FRST:
[
FRST Logfile:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-04-2014 01
Ran by Janis (administrator) on JANIS-PC on 13-04-2014 11:02:01
Running from H:\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Salfeld Computer) C:\Windows\SysWOW64\cc32\webtmr.exe
(Salfeld Computer) C:\Windows\tray\wintmr.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
() C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Grass Valley K.K.) C:\Program Files (x86)\Grass Valley\GV LicenseManager\AppMaintainer.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(Helge Klein) C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DiskLED.exe
(SoftPerfect Research) C:\Portable\Networx\networx.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\plugin-nm-server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\ishutdown\iShutdown\iShutdown.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(SWE Sven Ritter) C:\Program Files (x86)\SpeedCommander 15\SpeedCommander.exe
(Microsoft Corporation) C:\Windows\System32\dinotify.exe
(Google) C:\Users\Janis\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\Evernote.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.91\opera.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [InstallerLauncher] - "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [ChicoSys] - C:\Windows\SysWOW64\cc32\webtmr.exe [6484352 2009-07-14] (Salfeld Computer)
HKLM-x32\...\Run: [Syncios device service] - C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [723456 2013-12-03] ()
HKLM-x32\...\Run: [NPSStartup] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-04] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] - "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] - "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] - "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [CCWinTray] - C:\Windows\tray\wintmr.exe [6864256 2009-07-14] (Salfeld Computer)
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [AutoStartNPSAgent] - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [ishutdown2] - C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe [17920 2011-05-31] ()
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [Google Update] - C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-03-29] (Google Inc.)
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Run: [GoogleChromeAutoLaunch_614D6633E1F6CB2817A8B53E0FC278B1] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\system: [DisableClock] 1
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1838116744-3577079692-1005199208-1000\...\Policies\Explorer: [NoFind] 0
Startup: C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DiskLED.exe (Helge Klein)
Startup: C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\networx - Verknüpfung.lnk
ShortcutTarget: networx - Verknüpfung.lnk -> C:\Portable\Networx\networx.exe (SoftPerfect Research)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x830F29FB13DFCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/software/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{BCFA51DC-955E-4249-A1A8-103EEAC86637}: [NameServer]192.168.65.199
FireFox:
========
FF ProfilePath: C:\Users\Janis\AppData\Roaming\Mozilla\Firefox\Profiles\vfzbjb5t.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Janis\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Janis\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Janis\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Janis\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Janis\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Janis\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Janis\AppData\Roaming\Mozilla\Firefox\Profiles\vfzbjb5t.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-03-06]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-01-17]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-01-17]
Chrome:
=======
CHR HomePage: hxxp://google.de/
CHR Extension: (Google Translate) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-04-02]
CHR Extension: (Google Drive) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]
CHR Extension: (Kaspersky Protection) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa [2014-03-30]
CHR Extension: (YouTube) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]
CHR Extension: (Adblock Plus) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-26]
CHR Extension: (YouTube™ Ratings Preview) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbhdenfmgbagncdmgbholejjpmmiank [2013-12-01]
CHR Extension: (Google-Suche) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2013-12-28]
CHR Extension: (bitly | ♥ your bitmarks) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2013-12-09]
CHR Extension: (Auto HD For YouTube™) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-03-18]
CHR Extension: (Schwarz + Silber-Metall-Kohlenstoff) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2013-11-26]
CHR Extension: (Hangouts) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]
CHR Extension: (Google Mail) - C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [2013-11-11]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 bgsvcgen; C:\Windows\SysWOW64\bgsvcgen.exe [139264 2013-12-31] (SOURCENEXT)
