoo Burning Studio 6 FREE v.6.83 (x32 Version: 6.8.3 - Ashampoo GmbH & Co. KG)
ASUS RT-AC66U Wireless Router Utilities (x32 Version: 4.2.6.0 - ASUS)
ATI AVIVO64 Codecs (Version: 11.6.0.50930 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (Version: 3.0.795.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (Version: 3.0.795.0 - ATI Technologies) Hidden
Audiograbber 1.83 SE (x32 Version: 1.83 SE - Audiograbber)
Audiograbber MP3-Plugin (x32 Version: 1.0 - AG)
avast! Internet Security (x32 Version: 9.0.2013 - Avast Software)
Avery Wizard 4.0 (x32 Version: 4.0.201 - Avery)
Bluesoleil 5.4.277.0 (Version: 5.4.277.0 - IVT Corporation)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Bonjour-Druckdienste (Version: 2.0.0.36 - Apple Inc.)
CardMinder V3.2 (x32 Version: V3.2L10 - PFU)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help English (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help French (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
CCleaner (Version: 3.27 - Piriform)
CDBurnerXP (Version: 4.3.8.2631 - CDBurnerXP)
CDBurnerXP (x32 Version: 4.5.2.4291 - CDBurnerXP)
C-Media PCI Audio Device (Version: - )
Corel MediaOne (x32 Version: 2.100.0000 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.1.0.48 - Corel Corporation)
Corel PaintShop Pro X6 (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
Cut Out pro 4.0 (Version: - Franzis.de)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden
CyberLink LabelPrint (x32 Version: 2.5.3620 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3620 - CyberLink Corp.) Hidden
CyberLink Power2Go (x32 Version: 6.1.4715 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.4715 - CyberLink Corp.) Hidden
CyberLink PowerProducer (x32 Version: 5.0.2.2820 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2820 - CyberLink Corp.) Hidden
Das Alte Ägypten (x32 Version: 1.00.0000 - NATIONAL GEOGRAPHIC)
Das Alte Ägypten (x32 Version: 1.00.0000 - NATIONAL GEOGRAPHIC) Hidden
DDBAC (x32 Version: 5.3.21 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
DHTML Editing Component (x32 Version: 6.02.0001 - Microsoft Corporation)
Dragon NaturallySpeaking 12 (x32 Version: 12.50.000 - Nuance Communications Inc.)
Driver Genius Professional Edition (x32 Version: 10.0 - Driver-Soft Inc.)
DVDFab 8.1.3.6 (01/12/2011) Qt (x32 Version: - Fengtao Software Inc.)
EC Software TNT Screen Capture 2.1 (x32 Version: - EC Software)
ELO Pdf Drucker (x32 Version: 6.0 - ELO Digital Office GmbH)
ELOoffice (x32 Version: 9.0 - ELO Digital Office GmbH)
EMDB 1.89 (x32 Version: - Wicked & Wild Inc.)
Epson Benutzerhandbuch XP-600 Series (x32 Version: - )
EPSON Copy Utility 3 (x32 Version: 3.3.0.0 - )
Epson Event Manager (x32 Version: 3.01.0005 - Seiko Epson Corporation)
Epson Netzwerkhandbuch XP-600 Series (x32 Version: - )
Epson Print CD (x32 Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Scan (x32 Version: - Seiko Epson Corporation)
EPSON XP-600 Series Printer Uninstall (Version: - SEIKO EPSON Corporation)
EpsonNet Print (x32 Version: 2.5.00 - SEIKO EPSON CORPORATION)
EVEREST Ultimate Edition v4.60 (x32 Version: 4.60 - Lavalys, Inc.)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.32.0 - MAGIX AG)
FirstClass® Client (x32 Version: 11.0 (build 11.017) - Open Text Corporation.)
FirstClass® Client (x32 Version: 9.0 (build 9.022) - FirstClass Division, Open Text Corporation.)
Foxit Reader (x32 Version: 6.1.2.1224 - Foxit Corporation)
Geogrid®-Viewer (x32 Version: 6.6.0.0000 - EADS Deutschland GmbH) Hidden
Google Chrome (HKCU Version: 28.0.1500.72 - Google Inc.)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Earth (x32 Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Guardian Of Data v2.2 (x32 Version: - ASCOMP Software GmbH)
Hamster Free Video Converter (x32 Version: 2.5.2.33 - Hamster Soft)
Hard Disk Low Level Format Tool 4.25 (x32 Version: - HDDGURU)
Hauppauge WinTV 7 (x32 Version: v7.0.30034 (CD 2.5) - Hauppauge Computer Works)
HDD-Booster v1.2 (x32 Version: - ASCOMP Software GmbH)
HitmanPro.Alert (Version: 2.0.10.45 - SurfRight B.V.)
HydraVision (x32 Version: 4.2.180.0 - ATI Technologies Inc.) Hidden
ICA (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
iMove ActiveX Control (x32 Version: - )
IObit Uninstaller (x32 Version: 3.1.7.2405 - IObit)
IPM_PSP_COM (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
IPM_PSP_COM64 (Version: 16.1.0.48 - Corel Corporation) Hidden
IrfanView (remove only) (x32 Version: 4.37 - Irfan Skiljan)
iTunes (Version: 11.1.4.62 - Apple Inc.)
IVC - Internet Video Converter HD 5.50 EN (x32 Version: 5.50 - IVCSOFT, Anh NGUYEN)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 39 (x32 Version: 6.0.390 - Oracle)
Kyocera Product Library (Version: 2.0.0713 - Kyocera Mita Corporation)
Lexware Info Service (x32 Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (x32 Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
Light Image Resizer 4.3.0.0 (x32 Version: 4.3.0.0 - ObviousIdea)
LightScribe System Software (x32 Version: 1.18.20.1 - LightScribe)
Live Update 5 (x32 Version: 5.0.109 - MSI)
LookInMyPC (x32 Version: - )
Macro Key Manager (Version: 4.14 - )
MAGIX Foto & Grafik Designer 7 (x32 Version: 7.1.2.17981 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 (x32 Version: 7.1.2.17981 - MAGIX AG) Hidden
MAGIX Foto Manager MX Deluxe (Version: 9.0.1.246 - MAGIX AG) Hidden
MAGIX Foto Manager MX Deluxe (x32 Version: 9.0.1.250 - MAGIX AG)
MAGIX Foto Manager MX Deluxe Update (Version: 9.0.2.256 - MAGIX AG) Hidden
MAGIX Goya burnR (MSI) (x32 Version: 4.3.2.0 - MAGIX AG)
MAGIX Music Maker MX (x32 Version: 18.0.1.11 - MAGIX AG)
MAGIX Music Maker MX (x32 Version: 18.0.1.11 - MAGIX AG) Hidden
MAGIX Screenshare (Version: 4.3.6.1987 - MAGIX AG) Hidden
MAGIX Screenshare (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (x32 Version: 2.0.1.9 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
MAGIX USB-Videowandler 2 (x32 Version: 1.03.0000 - Ihr Firmenname)
MAGIX Video deluxe MX (x32 Version: 11.0.3.0 - MAGIX AG)
MAGIX Video deluxe MX (x32 Version: 11.0.3.0 - MAGIX AG) Hidden
MAGIX Video easy Retten Sie Ihre Videokassetten 6 (Version: 4.0.0.82 - MAGIX AG) Hidden
MAGIX Video easy Retten Sie Ihre Videokassetten 6 (x32 Version: 4.0.0.82 - MAGIX AG)
MAGIX Web Designer 7 (x32 Version: 7.1.2.17916 - MAGIX AG)
MAGIX Web Designer 7 (x32 Version: 7.1.2.17916 - MAGIX AG) Hidden
MemoMaster 4 (x32 Version: 4 - JBSoftware)
MemoMaster 5 (x32 Version: 5.5.0.17 - JBSoftware)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 en-US) (x32 Version: 24.2.0 - Mozilla)
MP4 To MP3 Converter V3.0 (x32 Version: - hxxp://www.MP4ToMP3Converter.net)
MSI Afterburner 2.3.0 (x32 Version: 2.3.0 - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
MyDriveConnect 3.3.0.1342 (x32 Version: 3.3.0.1342 - TomTom)
MySQL Connector/ODBC 5.1 (Version: 5.1.10 - Oracle Corporation)
MySQL Server 5.5 (Version: 5.5.20 - Oracle Corporation)
NETGEAR Powerline Utility (x32 Version: 2.0.0.8 - Ihr Firmenname)
NETGEAR Powerline Utility (x32 Version: 2.0.0.8 - Ihr Firmenname) Hidden
NetObjects Fusion 11.0 (x32 Version: 11 German - )
NetObjects Fusion 12.0 (x32 Version: 12 German - NetObjects)
NetObjects Fusion 12.0 (x32 Version: 12.00.5000.5041 - NetObjects) Hidden
NVIDIA 3D Vision Controller-Treiber 306.97 (Version: 306.97 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0604 (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OSByPetzl (x32 Version: 2.5.983 - Petzl distribution)
OSByPetzl (x32 Version: 2.5.983 - Petzl distribution) Hidden
PaperOffice 2011 DIMS (x32 Version: 2011 DIMS - Realify)
PaperOffice 2011 DIMS Version 4 (x32 Version: 4 - Realify)
PaperOffice Core (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice Excel2010 Add-On (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice Outlook2010 Add-On (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice ScanConnect (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice ScreenCapture (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice VirtualPrinter (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice Word2010 Add-On (x32 Version: 1.0.0 - Realify Systems, Inc.) Hidden
PaperOffice.OutlookSearch.Setupx64 (Version: 1.0.0 - Default Company Name) Hidden
Pazera Free MP4 to AVI Converter 1.6 (x32 Version: 1.6 - Pazera Jacek)
PDF24 Creator 5.2.0 (x32 Version: - PDF24.org)
PhoneClean 3.2.0 (x32 Version: 3.2.0 - iMobie Inc.)