S3 DummyService; C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe [66328 2013-12-12] (Grass Valley K.K.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-07-17] (Freemake)
R2 GVDownloadAgentService; C:\Program Files\Grass Valley\EDIUS 7\GV DownloadAgent\GVDownloadAgent.exe [66328 2013-12-12] (Grass Valley K.K.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 ksupmgr; C:\Windows\SysWOW64\ksupmgr.exe [765592 2010-08-25] (Salfeld Computer)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 TeamViewer9; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
==================== Drivers (Whitelisted) ====================
S1 cdrbsdrv; C:\Windows\SysWow64\Drivers\cdrbsdrv.sys [38944 2013-12-31] (B.H.A Corporation)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-11-11] (DT Soft Ltd)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-17] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-24] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-17] (Kaspersky Lab ZAO)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RTTEAMPT; C:\Windows\System32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)
S3 WsAudio_Device(1); C:\Windows\System32\drivers\VirtualAudio1.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(2); C:\Windows\System32\drivers\VirtualAudio2.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(3); C:\Windows\System32\drivers\VirtualAudio3.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(4); C:\Windows\System32\drivers\VirtualAudio4.sys [31080 2013-01-25] (Wondershare)
S3 WsAudio_Device(5); C:\Windows\System32\drivers\VirtualAudio5.sys [31080 2013-01-25] (Wondershare)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-13 11:01 - 2014-04-13 11:02 - 00000000 ____D () C:\FRST
2014-04-12 15:31 - 2014-04-12 15:31 - 00000000 ____D () C:\Program Files (x86)\MobiOne
2014-04-11 12:15 - 2014-04-11 12:16 - 00000964 _____ () C:\Windows\LkmdfCoInst.log
2014-04-10 19:13 - 2014-04-10 19:13 - 00298008 _____ () C:\Windows\Minidump\041014-27222-01.dmp
2014-04-10 19:13 - 2014-04-10 19:13 - 00000000 ____D () C:\Windows\Minidump
2014-04-10 19:10 - 2014-04-10 19:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-08 16:29 - 2014-04-08 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 15:43 - 2014-04-07 15:43 - 00000000 ____D () C:\Users\Janis\AppData\Local\Macroplant
2014-04-07 15:32 - 2014-04-07 16:00 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2014-04-05 20:58 - 2014-04-05 20:58 - 00000222 _____ () C:\Users\Janis\Desktop\Rust.url
2014-04-05 15:31 - 2014-04-05 15:31 - 00002684 _____ () C:\Users\Janis\AppData\Local\recently-used.xbel
2014-04-05 10:25 - 2014-04-05 10:25 - 00000000 ____D () C:\Users\Janis\www.apowersoft.com
2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\Documents\Apowersoft Free Audio Recorder
2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Apowersoft
2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Free Audio Recorder
2014-04-04 21:04 - 2014-04-04 21:07 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\WindSolutions
2014-04-04 21:04 - 2014-04-04 21:06 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-04-04 20:31 - 2014-04-04 20:31 - 00000000 ____D () C:\Users\Janis\.android
2014-04-04 20:21 - 2014-04-04 21:16 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-03-31 16:07 - 2014-03-31 15:35 - 00001133 _____ () C:\Users\Janis\Desktop\Opera.lnk
2014-03-31 15:35 - 2014-04-03 19:43 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Opera Software
2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Local\Opera Software
2014-03-30 16:34 - 2014-04-12 16:12 - 00000000 ____D () C:\Users\Janis\Documents\PhraseExpress
2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhraseExpress
2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\ProgramData\PhraseExpress
2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Program Files (x86)\PhraseExpress
2014-03-29 13:23 - 2014-04-13 10:56 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA.job
2014-03-29 13:23 - 2014-04-12 14:34 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core.job
2014-03-29 13:23 - 2014-03-31 14:29 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA
2014-03-29 13:23 - 2014-03-31 14:29 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iTunes
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iPod
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\Users\Janis\AppData\Local\WarThunder
2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\ProgramData\WarThunder
2014-03-26 16:52 - 2014-03-26 17:15 - 00000040 _____ () C:\Users\Janis\AppData\Roaming\TheHunterSettings_live.cfg
2014-03-24 11:59 - 2014-03-24 12:05 - 00000000 ____D () C:\Users\Janis\Documents\RCT3
2014-03-24 11:59 - 2014-03-24 11:59 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll
2014-03-24 11:59 - 2014-03-24 11:59 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Atari
2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Program Files (x86)\GomPlayer
2014-03-21 19:50 - 2014-04-02 17:47 - 00000000 ____D () C:\Users\Janis\AppData\Local\DayZ
2014-03-21 19:50 - 2014-03-21 20:47 - 00000000 ____D () C:\Users\Janis\Documents\DayZ
2014-03-20 17:20 - 2014-03-20 17:20 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\java
2014-03-20 17:19 - 2014-03-20 17:19 - 00312728 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-20 17:19 - 2014-03-20 17:19 - 00191384 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-20 17:19 - 2014-03-20 17:19 - 00190872 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-20 17:19 - 2014-03-20 17:19 - 00111000 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.jmc
2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.eclipse
2014-03-20 17:17 - 2014-03-20 17:19 - 00000000 ____D () C:\Program Files\Java
2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhotoSync
2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Local\touchbyte_GmbH
2014-03-19 14:59 - 2014-03-19 15:00 - 00000000 ____D () C:\Program Files (x86)\PhotoSync
2014-03-18 17:37 - 2014-03-21 14:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-17 19:20 - 2014-03-17 19:20 - 00000551 _____ () C:\Users\Janis\Desktop\Minecraft.lnk
2014-03-16 13:19 - 2014-03-30 11:52 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\.minecraft
2014-03-14 20:10 - 2014-03-14 20:10 - 00000000 ____D () C:\Users\Janis\AppData\Local\Skype
2014-03-14 20:09 - 2014-03-14 20:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-14 16:11 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 16:11 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 16:11 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 16:11 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 16:11 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 16:11 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 16:11 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 16:11 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 16:11 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 16:11 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 16:11 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 16:11 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 16:11 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 16:11 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 16:11 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 16:11 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 16:11 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 16:11 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 16:11 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 16:11 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 16:11 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 16:11 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 16:11 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 16:11 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 16:11 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 16:11 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 16:11 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 16:11 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 16:11 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 16:11 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 16:11 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 16:11 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 16:11 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 16:11 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 16:11 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 16:11 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 16:11 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 16:11 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 16:11 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 16:11 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 15:49 - 2014-04-07 17:03 - 00000000 ____D () C:\Users\Janis\Documents\ManiaPlanet
2014-03-14 15:49 - 2014-04-07 16:49 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2014-03-14 15:10 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 15:10 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 15:10 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 15:05 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 15:05 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
==================== One Month Modified Files and Folders =======
2014-04-13 11:02 - 2014-04-13 11:01 - 00000000 ____D () C:\FRST
2014-04-13 11:01 - 2009-07-14 06:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-13 11:01 - 2009-07-14 06:45 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-13 10:58 - 2014-01-12 00:00 - 00013788 _____ () C:\Windows\SysWOW64\cchservice.err
2014-04-13 10:58 - 2013-11-24 12:01 - 00000000 ___HD () C:\ProgramData\Device
2014-04-13 10:57 - 2013-11-24 12:00 - 00000000 ____D () C:\Windows\SysWOW64\scurl
2014-04-13 10:57 - 2013-11-11 22:11 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Skype
2014-04-13 10:56 - 2014-03-29 13:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA.job
2014-04-13 10:56 - 2013-11-11 21:29 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-13 10:56 - 2013-11-11 21:21 - 01135294 _____ () C:\Windows\WindowsUpdate.log