Polaroid Dust and Scratch Removal v1.0.0.15.2e (x32 Version: Polaroid Polaroid Dust and Scratch Removal v1.0.0.15.2e - Polaroid Corporation)
PowerDirector (x32 Version: 7.00.0000 - CyberLink Corp.) Hidden
ProgDVB (Version: 6.8x - Prog)
PSPPContent (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
PSPPHelp (x32 Version: 16.1.0.48 - Corel Corporation) Hidden
PSPPro64 (Version: 16.1.0.48 - Corel Corporation) Hidden
QNAP Finder (x32 Version: 3.4.3.0523 - QNAP Systems, Inc.)
QNAP NetBak Replicator (x32 Version: - )
Quicken 2014 (x32 Version: 21.36.00.0178 - Haufe-Lexware GmbH & Co.KG)
Quicken Import Export Server Jubiläumsversion (x32 Version: 20.30.00.0099 - Haufe-Lexware GmbH & Co.KG)
Quicken Jubiläumsversion (x32 Version: 20.36.00.0134 - Haufe-Lexware GmbH & Co.KG)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realify PaperOffice (x32 Version: 5230 - Realify Systems, Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.16.0 - Renesas Electronics Corporation) Hidden
Reveal 1.2 (x32 Version: - )
Revo Uninstaller 1.94 (x32 Version: 1.94 - VS Revo Group)
RocketDock 1.3.5 (x32 Version: - Punk Software)
Saal Design Software (x32 Version: 3.1.26 - SSW Software GmbH)
Saal Design Software (x32 Version: 3.1.26 - SSW Software GmbH) Hidden
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.)
Samsung AllShare (x32 Version: 2.1.0.12031_10 - Samsung Electronics Co., Ltd.) Hidden
ScanSnap Manager (x32 Version: V4.2L14 - PFU)
ScanSnap Organizer (x32 Version: 3.2.13.1 - PFU LIMITED) Hidden
ScanSnap Organizer (x32 Version: V3.2L15 - PFU)
SeaMonkey 2.23 (x86 de) (x32 Version: 2.23 - Mozilla)
Secunia PSI (3.0.0.9016) (x32 Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Servicepack Datumsaktualisierung (x32 Version: 1.00.00.0005 - Haufe-Lexware) Hidden
Setup (x32 Version: 16.1.0.48 - Ihr Firmenname) Hidden
SilverFast 8.0.1r13 (32bit) (x32 Version: 8.0.1r13 - LaserSoft Imaging AG)
SilverFast AFL-SE 6.6.2r5 (x32 Version: - LaserSoft Imaging AG)
SIW version 2011.09.16 (x32 Version: 2011.09.16 - Topala Software Solutions)
SmartScore X Songbook Edition (x32 Version: 10.1.1 - Musitek)
Sophos Free Encryption 2.40.0 (x32 Version: 2.40.0.9 - Sophos)
SPR532 SmartCard Reader V1.87 (x32 Version: 1.87 - SCM Microsystems Inc.)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0 - Magix Development GmbH)
TIPP10 Version 2.1.0 (x32 Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
TomTom HOME (x32 Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (x32 Version: 1.0.2 - TomTom International B.V.)
TopMapsViewer Bayern (x32 Version: 6.6.0.0000 - EADS Deutschland GmbH)
TreeSize Free V2.7 (x32 Version: 2.7 - JAM Software)
True Image 2013 (x32 Version: 16.0.6514 - Acronis) Hidden
True Image 2013 Plus Pack (x32 Version: 16.0.6514 - Acronis)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 10.0.4500.45 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2 - TuneUp Software) Hidden
Twonky Windows Components (x32 Version: 3.0.4 - PacketVideo)
TwonkyManager (x32 Version: 3.0.4 (58) - PacketVideo)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel)
Ulead PhotoImpact X3 (x32 Version: 1.00.0000 - Corel) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
USB ACF Modem (Version: 2.0.21.50 - Conexant)
USB Driver for Panasonic DVC (with Web Camera) (x32 Version: - )
Virtual Desktop Companion (x32 Version: 2.0.1 - Improv Electronics)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (Version: 11.0.0 - Nuance Communications Inc.)
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
==================== Restore Points =========================
15-01-2014 19:29:26 Windows Update
20-01-2014 11:28:25 Installed Java 7 Update 51
21-01-2014 12:43:47 Windows Update
25-01-2014 09:04:08 Windows Update
25-01-2014 16:27:45 avast! antivirus system restore point
25-01-2014 16:29:58 Gerätetreiber-Paketinstallation: Avast Netzwerkdienst
26-01-2014 14:02:43 Removed iCloud
27-01-2014 17:28:59 Installed TomTom HOME.
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {01164AAA-6ECB-422C-A0AD-88AC73A48B8A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {0E26FAB2-1E99-429E-B4ED-BA2B80F640E3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {0F0B2E92-F1E7-4791-9926-F5CE7790BA71} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {25EF93DA-CA4C-4F1D-990E-626628BC97A6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28] (Google Inc.)
Task: {265952ED-66D1-4823-837B-D749564983FF} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {29F0AA25-DCD8-4196-8CD1-856DEA232B56} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {38212132-F3AA-490C-9BF1-0B055387B6C8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {42A56287-0F3C-4AC5-A8C2-EBC16FE92C6B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-26] (Adobe Systems Incorporated)
Task: {4FA825F7-49EA-4201-B36A-1767F1D4D621} - System32\Tasks\{A3193B0B-0602-42A1-84CA-03F5DB9C1415} => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2010-11-15] (CyberLink Corp.)
Task: {524F99FC-1B4C-459E-9490-FFEC5EB8C2C5} - System32\Tasks\{C90F6733-B774-4D7C-8B7B-9AF565160B53} => C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe [2010-11-15] (CyberLink Corp.)
Task: {8358CD7B-7519-4268-AEAF-3653422511D0} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {85B04647-7A6C-4EDD-A376-F593595D0A8A} - System32\Tasks\Google Updater and Installer => C:\Users\Waldmann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10] (Google Inc.)
Task: {8FD65BF4-B98C-4970-9B1B-53593EEADE77} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [2011-07-31] (Haufe-Lexware GmbH & Co. KG)
Task: {B01B97C7-60C8-4D30-ABCC-8B40C76D396D} - System32\Tasks\{FB097542-21C2-4E1E-9277-B761910B43AA} => C:\Users\Waldmann\Desktop\RealifyPaperOffice2011setup.exe
Task: {C980C1E1-332F-4505-8961-E5615429A265} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {CB00DD13-FA6E-4B1D-8629-50D4E1D1B913} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {CD78004A-AAA1-45B6-B70E-C741D9A456EE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000UA => C:\Users\Waldmann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10] (Google Inc.)
Task: {D031D812-7736-4180-8D92-DEBA96ABB90B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-25] (AVAST Software)
Task: {D8F9E7DF-9C94-4F54-8AB6-FF913DF02F0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-28] (Google Inc.)
Task: {DCFEDCC3-32F3-45C1-A751-009CF93EA1AC} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-17] (IObit)
Task: {E3C4EF5A-5F8D-4573-A89C-6786722E83E9} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {EA627A73-F100-4D43-9F99-E74ECFFB823C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000Core => C:\Users\Waldmann\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000Core.job => C:\Users\Waldmann\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000UA.job => C:\Users\Waldmann\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-09-02 08:46 - 2009-09-02 08:46 - 00022016 _____ () C:\Windows\system32\BsTrace.dll
2008-03-07 12:54 - 2008-03-07 12:54 - 17892352 _____ () C:\Windows\system32\BsLangInDepRes.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 00009728 _____ () C:\Windows\system32\BsHelpCSps.dll
2009-09-02 08:46 - 2009-09-02 08:46 - 00044544 _____ () C:\Windows\system32\BlueSoleilCSps.dll
2014-01-26 12:27 - 2014-01-26 11:54 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012600\algo.dll
2014-01-28 12:22 - 2014-01-28 10:06 - 02166272 _____ () C:\Program Files\AVAST Software\Avast\defs\14012800\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-10-10 20:44 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2009-09-02 08:43 - 2009-09-02 08:43 - 00114808 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll
2009-09-02 08:48 - 2009-09-02 08:48 - 00144384 _____ () C:\Windows\system32\BsProfilefunc.dll
2012-02-05 21:16 - 2011-08-23 09:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2013-03-27 23:37 - 2013-03-27 23:37 - 13627872 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 12:43 - 2013-01-10 12:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-10-22 17:17 - 2013-10-22 17:17 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-10-14 19:51 - 2003-03-26 17:46 - 00135168 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsImgIO.dll
2011-10-14 19:51 - 2006-10-12 14:14 - 00036864 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuUpdater.dll
2011-10-14 19:51 - 2007-02-16 14:06 - 00045056 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuUpdater0407.dll
2011-10-14 19:51 - 2007-06-26 19:27 - 00167936 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\SSsltsa.dll
2011-10-14 19:51 - 2002-06-19 18:11 - 00102400 _____ () C:\Program Files (x86)\PFU\ScanSnap\Driver\F5bdpdib.dll
2012-09-24 14:02 - 2012-09-24 14:02 - 00176968 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\wmdrmdll.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2013-03-27 21:09 - 2013-03-27 21:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-11-29 10:29 - 2013-11-29 10:29 - 00026520 _____ () C:\Program Files (x86)\MyDrive Connect\DeviceDetection.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00082840 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterBase.dll
2013-11-29 10:28 - 2013-11-29 10:28 - 00344984 _____ () C:\Program Files (x86)\MyDrive Connect\TomTomSupporterProxy.dll
2013-12-11 13:28 - 2013-12-11 13:28 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2011-10-29 19:00 - 2011-10-24 09:44 - 01332488 _____ () C:\Program Files (x86)\EC Software\TNT Screen Capture\ECTNTCAP.DLL
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: Deskjet 6980 series
Description: Deskjet 6980 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet Pro 8500 A910
Description: Officejet Pro 8500 A910
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/28/2014 05:54:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8346
Error: (01/28/2014 05:54:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8346
Error: (01/28/2014 05:54:26 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/28/2014 05:54:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7347
Error: (01/28/2014 05:54:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7347
Error: (01/28/2014 05:54:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/28/2014 05:54:24 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6349
Error: (01/28/2014 05:54:24 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6349
Error: (01/28/2014 05:54:24 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/28/2014 05:54:23 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5350
System errors:
=============
Error: (01/28/2014 05:29:48 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (01/28/2014 00:22:22 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (01/28/2014 08:00:27 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (01/27/2014 07:01:19 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR16 gefunden.
Error: (01/27/2014 07:01:18 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR16 gefunden.
Error: (01/27/2014 07:01:18 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR16 gefunden.
Error: (01/27/2014 07:01:17 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR16 gefunden.
Error: (01/27/2014 06:59:50 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (01/27/2014 06:59:49 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
Error: (01/27/2014 06:59:46 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR14 gefunden.
Microsoft Office Sessions:
=========================
Error: (01/28/2014 05:54:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8346
Error: (01/28/2014 05:54:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8346
Error: (01/28/2014 05:54:26 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/28/2014 05:54:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7347
Error: (01/28/2014 05:54:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7347
Error: (01/28/2014 05:54:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/28/2014 05:54:24 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6349
Error: (01/28/2014 05:54:24 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6349
Error: (01/28/2014 05:54:24 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/28/2014 05:54:23 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5350
CodeIntegrity Errors:
===================================
Date: 2014-01-28 18:01:03.579
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 17:29:44.173
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 13:18:52.637
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 12:22:23.554
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-28 08:00:24.151
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 19:06:43.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 18:59:42.817
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 18:53:53.332
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 17:52:48.816
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-01-27 16:44:43.850
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 62%
Total physical RAM: 4094.49 MB
Available physical RAM: 1524.97 MB
Total Pagefile: 8187.16 MB
Available Pagefile: 4606.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (1. Festplatte 500GB) (Fixed) (Total:465.76 GB) (Free:252.61 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (2.Festplatte ) (Fixed) (Total:298.09 GB) (Free:86.76 GB) NTFS
Drive g: (Dock FP 1) (Fixed) (Total:1863.01 GB) (Free:1702.09 GB) NTFS
Drive h: (Dock FP 2) (Fixed) (Total:1863.01 GB) (Free:417.52 GB) NTFS
Drive i: (MY BOOK) (Fixed) (Total:465.65 GB) (Free:249.27 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9CD19CD1)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 298 GB) (Disk ID: DFBADFBA)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0D760311)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6DE05E0F)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
========================================================
Disk: 4 (Size: 466 GB) (Disk ID: 44FDFE06)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)
==================== End Of Log ============================
Wusste nicht wie das geht...! Sorry! Waldschratt5 |
|
29.01.2014, 17:38
| #8 |
| /// the machine /// TB-Ausbilder | Win32:Viknok-P [Cryp] Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.01.2014, 21:54
| #9 |
| | Win32:Viknok-P [Cryp] Malwarebytes: Quickscan oder vollständiger Scan? Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.29.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16476 Waldmann :: WALDMANN-PC [Administrator] 29.01.2014 20:33:13 mbam-log-2014-01-29 (20-33-13).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 244394 Laufzeit: 7 Minute(n), 39 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 3 HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 2 HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {B4488CD4-04CC-11E1-A925-001D7D01386F} -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: {B4488CD4-04CC-11E1-A925-001D7D01386F} -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 4 C:\Users\Waldmann\AppData\Local\DownloadGuide (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Local\DownloadGuide\Offers (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Roaming\OpenCandy\OpenCandy_A560BC1704C04B36AAEE595764650160 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 9 C:\Users\Waldmann\AppData\Local\DownloadGuide\Offers\hometab.exe (PUP.Optional.HomeTab.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Local\DownloadGuide\Offers\plus-hd-3-8.exe (PUP.Optional.CrossRider) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Launcher.exe (PUP.Optional.Simplytech) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Local\DownloadGuide\amazon.ico (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Local\DownloadGuide\emdb.zip (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Local\DownloadGuide\Offers\foxydeal.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Local\DownloadGuide\Offers\pricealarm.exe (PUP.Optional.DownloadGuide.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Roaming\OpenCandy\OpenCandy_A560BC1704C04B36AAEE595764650160\2343.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Waldmann\AppData\Roaming\OpenCandy\OpenCandy_A560BC1704C04B36AAEE595764650160\ds_DeDnCD_driverscanner.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.018 - Bericht erstellt am 29/01/2014 um 21:08:28
# Updated 28/01/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Waldmann - WALDMANN-PC
# Gestartet von : C:\Users\Waldmann\Documents\MAGIX\Video_easy_Retten_Sie_Ihre_Videokassetten_6\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\Uniblue\DriverScanner
Ordner Gelöscht : C:\Program Files (x86)\driver-soft
Ordner Gelöscht : C:\Users\Waldmann\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Waldmann\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Waldmann\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Waldmann\AppData\LocalLow\SimplyTech
Datei Gelöscht : C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_498495\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\pricegong_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_sleep-moon-xpress_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_sleep-moon-xpress_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_formatwandler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_formatwandler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_haihaisoft-universal-player_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_haihaisoft-universal-player_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_hamster-free-video-converter_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\powerpack
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\simplytech
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v26.0 (de)
[ Datei : C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286\prefs.js ]
[ Datei : C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_498495\prefs.js ]
-\\ Google Chrome v32.0.1700.102
[ Datei : C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5102 octets] - [29/01/2014 21:06:46]
AdwCleaner[S0].txt - [4764 octets] - [29/01/2014 21:08:28]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4824 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x64
Ran by Waldmann on 29.01.2014 at 21:28:38,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1982316411-69064254-2039899064-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Waldmann\AppData\Roaming\getrighttogo"
~~~ FireFox
Successfully deleted the following from C:\Users\Waldmann\AppData\Roaming\mozilla\firefox\profiles\iw9pxloa.default-1390740060286\prefs.js
user_pref("browser.startup.homepage", "hxxps://ixquick.de/");
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.01.2014 at 21:40:59,07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Waldmann (administrator) on WALDMANN-PC on 29-01-2014 21:48:05
Running from C:\Users\Waldmann\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Windows\System32\WTMKM.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIJCE.EXE
(Improv Electronics) C:\Program Files (x86)\Improv Electronics\Virtual Desktop Companion\BoogieBoardRip.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe
() C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
() C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Program Files\ProgDVB\ProgDvbService.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
() C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
() C:\Windows\System32\atwtusb.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
() C:\Windows\System32\atwtusb.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking12\dgnuiasvr.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking12\x64\dgnuiasvr_x64.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\dnsspserver.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Waldmann\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\Syswow64\CMICNFG3.dll [8151040 2010-04-27] (C-Media Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] - C:\Windows\system32\WTMKM.exe [10893312 2012-01-03] ()
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_MX\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-09-02] (IVT Corporation)
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [106344 2011-05-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-23] (AVAST Software)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Firefox] - C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568 2013-12-11] (Mozilla Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Boogie Board Rip] - C:\Program Files (x86)\Improv Electronics\Virtual Desktop Companion\BoogieBoardRip.exe [1002496 2012-09-04] (Improv Electronics)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
MountPoints2: D - D:\AutoRun\AutoRun.exe
MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {7d1c8674-c94d-11e2-8f65-001d7d01386f} - K:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk
ShortcutTarget: Dragon NaturallySpeaking.lnk -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe (Nuance Communications, Inc.)
Startup: C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC1159ADF4534CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKCU - {D762D0F5-A284-4FB8-866B-4D3665FD1CCE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9SRC
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Waldmann\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Waldmann\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ghostery - C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286\Extensions\firefox@ghostery.com.xpi [2014-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-12-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\EloFirefoxAddon.xpi [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (avast! Online Security) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-28]
CHR Extension: (Ghostery) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-01-26]
CHR Extension: (Google Mail) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-22]
==================== Services (Whitelisted) =================
S2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-29] (Conexant Systems, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2013-12-23] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [576512 2012-01-25] (Hauppauge Computer Works)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2014-01-26] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-17] (IObit)
R2 MySQL; C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe [9690112 2011-12-16] ()
R2 PaperOfficeMySQL; C:\Program Files (x86)\Realify PaperOffice\mysql\\Realify_PaperOffice.ini [1708 2013-01-12] ()
R2 ProgDVBService; C:\Program Files\ProgDVB\ProgDVBService.exe [60864 2012-01-13] ()
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-09-24] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [553800 2012-09-24] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [275272 2012-09-24] ()
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] ()
R2 WTService; C:\Windows\system32\atwtusb.exe [582144 2012-01-03] ()
S4 x; C:\Program Files (x86)\abylonsoft\SAKeySafe\SATCtrlSerX64.exe [551976 2011-09-09] ()
S2 HPSLPSVC; C:\Users\Waldmann\AppData\Local\Temp\7zS1CC4\hpslpsvc64.dll [x]
==================== Drivers (Whitelisted) ====================
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-09-02] (Conexant Systems Inc.)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-23] ()
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [36872 2009-06-17] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [20488 2009-06-17] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47880 2009-08-28] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24840 2009-08-26] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [34440 2009-08-26] ()
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2010-04-27] (C-Media Inc)
R3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-29] (Conexant Systems, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [23464 2008-12-09] (EldoS Corporation)
S3 hcwAVD2; C:\Windows\System32\drivers\HCWUSB264.sys [197632 2007-07-24] (Conexant Systems, Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-01-26] ()
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [30344 2009-08-26] (IVT Corporation.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PcaSp50; C:\Windows\SysWOW64\Drivers\PcaSp50.sys [52800 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
R3 S332x64; C:\Windows\System32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive )
S3 STCFUx64; C:\Windows\System32\DRIVERS\STCFUx64.SYS [10368 2008-11-13] (SCM Microsystems Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-08-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-08-04] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [17032 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [43912 2009-08-28] (IVT Corporation.)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-08-04] (Acronis International GmbH)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-29] (Conexant Systems, Inc.)