2014-04-13 10:55 - 2014-02-21 17:01 - 00021217 _____ () C:\Windows\setupact.log
2014-04-13 10:55 - 2013-11-24 12:01 - 00001268 _____ () C:\Windows\SysWOW64\excltmp~.dat
2014-04-13 10:55 - 2013-11-12 18:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-12 18:19 - 2013-11-11 21:53 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-04-12 16:16 - 2013-11-11 21:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-12 16:12 - 2014-03-30 16:34 - 00000000 ____D () C:\Users\Janis\Documents\PhraseExpress
2014-04-12 15:31 - 2014-04-12 15:31 - 00000000 ____D () C:\Program Files (x86)\MobiOne
2014-04-12 14:34 - 2014-03-29 13:23 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core.job
2014-04-12 12:54 - 2011-04-12 09:43 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2014-04-12 12:54 - 2011-04-12 09:43 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2014-04-12 12:54 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-11 12:16 - 2014-04-11 12:15 - 00000964 _____ () C:\Windows\LkmdfCoInst.log
2014-04-11 12:15 - 2013-11-12 16:30 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-04-11 12:06 - 2013-11-15 16:19 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-11 12:04 - 2013-11-15 16:19 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-11 11:56 - 2014-02-21 18:02 - 00307918 _____ () C:\Windows\PFRO.log
2014-04-11 11:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-10 19:24 - 2013-11-11 21:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-10 19:13 - 2014-04-10 19:13 - 00298008 _____ () C:\Windows\Minidump\041014-27222-01.dmp
2014-04-10 19:13 - 2014-04-10 19:13 - 00000000 ____D () C:\Windows\Minidump
2014-04-10 19:10 - 2014-04-10 19:10 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-10 17:43 - 2013-11-11 21:40 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-09 19:57 - 2014-01-25 00:55 - 00000000 ____D () C:\Users\Janis\AppData\Local\Adobe
2014-04-09 19:57 - 2013-11-12 18:08 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-09 19:57 - 2013-11-12 18:08 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-09 19:57 - 2013-11-12 18:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-08 16:51 - 2013-11-11 22:28 - 00000000 ____D () C:\Users\Janis\Documents\Euro Truck Simulator 2
2014-04-08 16:29 - 2014-04-08 16:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-07 19:19 - 2013-11-24 12:01 - 00000259 _____ () C:\NET.INI
2014-04-07 18:00 - 2013-11-11 22:16 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Apple Computer
2014-04-07 17:12 - 2013-11-24 16:35 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-07 17:03 - 2014-03-14 15:49 - 00000000 ____D () C:\Users\Janis\Documents\ManiaPlanet
2014-04-07 16:49 - 2014-03-14 15:49 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2014-04-07 16:00 - 2014-04-07 15:32 - 00000000 ____D () C:\Program Files (x86)\iExplorer
2014-04-07 15:43 - 2014-04-07 15:43 - 00000000 ____D () C:\Users\Janis\AppData\Local\Macroplant
2014-04-05 20:58 - 2014-04-05 20:58 - 00000222 _____ () C:\Users\Janis\Desktop\Rust.url
2014-04-05 15:31 - 2014-04-05 15:31 - 00002684 _____ () C:\Users\Janis\AppData\Local\recently-used.xbel
2014-04-05 15:31 - 2013-12-14 14:19 - 00000000 ____D () C:\Users\Janis\AppData\Local\gtk-2.0
2014-04-05 15:31 - 2013-12-14 13:35 - 00000000 ____D () C:\Users\Janis\.gimp-2.8
2014-04-05 14:18 - 2013-12-04 16:13 - 00009216 _____ () C:\Users\Janis\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-05 10:25 - 2014-04-05 10:25 - 00000000 ____D () C:\Users\Janis\www.apowersoft.com
2014-04-05 10:25 - 2013-11-11 21:21 - 00000000 ____D () C:\Users\Janis
2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\Documents\Apowersoft Free Audio Recorder
2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Apowersoft
2014-04-05 10:24 - 2014-04-05 10:24 - 00000000 ____D () C:\Program Files (x86)\Free Audio Recorder
2014-04-04 21:16 - 2014-04-04 20:21 - 00000000 ____D () C:\Program Files (x86)\MyPhoneExplorer
2014-04-04 21:07 - 2014-04-04 21:04 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\WindSolutions
2014-04-04 21:06 - 2014-04-04 21:04 - 00000000 ____D () C:\ProgramData\WindSolutions
2014-04-04 20:31 - 2014-04-04 20:31 - 00000000 ____D () C:\Users\Janis\.android
2014-04-03 19:43 - 2014-03-31 15:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-03 16:11 - 2013-11-11 21:29 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 16:11 - 2013-11-11 21:29 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-02 19:19 - 2013-11-11 22:03 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Spotify
2014-04-02 17:47 - 2014-03-21 19:50 - 00000000 ____D () C:\Users\Janis\AppData\Local\DayZ
2014-03-31 15:35 - 2014-03-31 16:07 - 00001133 _____ () C:\Users\Janis\Desktop\Opera.lnk
2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Opera Software
2014-03-31 15:35 - 2014-03-31 15:35 - 00000000 ____D () C:\Users\Janis\AppData\Local\Opera Software
2014-03-31 14:29 - 2014-03-29 13:23 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA
2014-03-31 14:29 - 2014-03-29 13:23 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core