S0 BTHidEnum; System32\Drivers\vbtenum.sys [x]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [x]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-29 21:48 - 2014-01-29 21:48 - 00026644 _____ C:\Users\Waldmann\Desktop\FRST.txt
2014-01-29 21:47 - 2014-01-29 21:47 - 00000000 ____D C:\Users\Waldmann\Desktop\Neuer Ordner
2014-01-29 21:46 - 2014-01-29 21:46 - 02079744 _____ (Farbar) C:\Users\Waldmann\Desktop\FRST64(1).exe
2014-01-29 21:40 - 2014-01-29 21:40 - 00001659 _____ C:\Users\Waldmann\Desktop\JRT.txt
2014-01-29 21:25 - 2014-01-29 21:25 - 00000000 ____D C:\Windows\ERUNT
2014-01-29 21:22 - 2014-01-29 21:22 - 01037068 _____ (Thisisu) C:\Users\Waldmann\Desktop\JRT.exe
2014-01-29 21:21 - 2014-01-29 21:21 - 00004916 _____ C:\Users\Waldmann\Desktop\AdwCleaner[S0].txt
2014-01-29 21:06 - 2014-01-29 21:08 - 00000000 ____D C:\AdwCleaner
2014-01-29 20:22 - 2014-01-29 20:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00001128 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 20:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-29 08:20 - 2014-01-29 08:20 - 00170496 _____ C:\Users\Waldmann\Documents\KiÄ Flyer Bettendorf korr 2014.pub
2014-01-28 18:58 - 2014-01-28 18:59 - 00000000 ____D C:\Users\Waldmann\Desktop\Fotoordner
2014-01-28 18:06 - 2014-01-29 21:48 - 00000000 ____D C:\FRST
2014-01-27 18:16 - 2014-01-27 18:16 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2014-01-27 18:02 - 2014-01-27 18:28 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2014-01-27 18:01 - 2014-01-27 18:01 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2014-01-26 14:43 - 2014-01-26 14:44 - 00000000 ____D C:\Program Files\iTunes
2014-01-26 14:43 - 2014-01-26 14:44 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-26 14:43 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iPod
2014-01-26 13:35 - 2014-01-26 13:35 - 00000000 ____D C:\Program Files (x86)\Artweaver Free 4
2014-01-26 13:02 - 2014-01-26 13:11 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-26 12:57 - 2014-01-26 14:47 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2014-01-26 12:57 - 2014-01-26 13:39 - 00564312 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-01-26 12:57 - 2014-01-26 13:39 - 00518480 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-01-26 12:57 - 2014-01-26 13:39 - 00017416 _____ C:\Windows\system32\Drivers\hmpalert.sys
2014-01-26 12:57 - 2014-01-26 12:57 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-22 17:35 - 2014-01-22 17:35 - 00000000 ____D C:\ProgramData\Protexis
2014-01-20 18:58 - 2014-01-20 18:58 - 00001026 _____ C:\Users\UpdatusUser\Desktop\Quimport.lnk
2014-01-20 18:57 - 2014-01-20 18:57 - 00003396 _____ C:\Windows\System32\Tasks\{B8E76BFE-0D55-438E-AD28-E4DEED26FC48}
2014-01-20 12:29 - 2014-01-20 12:29 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 12:29 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 12:29 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 12:29 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 12:29 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-19 11:29 - 2014-01-28 19:05 - 00000000 ____D C:\Users\Waldmann\AppData\Local\CrashDumps
2014-01-18 19:45 - 2014-01-18 19:45 - 00038400 _____ C:\Users\Waldmann\Documents\Bestätigung zu Ihrer Abonnementbestellung.msg
2014-01-18 19:41 - 2014-01-18 19:41 - 00032768 _____ C:\Users\Waldmann\Documents\Bestätigung Ihrer Zahlung an RegNow.msg
2014-01-17 21:22 - 2014-01-25 17:43 - 00000000 ____D C:\ProgramData\IObit
2014-01-17 21:22 - 2014-01-17 21:22 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-01-17 21:22 - 2014-01-17 21:22 - 00001271 _____ C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-17 21:22 - 2014-01-17 21:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\ProductData
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\iMobie
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Local\iMobie_Inc
2014-01-15 20:17 - 2014-01-15 20:25 - 00000000 ___RD C:\Users\Waldmann\Desktop\Höllein Lohnunterlagen
2014-01-15 15:47 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 15:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:47 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 12:58 - 2014-01-14 13:08 - 00000000 ____D C:\ProgramData\Protexis64
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\Documents\Corel PaintShop Pro
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel PaintShop Pro
2014-01-14 12:57 - 2014-01-14 12:57 - 00000000 ____D C:\Program Files\Common Files\Protexis
2014-01-14 12:55 - 2014-01-14 12:55 - 00000000 ____D C:\Program Files\Corel
2014-01-01 21:20 - 2014-01-01 21:20 - 00002074 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-Bit.lnk
2013-12-30 17:21 - 2013-12-30 17:21 - 00000000 ____D C:\Users\Public\Foxit Software
==================== One Month Modified Files and Folders =======
2014-01-29 21:51 - 2014-01-29 21:48 - 00026644 _____ C:\Users\Waldmann\Desktop\FRST.txt
2014-01-29 21:51 - 2013-02-16 17:36 - 00000000 ____D C:\ProgramData\twonkyserver
2014-01-29 21:48 - 2014-01-28 18:06 - 00000000 ____D C:\FRST
2014-01-29 21:48 - 2012-06-10 20:27 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000UA.job
2014-01-29 21:48 - 2012-06-10 20:27 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000Core.job
2014-01-29 21:47 - 2014-01-29 21:47 - 00000000 ____D C:\Users\Waldmann\Desktop\Neuer Ordner
2014-01-29 21:46 - 2014-01-29 21:46 - 02079744 _____ (Farbar) C:\Users\Waldmann\Desktop\FRST64(1).exe
2014-01-29 21:44 - 2011-11-06 13:11 - 00000000 ____D C:\Users\Waldmann\Documents\Outlook-Dateien
2014-01-29 21:42 - 2012-04-01 19:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-29 21:40 - 2014-01-29 21:40 - 00001659 _____ C:\Users\Waldmann\Desktop\JRT.txt
2014-01-29 21:33 - 2009-07-14 05:45 - 00027152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-29 21:33 - 2009-07-14 05:45 - 00027152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-29 21:25 - 2014-01-29 21:25 - 00000000 ____D C:\Windows\ERUNT
2014-01-29 21:22 - 2014-01-29 21:22 - 01037068 _____ (Thisisu) C:\Users\Waldmann\Desktop\JRT.exe
2014-01-29 21:21 - 2014-01-29 21:21 - 00004916 _____ C:\Users\Waldmann\Desktop\AdwCleaner[S0].txt
2014-01-29 21:16 - 2012-10-12 16:14 - 00005100 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-01-29 21:16 - 2012-10-12 16:14 - 00000092 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-01-29 21:16 - 2011-10-09 14:52 - 01731652 _____ C:\Windows\WindowsUpdate.log
2014-01-29 21:16 - 2009-09-07 14:42 - 00000932 _____ C:\Windows\SysWOW64\bscs.ini
2014-01-29 21:14 - 2012-12-10 13:30 - 00000000 ___RD C:\Users\Waldmann\Desktop\FAX
2014-01-29 21:14 - 2009-07-14 03:34 - 00000593 _____ C:\Windows\win.ini
2014-01-29 21:12 - 2013-12-28 11:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-29 21:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-29 21:11 - 2013-08-22 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-29 21:11 - 2013-06-13 11:32 - 00010118 _____ C:\Windows\setupact.log
2014-01-29 21:08 - 2014-01-29 21:06 - 00000000 ____D C:\AdwCleaner
2014-01-29 21:08 - 2011-11-01 20:47 - 00000000 ____D C:\ProgramData\Uniblue
2014-01-29 20:52 - 2013-06-23 09:36 - 01216160 _____ C:\Windows\PFRO.log
2014-01-29 20:22 - 2014-01-29 20:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00001128 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 20:17 - 2013-12-28 11:42 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-29 17:48 - 2012-02-06 19:10 - 03396608 ___SH C:\Users\Waldmann\Desktop\Thumbs.db
2014-01-29 17:30 - 2011-11-16 19:57 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2C033427-CB53-4FBD-9F43-42FCC0E9E66B}
2014-01-29 08:20 - 2014-01-29 08:20 - 00170496 _____ C:\Users\Waldmann\Documents\KiÄ Flyer Bettendorf korr 2014.pub
2014-01-29 08:20 - 2011-12-23 14:38 - 00000000 ___RD C:\Users\Waldmann\Desktop\E-Praxis
2014-01-29 07:59 - 2012-11-02 20:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 21:20 - 2013-12-25 13:00 - 00000000 ____D C:\Program Files (x86)\IObit
2014-01-28 21:20 - 2013-02-16 15:09 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\IObit
2014-01-28 19:10 - 2011-11-01 11:03 - 00000000 ____D C:\Users\Waldmann\Desktop\Security
2014-01-28 19:05 - 2014-01-19 11:29 - 00000000 ____D C:\Users\Waldmann\AppData\Local\CrashDumps
2014-01-28 19:04 - 2013-02-03 14:45 - 00000000 ____D C:\Users\Waldmann\Desktop\ELO scan
2014-01-28 18:59 - 2014-01-28 18:58 - 00000000 ____D C:\Users\Waldmann\Desktop\Fotoordner
2014-01-28 18:55 - 2012-01-08 17:43 - 00000000 ____D C:\Users\Waldmann\Desktop\Finanzen
2014-01-28 18:54 - 2012-06-24 16:18 - 00000000 ___RD C:\Users\Waldmann\Desktop\Foto-Video-Bearbeitung
2014-01-28 18:54 - 2011-10-09 14:59 - 00000000 ____D C:\Users\Waldmann
2014-01-28 18:35 - 2011-10-21 16:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\apm
2014-01-28 17:53 - 2012-10-09 11:53 - 00003830 _____ C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2014-01-28 17:52 - 2011-10-21 17:16 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Downloaded Installations
2014-01-27 18:30 - 2012-05-25 15:12 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2014-01-27 18:28 - 2014-01-27 18:02 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2014-01-27 18:16 - 2014-01-27 18:16 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2014-01-27 18:11 - 2011-04-12 08:43 - 00700358 _____ C:\Windows\system32\perfh007.dat
2014-01-27 18:11 - 2011-04-12 08:43 - 00149154 _____ C:\Windows\system32\perfc007.dat
2014-01-27 18:11 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 18:02 - 2011-12-25 22:29 - 00000000 ____D C:\Users\Waldmann\AppData\Local\TomTom
2014-01-27 18:01 - 2014-01-27 18:01 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2014-01-26 15:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2014-01-26 15:07 - 2011-10-19 13:12 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Foxit Software
2014-01-26 15:03 - 2011-10-13 19:21 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Apple Computer
2014-01-26 15:03 - 2011-10-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-26 14:47 - 2014-01-26 12:57 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2014-01-26 14:44 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iTunes
2014-01-26 14:44 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-26 14:44 - 2013-08-19 09:00 - 00001802 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 14:44 - 2012-09-15 11:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 14:43 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iPod
2014-01-26 14:33 - 2011-12-11 14:18 - 00000000 ____D C:\Users\Waldmann\Desktop\Edgar
2014-01-26 13:47 - 2012-09-16 15:05 - 00000000 ____D C:\Users\Waldmann\Desktop\Büro
2014-01-26 13:47 - 2011-10-09 16:12 - 00000000 ____D C:\Program Files (x86)\SeaMonkey
2014-01-26 13:39 - 2014-01-26 12:57 - 00564312 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-01-26 13:39 - 2014-01-26 12:57 - 00518480 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-01-26 13:39 - 2014-01-26 12:57 - 00017416 _____ C:\Windows\system32\Drivers\hmpalert.sys
2014-01-26 13:35 - 2014-01-26 13:35 - 00000000 ____D C:\Program Files (x86)\Artweaver Free 4
2014-01-26 13:35 - 2012-02-05 14:57 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Artweaver Free
2014-01-26 13:26 - 2011-10-13 19:19 - 00000000 ____D C:\ProgramData\Apple
2014-01-26 13:11 - 2014-01-26 13:02 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-26 12:57 - 2014-01-26 12:57 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-26 12:38 - 2012-04-01 19:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-26 12:38 - 2012-04-01 19:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-26 12:38 - 2011-10-25 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-26 12:06 - 2013-10-22 17:26 - 00026112 ___SH C:\Users\Waldmann\Thumbs.db
2014-01-26 12:04 - 2013-12-28 21:35 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Mozilla Thunderbird
2014-01-25 17:43 - 2014-01-17 21:22 - 00000000 ____D C:\ProgramData\IObit
2014-01-25 17:43 - 2013-12-25 13:00 - 00000000 ____D C:\ProgramData\ProductData
2014-01-25 17:30 - 2013-10-22 17:17 - 00002051 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-25 17:29 - 2013-12-23 13:20 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-25 17:29 - 2012-11-02 20:07 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 17:29 - 2012-11-02 20:06 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 17:28 - 2013-03-06 08:03 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-22 17:35 - 2014-01-22 17:35 - 00000000 ____D C:\ProgramData\Protexis
2014-01-21 19:24 - 2013-02-10 15:01 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-21 19:24 - 2011-12-14 17:13 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-20 18:58 - 2014-01-20 18:58 - 00001026 _____ C:\Users\UpdatusUser\Desktop\Quimport.lnk
2014-01-20 18:57 - 2014-01-20 18:57 - 00003396 _____ C:\Windows\System32\Tasks\{B8E76BFE-0D55-438E-AD28-E4DEED26FC48}
2014-01-20 12:29 - 2014-01-20 12:29 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 12:29 - 2013-11-03 10:27 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 12:29 - 2011-10-09 17:02 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 10:05 - 2011-11-01 23:11 - 00002555 _____ C:\Users\Waldmann\AppData\Roaming\SAS7_000.DAT
2014-01-19 10:03 - 2012-10-12 16:17 - 00000259 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2014-01-18 19:45 - 2014-01-18 19:45 - 00038400 _____ C:\Users\Waldmann\Documents\Bestätigung zu Ihrer Abonnementbestellung.msg
2014-01-18 19:41 - 2014-01-18 19:41 - 00032768 _____ C:\Users\Waldmann\Documents\Bestätigung Ihrer Zahlung an RegNow.msg
2014-01-17 21:22 - 2014-01-17 21:22 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-01-17 21:22 - 2014-01-17 21:22 - 00001271 _____ C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-17 21:22 - 2014-01-17 21:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\ProductData
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\iMobie
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Local\iMobie_Inc
2014-01-15 20:45 - 2009-07-14 05:45 - 00762120 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:32 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:30 - 2011-10-10 12:04 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 20:25 - 2014-01-15 20:17 - 00000000 ___RD C:\Users\Waldmann\Desktop\Höllein Lohnunterlagen
2014-01-15 20:11 - 2013-02-02 15:45 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Elo
2014-01-15 16:36 - 2013-02-06 15:33 - 00000000 ____D C:\Program Files (x86)\ELOoffice
2014-01-14 19:26 - 2013-08-20 16:44 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel
2014-01-14 13:08 - 2014-01-14 12:58 - 00000000 ____D C:\ProgramData\Protexis64
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\Documents\Corel PaintShop Pro
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel PaintShop Pro
2014-01-14 12:58 - 2013-08-13 17:08 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Ulead Systems
2014-01-14 12:57 - 2014-01-14 12:57 - 00000000 ____D C:\Program Files\Common Files\Protexis
2014-01-14 12:55 - 2014-01-14 12:55 - 00000000 ____D C:\Program Files\Corel
2014-01-14 12:55 - 2013-08-13 16:52 - 00000000 ____D C:\ProgramData\Corel
2014-01-14 12:53 - 2013-08-13 16:44 - 00000000 ____D C:\Program Files (x86)\Corel
2014-01-12 11:26 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-11 15:25 - 2013-09-13 19:05 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-06 13:02 - 2012-05-13 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-01 21:20 - 2014-01-01 21:20 - 00002074 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-Bit.lnk
2014-01-01 21:19 - 2011-11-01 18:38 - 00000000 ____D C:\Program Files\Adobe
2014-01-01 12:46 - 2011-12-14 16:31 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-30 17:21 - 2013-12-30 17:21 - 00000000 ____D C:\Users\Public\Foxit Software
Files to move or delete:
====================
C:\Users\Waldmann\30593-8-CutOut-4-Pro.exe
C:\Users\Waldmann\ATIH2013PP_de-DE.exe
C:\Users\Waldmann\JavaSetup7u25.exe
C:\Users\Waldmann\Lightroom_5_LS11_win_5_2.exe
C:\Users\Waldmann\Setup (1).exe
C:\Users\Waldmann\TuneUpUtilities2014 (1).exe
C:\Users\Waldmann\TuneUpUtilities2014 (2).exe
C:\Users\Waldmann\TuneUpUtilities2014.exe
C:\Users\Waldmann\weprintwin.exe
Some content of TEMP:
====================
C:\Users\Waldmann\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Waldmann\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Waldmann\AppData\Local\Temp\System.Data.SQLite.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-22 15:36
==================== End Of Log ============================
--- --- --- |
|
30.01.2014, 16:38
| #10 |
| /// the machine /// TB-Ausbilder | Win32:Viknok-P [Cryp]ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.01.2014, 08:09
| #11 |
| | Win32:Viknok-P [Cryp] Nach ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7d0a7ed23ff7984ba84af27114c6fbcd
# engine=16868
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-31 01:15:17
# local_time=2014-01-31 02:15:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=772 16777213 83 82 400457 8672286 0 0
# compatibility_mode=5893 16776573 100 94 97448 142760767 0 0
# scanned=814906
# found=2
# cleaned=0
# scan_time=31931
sh=174B4984C45177B554D25F8999F44DF5CA771E8C ft=1 fh=de76e9361c4ed4f9 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll.vir"
sh=AA53CE77D46B7B738B368EC9444835486148F3E5 ft=1 fh=4899f97d0b55b130 vn="a variant of Win32/AdWare.iBryte.O.gen application" ac=I fn="C:\Users\Waldmann\Documents\MAGIX\Video_easy_Retten_Sie_Ihre_Videokassetten_6\Downloads\Groovestream.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Internet Security Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Secunia PSI (3.0.0.9016) Malwarebytes Anti-Malware Version 1.75.0.1300 TuneUp Utilities 2014 TuneUp Utilities Language Pack (de-DE) TuneUp Utilities 2014 (de-DE) TuneUp Utilities Language Pack (de-DE) TuneUp Utilities 2014 Java(TM) 6 Update 39 Java 7 Update 51 Adobe Flash Player 12.0.0.43 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (26.0) Mozilla Thunderbird (24.2.0) Google Chrome 32.0.1700.102 Google Chrome 32.0.1700.76 ````````Process Check: objlist.exe by Laurent```````` AVAST Software Avast AvastSvc.exe AVAST Software Avast afwServ.exe AVAST Software Avast AvastUI.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Waldmann (administrator) on WALDMANN-PC on 31-01-2014 08:04:49
Running from C:\Users\Waldmann\Desktop\Security\MalWare Jäger Programme
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
() C:\Windows\System32\WTMKM.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIJCE.EXE
(Improv Electronics) C:\Program Files (x86)\Improv Electronics\Virtual Desktop Companion\BoogieBoardRip.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(PFU LIMITED) C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
() C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe
() C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
() C:\Program Files\ProgDVB\ProgDvbService.exe
() C:\Windows\SysWOW64\PSIService.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe
() C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe
() C:\Windows\System32\atwtusb.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
() C:\Windows\System32\atwtusb.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
() C:\Users\Waldmann\Desktop\SecurityCheck.exe
(Farbar) C:\Users\Waldmann\Desktop\Security\MalWare Jäger Programme\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [CmPCIaudio] - C:\Windows\Syswow64\CMICNFG3.dll [8151040 2010-04-27] (C-Media Corporation)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [MacrokeyManager] - C:\Windows\system32\WTMKM.exe [10893312 2012-01-03] ()
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [517912 2013-02-15] (Acronis)
HKLM-x32\...\Run: [TrayServer] - C:\Program Files (x86)\MAGIX\Video_deluxe_MX\TrayServer_de.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [UpdatePPShortCut] - C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [315478 2009-09-02] (IVT Corporation)
HKLM-x32\...\Run: [AllShareAgent] - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe [285072 2012-03-01] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [106344 2011-05-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6405376 2013-03-27] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3764024 2013-12-23] (AVAST Software)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\2c24793c-c162-4704-82a4-6b3100c25c8d.exe /check [181136 2014-01-30] (AVAST Software)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKCU\...\Run: [RocketDock] - C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKCU\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Firefox] - C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568 2013-12-11] (Mozilla Corporation)
HKCU\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIJCE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [Boogie Board Rip] - C:\Program Files (x86)\Improv Electronics\Virtual Desktop Companion\BoogieBoardRip.exe [1002496 2012-09-04] (Improv Electronics)
HKCU\...\Run: [MyDriveConnect.exe] - C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe [473496 2013-11-29] (TomTom)
HKCU\...\Run: [TomTomHOME.exe] - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKCU\...\Policies\system: [DisableClock] 0
HKCU\...\Policies\Explorer: [NoNetworkConnections] 0
HKCU\...\Policies\Explorer: [NoChangeStartMenu] 0
HKCU\...\Policies\Explorer: [NoCommonGroups] 0
HKCU\...\Policies\Explorer: [NoSaveSettings] 0
MountPoints2: D - D:\AutoRun\AutoRun.exe
MountPoints2: K - K:\HTC_Sync_Manager_PC.exe
MountPoints2: {7d1c8674-c94d-11e2-8f65-001d7d01386f} - K:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dragon NaturallySpeaking.lnk
ShortcutTarget: Dragon NaturallySpeaking.lnk -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\natspeak.exe (Nuance Communications, Inc.)
Startup: C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC1159ADF4534CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKCU - {D762D0F5-A284-4FB8-866B-4D3665FD1CCE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9SRC
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Dragon NaturallySpeaking Rich Internet Application Support - Extension - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ieShim.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - No Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWOW64\skype4com.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286
FF Homepage: https://ixquick.de/deu/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin - C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Waldmann\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Waldmann\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ghostery - C:\Users\Waldmann\AppData\Roaming\Mozilla\Firefox\Profiles\iw9pxloa.default-1390740060286\Extensions\firefox@ghostery.com.xpi [2014-01-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013-12-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} [2013-12-11]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\EloFirefoxAddon.xpi [2013-12-11]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: No Name - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-02]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-28]
CHR Extension: (Google Drive) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-28]
CHR Extension: (YouTube) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-28]
CHR Extension: (avast! Online Security) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-28]
CHR Extension: (Ghostery) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-01-26]
CHR Extension: (Google Mail) - C:\Users\Waldmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-22]
==================== Services (Whitelisted) =================
S2 AcfXAudioService; C:\Windows\SysWOW64\ACFXAU64.dll [436736 2009-04-29] (Conexant Systems, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-12-23] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2013-12-23] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [1466476 2009-09-02] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2009-09-02] (IVT Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [576512 2012-01-25] (Hauppauge Computer Works)
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [1830768 2014-01-26] (SurfRight B.V.)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-17] (IObit)
R2 MySQL; C:\Program Files (x86)\Realify PaperOffice\mysql\bin\mysqld.exe [9690112 2011-12-16] ()
R2 PaperOfficeMySQL; C:\Program Files (x86)\Realify PaperOffice\mysql\\Realify_PaperOffice.ini [1708 2013-01-12] ()
R2 ProgDVBService; C:\Program Files\ProgDVB\ProgDVBService.exe [60864 2012-01-13] ()
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-09-24] ()
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [553800 2012-09-24] (PacketVideo)
R2 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [275272 2012-09-24] ()
R2 UsbService; C:\Program Files (x86)\ASUS\Printer Utilities\UsbService64.exe [334848 2010-08-10] ()
R2 WTService; C:\Windows\system32\atwtusb.exe [582144 2012-01-03] ()
S4 x; C:\Program Files (x86)\abylonsoft\SAKeySafe\SATCtrlSerX64.exe [551976 2011-09-09] ()
S2 HPSLPSVC; C:\Users\Waldmann\AppData\Local\Temp\7zS1CC4\hpslpsvc64.dll [x]
==================== Drivers (Whitelisted) ====================
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-09-02] (Conexant Systems Inc.)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2013-10-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-25] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [440672 2014-01-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-22] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-22] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-25] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-01-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2013-12-23] ()
S3 BlueletAudio; C:\Windows\System32\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletAudio; C:\Windows\SysWOW64\DRIVERS\blueletaudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BlueletSCOAudio; C:\Windows\System32\DRIVERS\BlueletSCOAudio.sys [36872 2009-06-17] (IVT Corporation.)
R3 BT; C:\Windows\System32\DRIVERS\btnetdrv.sys [20488 2009-06-17] (IVT Corporation.)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47880 2009-08-28] (IVT Corporation.)
R0 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [24840 2009-08-26] (IVT Corporation.)
R3 btnetBUs; C:\Windows\System32\Drivers\btnetBus.sys [34440 2009-08-26] ()
R3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1155072 2010-04-27] (C-Media Inc)
R3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-29] (Conexant Systems, Inc.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [23464 2008-12-09] (EldoS Corporation)
S3 hcwAVD2; C:\Windows\System32\drivers\HCWUSB264.sys [197632 2007-07-24] (Conexant Systems, Inc.)
R2 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [17416 2014-01-26] ()
R3 IvtBtBUs; C:\Windows\System32\Drivers\IvtBtBus.sys [30344 2009-08-26] (IVT Corporation.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
R3 MODEMCSA; C:\Windows\System32\drivers\MODEMCSA.sys [24064 2009-07-14] (Microsoft Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 PcaSp50; C:\Windows\System32\Drivers\PcaSp50.sys [45624 2009-08-24] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PcaSp50; C:\Windows\SysWOW64\Drivers\PcaSp50.sys [52800 2006-11-28] (Printing Communications Assoc., Inc. (PCAUSA))
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
R3 S332x64; C:\Windows\System32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive )
S3 STCFUx64; C:\Windows\System32\DRIVERS\STCFUx64.SYS [10368 2008-11-13] (SCM Microsystems Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-08-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-08-04] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)
R3 VComm; C:\Windows\System32\DRIVERS\VComm.sys [17032 2009-08-26] (IVT Corporation.)
R3 VcommMgr; C:\Windows\System32\Drivers\VcommMgr.sys [43912 2009-08-28] (IVT Corporation.)
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-08-04] (Acronis International GmbH)
R3 vuhub; C:\Windows\System32\DRIVERS\vuhub.sys [47616 2007-12-17] ()
R2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-29] (Conexant Systems, Inc.)
S0 BTHidEnum; System32\Drivers\vbtenum.sys [x]
S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [x]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-31 07:27 - 2014-01-31 07:27 - 00987425 _____ C:\Users\Waldmann\Desktop\SecurityCheck.exe
2014-01-30 17:17 - 2014-01-30 17:17 - 02347384 _____ (ESET) C:\Users\Waldmann\Desktop\esetsmartinstaller_enu.exe
2014-01-29 21:52 - 2014-01-29 21:52 - 00047322 _____ C:\Users\Waldmann\Desktop\FRST 2.txt
2014-01-29 21:48 - 2014-01-29 21:52 - 00047322 _____ C:\Users\Waldmann\Desktop\FRST.txt
2014-01-29 21:47 - 2014-01-29 21:47 - 00000000 ____D C:\Users\Waldmann\Desktop\Neuer Ordner
2014-01-29 21:40 - 2014-01-29 21:40 - 00001659 _____ C:\Users\Waldmann\Desktop\JRT.txt
2014-01-29 21:25 - 2014-01-29 21:25 - 00000000 ____D C:\Windows\ERUNT
2014-01-29 21:21 - 2014-01-29 21:21 - 00004916 _____ C:\Users\Waldmann\Desktop\AdwCleaner[S0].txt
2014-01-29 21:06 - 2014-01-29 21:08 - 00000000 ____D C:\AdwCleaner
2014-01-29 20:22 - 2014-01-29 20:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 20:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-29 08:20 - 2014-01-29 08:20 - 00170496 _____ C:\Users\Waldmann\Documents\KiÄ Flyer Bettendorf korr 2014.pub
2014-01-28 18:58 - 2014-01-28 18:59 - 00000000 ____D C:\Users\Waldmann\Desktop\Fotoordner
2014-01-28 18:06 - 2014-01-31 08:04 - 00000000 ____D C:\FRST
2014-01-27 18:16 - 2014-01-27 18:16 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2014-01-27 18:02 - 2014-01-27 18:28 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2014-01-27 18:01 - 2014-01-27 18:01 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2014-01-26 14:43 - 2014-01-26 14:44 - 00000000 ____D C:\Program Files\iTunes
2014-01-26 14:43 - 2014-01-26 14:44 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-26 14:43 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iPod
2014-01-26 13:35 - 2014-01-26 13:35 - 00000000 ____D C:\Program Files (x86)\Artweaver Free 4
2014-01-26 13:02 - 2014-01-26 13:11 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-26 12:57 - 2014-01-26 14:47 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2014-01-26 12:57 - 2014-01-26 13:39 - 00564312 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-01-26 12:57 - 2014-01-26 13:39 - 00518480 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-01-26 12:57 - 2014-01-26 13:39 - 00017416 _____ C:\Windows\system32\Drivers\hmpalert.sys
2014-01-26 12:57 - 2014-01-26 12:57 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-22 17:35 - 2014-01-22 17:35 - 00000000 ____D C:\ProgramData\Protexis
2014-01-20 18:58 - 2014-01-20 18:58 - 00001026 _____ C:\Users\UpdatusUser\Desktop\Quimport.lnk
2014-01-20 18:57 - 2014-01-20 18:57 - 00003396 _____ C:\Windows\System32\Tasks\{B8E76BFE-0D55-438E-AD28-E4DEED26FC48}
2014-01-20 12:29 - 2014-01-20 12:29 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 12:29 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-20 12:29 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-20 12:29 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-20 12:29 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-19 11:29 - 2014-01-28 19:05 - 00000000 ____D C:\Users\Waldmann\AppData\Local\CrashDumps
2014-01-18 19:45 - 2014-01-18 19:45 - 00038400 _____ C:\Users\Waldmann\Documents\Bestätigung zu Ihrer Abonnementbestellung.msg
2014-01-18 19:41 - 2014-01-18 19:41 - 00032768 _____ C:\Users\Waldmann\Documents\Bestätigung Ihrer Zahlung an RegNow.msg
2014-01-17 21:22 - 2014-01-25 17:43 - 00000000 ____D C:\ProgramData\IObit
2014-01-17 21:22 - 2014-01-17 21:22 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-01-17 21:22 - 2014-01-17 21:22 - 00001271 _____ C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-17 21:22 - 2014-01-17 21:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\ProductData
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\iMobie
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Local\iMobie_Inc
2014-01-15 20:17 - 2014-01-15 20:25 - 00000000 ___RD C:\Users\Waldmann\Desktop\Höllein Lohnunterlagen
2014-01-15 15:47 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 15:47 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 15:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 15:47 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-14 12:58 - 2014-01-14 13:08 - 00000000 ____D C:\ProgramData\Protexis64
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\Documents\Corel PaintShop Pro
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel PaintShop Pro
2014-01-14 12:57 - 2014-01-14 12:57 - 00000000 ____D C:\Program Files\Common Files\Protexis
2014-01-14 12:55 - 2014-01-14 12:55 - 00000000 ____D C:\Program Files\Corel
2014-01-01 21:20 - 2014-01-01 21:20 - 00002074 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-Bit.lnk
==================== One Month Modified Files and Folders =======
2014-01-31 08:04 - 2014-01-28 18:06 - 00000000 ____D C:\FRST
2014-01-31 08:01 - 2011-11-06 13:11 - 00000000 ____D C:\Users\Waldmann\Documents\Outlook-Dateien
2014-01-31 07:53 - 2013-12-28 11:42 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-31 07:48 - 2012-06-10 20:27 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000UA.job
2014-01-31 07:42 - 2012-04-01 19:32 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 07:27 - 2014-01-31 07:27 - 00987425 _____ C:\Users\Waldmann\Desktop\SecurityCheck.exe
2014-01-30 23:20 - 2013-02-16 17:36 - 00000000 ____D C:\ProgramData\twonkyserver
2014-01-30 21:48 - 2012-06-10 20:27 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1982316411-69064254-2039899064-1000Core.job
2014-01-30 20:53 - 2012-10-12 16:14 - 00005093 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-01-30 20:53 - 2012-10-12 16:14 - 00000092 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-01-30 20:53 - 2009-09-07 14:42 - 00000932 _____ C:\Windows\SysWOW64\bscs.ini
2014-01-30 19:00 - 2011-11-16 19:57 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2C033427-CB53-4FBD-9F43-42FCC0E9E66B}
2014-01-30 17:18 - 2009-07-14 05:45 - 00027152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-30 17:18 - 2009-07-14 05:45 - 00027152 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-30 17:17 - 2014-01-30 17:17 - 02347384 _____ (ESET) C:\Users\Waldmann\Desktop\esetsmartinstaller_enu.exe
2014-01-30 17:09 - 2013-02-03 14:45 - 00000000 ____D C:\Users\Waldmann\Desktop\ELO scan
2014-01-30 17:09 - 2011-10-09 14:52 - 01811132 _____ C:\Windows\WindowsUpdate.log
2014-01-30 17:03 - 2012-12-10 13:30 - 00000000 ___RD C:\Users\Waldmann\Desktop\FAX
2014-01-30 17:03 - 2009-07-14 03:34 - 00000593 _____ C:\Windows\win.ini
2014-01-30 17:01 - 2013-12-28 11:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 17:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-30 17:00 - 2013-08-22 16:23 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-30 17:00 - 2013-06-13 11:32 - 00010230 _____ C:\Windows\setupact.log
2014-01-29 22:01 - 2011-11-01 11:03 - 00000000 ____D C:\Users\Waldmann\Desktop\Security
2014-01-29 21:56 - 2011-10-09 14:59 - 00000000 ____D C:\Users\Waldmann
2014-01-29 21:52 - 2014-01-29 21:52 - 00047322 _____ C:\Users\Waldmann\Desktop\FRST 2.txt
2014-01-29 21:52 - 2014-01-29 21:48 - 00047322 _____ C:\Users\Waldmann\Desktop\FRST.txt
2014-01-29 21:47 - 2014-01-29 21:47 - 00000000 ____D C:\Users\Waldmann\Desktop\Neuer Ordner
2014-01-29 21:40 - 2014-01-29 21:40 - 00001659 _____ C:\Users\Waldmann\Desktop\JRT.txt
2014-01-29 21:25 - 2014-01-29 21:25 - 00000000 ____D C:\Windows\ERUNT
2014-01-29 21:21 - 2014-01-29 21:21 - 00004916 _____ C:\Users\Waldmann\Desktop\AdwCleaner[S0].txt
2014-01-29 21:08 - 2014-01-29 21:06 - 00000000 ____D C:\AdwCleaner
2014-01-29 21:08 - 2011-11-01 20:47 - 00000000 ____D C:\ProgramData\Uniblue
2014-01-29 20:52 - 2013-06-23 09:36 - 01216160 _____ C:\Windows\PFRO.log
2014-01-29 20:22 - 2014-01-29 20:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-29 20:21 - 2014-01-29 20:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 17:48 - 2012-02-06 19:10 - 03396608 ___SH C:\Users\Waldmann\Desktop\Thumbs.db
2014-01-29 08:20 - 2014-01-29 08:20 - 00170496 _____ C:\Users\Waldmann\Documents\KiÄ Flyer Bettendorf korr 2014.pub
2014-01-29 08:20 - 2011-12-23 14:38 - 00000000 ___RD C:\Users\Waldmann\Desktop\E-Praxis
2014-01-29 07:59 - 2012-11-02 20:06 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-28 21:20 - 2013-12-25 13:00 - 00000000 ____D C:\Program Files (x86)\IObit
2014-01-28 21:20 - 2013-02-16 15:09 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\IObit
2014-01-28 19:05 - 2014-01-19 11:29 - 00000000 ____D C:\Users\Waldmann\AppData\Local\CrashDumps
2014-01-28 18:59 - 2014-01-28 18:58 - 00000000 ____D C:\Users\Waldmann\Desktop\Fotoordner
2014-01-28 18:55 - 2012-01-08 17:43 - 00000000 ____D C:\Users\Waldmann\Desktop\Finanzen
2014-01-28 18:54 - 2012-06-24 16:18 - 00000000 ___RD C:\Users\Waldmann\Desktop\Foto-Video-Bearbeitung
2014-01-28 18:35 - 2011-10-21 16:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\apm
2014-01-28 17:53 - 2012-10-09 11:53 - 00003830 _____ C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2014-01-28 17:52 - 2011-10-21 17:16 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Downloaded Installations
2014-01-27 18:30 - 2012-05-25 15:12 - 00000000 ____D C:\Program Files (x86)\TomTom HOME 2
2014-01-27 18:28 - 2014-01-27 18:02 - 00000000 ____D C:\Program Files (x86)\TomTom International B.V
2014-01-27 18:16 - 2014-01-27 18:16 - 00000000 ____D C:\Program Files (x86)\TomTom DesktopSuite
2014-01-27 18:11 - 2011-04-12 08:43 - 00700358 _____ C:\Windows\system32\perfh007.dat
2014-01-27 18:11 - 2011-04-12 08:43 - 00149154 _____ C:\Windows\system32\perfc007.dat
2014-01-27 18:11 - 2009-07-14 06:13 - 01622012 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-27 18:02 - 2011-12-25 22:29 - 00000000 ____D C:\Users\Waldmann\AppData\Local\TomTom
2014-01-27 18:01 - 2014-01-27 18:01 - 00000000 ____D C:\Program Files (x86)\MyDrive Connect
2014-01-26 15:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2014-01-26 15:07 - 2011-10-19 13:12 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Foxit Software
2014-01-26 15:03 - 2011-10-13 19:21 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Apple Computer
2014-01-26 15:03 - 2011-10-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2014-01-26 14:47 - 2014-01-26 12:57 - 00000000 ____D C:\Program Files (x86)\HitmanPro.Alert
2014-01-26 14:44 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iTunes
2014-01-26 14:44 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-01-26 14:44 - 2013-08-19 09:00 - 00001802 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 14:44 - 2012-09-15 11:33 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 14:43 - 2014-01-26 14:43 - 00000000 ____D C:\Program Files\iPod
2014-01-26 14:33 - 2011-12-11 14:18 - 00000000 ____D C:\Users\Waldmann\Desktop\Edgar
2014-01-26 13:47 - 2012-09-16 15:05 - 00000000 ____D C:\Users\Waldmann\Desktop\Büro
2014-01-26 13:47 - 2011-10-09 16:12 - 00000000 ____D C:\Program Files (x86)\SeaMonkey
2014-01-26 13:39 - 2014-01-26 12:57 - 00564312 _____ (SurfRight) C:\Windows\SysWOW64\hmpalert.dll
2014-01-26 13:39 - 2014-01-26 12:57 - 00518480 _____ (SurfRight) C:\Windows\system32\hmpalert.dll
2014-01-26 13:39 - 2014-01-26 12:57 - 00017416 _____ C:\Windows\system32\Drivers\hmpalert.sys
2014-01-26 13:35 - 2014-01-26 13:35 - 00000000 ____D C:\Program Files (x86)\Artweaver Free 4
2014-01-26 13:35 - 2012-02-05 14:57 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Artweaver Free
2014-01-26 13:26 - 2011-10-13 19:19 - 00000000 ____D C:\ProgramData\Apple
2014-01-26 13:11 - 2014-01-26 13:02 - 00000000 ____D C:\ProgramData\HitmanPro
2014-01-26 12:57 - 2014-01-26 12:57 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2014-01-26 12:38 - 2012-04-01 19:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-26 12:38 - 2012-04-01 19:32 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-26 12:38 - 2011-10-25 17:19 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-26 12:06 - 2013-10-22 17:26 - 00026112 ___SH C:\Users\Waldmann\Thumbs.db
2014-01-26 12:04 - 2013-12-28 21:35 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Mozilla Thunderbird
2014-01-25 17:43 - 2014-01-17 21:22 - 00000000 ____D C:\ProgramData\IObit
2014-01-25 17:43 - 2013-12-25 13:00 - 00000000 ____D C:\ProgramData\ProductData
2014-01-25 17:30 - 2013-10-22 17:17 - 00002051 _____ C:\Users\Public\Desktop\avast! SafeZone.lnk
2014-01-25 17:29 - 2013-12-23 13:20 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-01-25 17:29 - 2012-11-02 20:07 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-01-25 17:29 - 2012-11-02 20:06 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-25 17:29 - 2012-11-02 20:06 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-01-25 17:28 - 2013-03-06 08:03 - 00440672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-01-22 17:35 - 2014-01-22 17:35 - 00000000 ____D C:\ProgramData\Protexis
2014-01-21 19:24 - 2013-02-10 15:01 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2014-01-21 19:24 - 2011-12-14 17:13 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2014-01-20 18:58 - 2014-01-20 18:58 - 00001026 _____ C:\Users\UpdatusUser\Desktop\Quimport.lnk
2014-01-20 18:57 - 2014-01-20 18:57 - 00003396 _____ C:\Windows\System32\Tasks\{B8E76BFE-0D55-438E-AD28-E4DEED26FC48}
2014-01-20 12:29 - 2014-01-20 12:29 - 00005327 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-20 12:29 - 2013-11-03 10:27 - 00000000 ____D C:\ProgramData\Oracle
2014-01-20 12:29 - 2011-10-09 17:02 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-19 10:05 - 2011-11-01 23:11 - 00002555 _____ C:\Users\Waldmann\AppData\Roaming\SAS7_000.DAT
2014-01-19 10:03 - 2012-10-12 16:17 - 00000259 _____ C:\Windows\SysWOW64\REMOTEDEVICE.INI
2014-01-18 19:45 - 2014-01-18 19:45 - 00038400 _____ C:\Users\Waldmann\Documents\Bestätigung zu Ihrer Abonnementbestellung.msg
2014-01-18 19:41 - 2014-01-18 19:41 - 00032768 _____ C:\Users\Waldmann\Documents\Bestätigung Ihrer Zahlung an RegNow.msg
2014-01-17 21:22 - 2014-01-17 21:22 - 00002892 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-01-17 21:22 - 2014-01-17 21:22 - 00001271 _____ C:\Users\Waldmann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-01-17 21:22 - 2014-01-17 21:22 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\ProductData
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\iMobie
2014-01-17 18:55 - 2014-01-17 18:55 - 00000000 ____D C:\Users\Waldmann\AppData\Local\iMobie_Inc
2014-01-15 20:45 - 2009-07-14 05:45 - 00762120 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 20:32 - 2013-08-15 02:01 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:30 - 2011-10-10 12:04 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 20:25 - 2014-01-15 20:17 - 00000000 ___RD C:\Users\Waldmann\Desktop\Höllein Lohnunterlagen
2014-01-15 20:11 - 2013-02-02 15:45 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Elo
2014-01-15 16:36 - 2013-02-06 15:33 - 00000000 ____D C:\Program Files (x86)\ELOoffice
2014-01-14 19:26 - 2013-08-20 16:44 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel
2014-01-14 13:08 - 2014-01-14 12:58 - 00000000 ____D C:\ProgramData\Protexis64
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\Documents\Corel PaintShop Pro
2014-01-14 12:58 - 2014-01-14 12:58 - 00000000 ____D C:\Users\Waldmann\AppData\Local\Corel PaintShop Pro
2014-01-14 12:58 - 2013-08-13 17:08 - 00000000 ____D C:\Users\Waldmann\AppData\Roaming\Ulead Systems
2014-01-14 12:57 - 2014-01-14 12:57 - 00000000 ____D C:\Program Files\Common Files\Protexis
2014-01-14 12:55 - 2014-01-14 12:55 - 00000000 ____D C:\Program Files\Corel
2014-01-14 12:55 - 2013-08-13 16:52 - 00000000 ____D C:\ProgramData\Corel
2014-01-14 12:53 - 2013-08-13 16:44 - 00000000 ____D C:\Program Files (x86)\Corel
2014-01-12 11:26 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2014-01-11 15:25 - 2013-09-13 19:05 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-06 13:02 - 2012-05-13 15:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-01 21:20 - 2014-01-01 21:20 - 00002074 _____ C:\Users\Public\Desktop\Lightroom 5.3 64-Bit.lnk
2014-01-01 21:19 - 2011-11-01 18:38 - 00000000 ____D C:\Program Files\Adobe
2014-01-01 12:46 - 2011-12-14 16:31 - 00000000 ____D C:\ProgramData\TuneUp Software
Files to move or delete:
====================
C:\Users\Waldmann\30593-8-CutOut-4-Pro.exe
C:\Users\Waldmann\ATIH2013PP_de-DE.exe
C:\Users\Waldmann\JavaSetup7u25.exe
C:\Users\Waldmann\Lightroom_5_LS11_win_5_2.exe
C:\Users\Waldmann\Setup (1).exe
C:\Users\Waldmann\TuneUpUtilities2014 (1).exe
C:\Users\Waldmann\TuneUpUtilities2014 (2).exe
C:\Users\Waldmann\TuneUpUtilities2014.exe
C:\Users\Waldmann\weprintwin.exe
Some content of TEMP:
====================
C:\Users\Waldmann\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Waldmann\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Waldmann\AppData\Local\Temp\System.Data.SQLite.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-31 02:52
==================== End Of Log ============================
--- --- --- --- --- --- Und wie gehts jetzt weiter? Alles wieder ok? Gruss Waldschratt5 |
|
01.02.2014, 10:03
| #12 |
| /// the machine /// TB-Ausbilder | Win32:Viknok-P [Cryp] Flash updaten. Fertig Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.02.2014, 20:59
| #13 |
| | Win32:Viknok-P [Cryp] Hallo Schrauber! Vielen Dank für die "Entwesung" meines PC`s !!! Ich habe alles, auch deine abschließenden Tipps befolgt und (soweit vorher noch nicht geschehen), umgesetzt. Ich war völlig überrascht, dass mein PC so bevölkert war. Dabei hatte ich mir schon immer die größte Mühe gegeben alles "dicht" zu machen. Zwei Fragen bleiben noch: Virenschutz: Avast!(seit 2 Jahren drauf) oder Kaspersky ? TuneUp Utilities sinnvoll? (hab ich seit Jahren, bisher keine Prob.) Nochmals vielen Dank!! Waldschratt5 hxxp://www.trhttp://www.trojaner-board.de/images/...lies/party.gif Noch was : gerade habe ich spybot drüber laufen lassen: es werden 54 Ereignisse gefunden. Was soll ich davon halten? Leider kann ich das logfile hier nicht anhängen. Das # Zeichen lässt sich nicht aktivieren. Ist spybot besser? Ich hoffe, ich nerve nicht... ! Gruss Waldschratt5 |
|
03.02.2014, 16:54
| #14 |
| /// the machine /// TB-Ausbilder | Win32:Viknok-P [Cryp] Spybot ist total veraltet. Aktiviere NoScript in Forefox für das TB dann ist der # Button wieder da
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.02.2014, 17:30
| #15 |
| | Win32:Viknok-P [Cryp] Danke , nun bin ich beruhigt! Schön, dass es das Trojaner Board gibt! Das Thema kann geschlossen werden! Nochmals viele Dank! Waldschratt5 |
|
![Win32:Viknok-P [Cryp]](iconimages/plagegeister-aller-art-deren-bekaempfung/win32-viknok-p-cryp_ltr.gif)
Linear-Darstellung