2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhraseExpress
2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\ProgramData\PhraseExpress
2014-03-30 16:34 - 2014-03-30 16:34 - 00000000 ____D () C:\Program Files (x86)\PhraseExpress
2014-03-30 11:52 - 2014-03-16 13:19 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\.minecraft
2014-03-30 11:18 - 2013-11-11 21:21 - 00000000 ___RD () C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-30 11:17 - 2009-07-14 06:45 - 00389048 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-29 19:10 - 2013-12-21 15:18 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Syncios
2014-03-29 14:58 - 2013-12-15 14:37 - 00000000 ____D () C:\Program Files (x86)\Fraps
2014-03-29 13:23 - 2013-11-11 21:40 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Mozilla
2014-03-29 13:23 - 2013-11-11 21:29 - 00000000 ____D () C:\Users\Janis\AppData\Local\Google
2014-03-28 18:39 - 2013-12-21 13:59 - 00000000 ____D () C:\Users\Janis\AppData\Local\Apple Computer
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iTunes
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files\iPod
2014-03-28 18:24 - 2014-03-28 18:24 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-28 18:22 - 2013-11-11 22:09 - 00000000 ____D () C:\ProgramData\Apple
2014-03-28 18:21 - 2013-11-11 22:09 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-26 21:15 - 2013-11-11 23:09 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\Users\Janis\AppData\Local\WarThunder
2014-03-26 21:13 - 2014-03-26 21:13 - 00000000 ____D () C:\ProgramData\WarThunder
2014-03-26 21:13 - 2013-11-17 20:42 - 00000000 ____D () C:\Users\Janis\Documents\My Games
2014-03-26 17:15 - 2014-03-26 16:52 - 00000040 _____ () C:\Users\Janis\AppData\Roaming\TheHunterSettings_live.cfg
2014-03-25 20:17 - 2013-11-15 17:41 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-03-25 13:33 - 2013-11-11 22:03 - 00000000 ____D () C:\Users\Janis\AppData\Local\Spotify
2014-03-24 12:05 - 2014-03-24 11:59 - 00000000 ____D () C:\Users\Janis\Documents\RCT3
2014-03-24 11:59 - 2014-03-24 11:59 - 00043520 _____ () C:\Windows\SysWOW64\CmdLineExt03.dll
2014-03-24 11:59 - 2014-03-24 11:59 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\Atari
2014-03-24 11:58 - 2014-02-21 17:47 - 00146106 _____ () C:\Windows\DirectX.log
2014-03-24 11:31 - 2014-01-17 22:18 - 00625248 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-03-24 11:31 - 2014-01-17 22:18 - 00115296 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-03-22 17:04 - 2014-03-11 17:31 - 00000000 ____D () C:\Users\Janis\AppData\Local\Paint.NET
2014-03-22 10:42 - 2014-03-22 10:42 - 00000000 ____D () C:\Program Files (x86)\GomPlayer
2014-03-21 22:21 - 2013-11-24 16:42 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\TeamViewer
2014-03-21 20:47 - 2014-03-21 19:50 - 00000000 ____D () C:\Users\Janis\Documents\DayZ
2014-03-21 14:55 - 2014-03-18 17:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-03-20 17:20 - 2014-03-20 17:20 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\java
2014-03-20 17:19 - 2014-03-20 17:19 - 00312728 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-03-20 17:19 - 2014-03-20 17:19 - 00191384 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-03-20 17:19 - 2014-03-20 17:19 - 00190872 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-03-20 17:19 - 2014-03-20 17:19 - 00111000 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.jmc
2014-03-20 17:19 - 2014-03-20 17:19 - 00000000 ____D () C:\Users\Janis\.eclipse
2014-03-20 17:19 - 2014-03-20 17:17 - 00000000 ____D () C:\Program Files\Java
2014-03-20 16:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-03-20 16:37 - 2013-11-11 21:29 - 00098048 _____ () C:\Users\Janis\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Roaming\PhotoSync
2014-03-19 15:00 - 2014-03-19 15:00 - 00000000 ____D () C:\Users\Janis\AppData\Local\touchbyte_GmbH
2014-03-19 15:00 - 2014-03-19 14:59 - 00000000 ____D () C:\Program Files (x86)\PhotoSync
2014-03-17 19:20 - 2014-03-17 19:20 - 00000551 _____ () C:\Users\Janis\Desktop\Minecraft.lnk
2014-03-14 21:43 - 2014-03-13 21:49 - 00000000 ____D () C:\Users\Janis\Documents\TrackMania
2014-03-14 20:10 - 2014-03-14 20:10 - 00000000 ____D () C:\Users\Janis\AppData\Local\Skype
2014-03-14 20:10 - 2013-11-11 21:42 - 00000000 ____D () C:\ProgramData\Skype
2014-03-14 20:09 - 2014-03-14 20:09 - 00000000 ___RD () C:\Program Files (x86)\Skype
Some content of TEMP:
====================
C:\Users\Janis\AppData\Local\Temp\ExPromo.exe
C:\Users\Janis\AppData\Local\Temp\nsc2CA8.exe
C:\Users\Janis\AppData\Local\Temp\nscFD7C.exe
C:\Users\Janis\AppData\Local\Temp\nsh34B8.exe
C:\Users\Janis\AppData\Local\Temp\nsh3813.exe
C:\Users\Janis\AppData\Local\Temp\nshB201.exe
C:\Users\Janis\AppData\Local\Temp\nsm2630.exe
C:\Users\Janis\AppData\Local\Temp\nsm317C.exe
C:\Users\Janis\AppData\Local\Temp\nsm8FFC.exe
C:\Users\Janis\AppData\Local\Temp\nsr295C.exe
C:\Users\Janis\AppData\Local\Temp\nsr88C9.exe
C:\Users\Janis\AppData\Local\Temp\nsr8CC0.exe
C:\Users\Janis\AppData\Local\Temp\nsrB59A.exe
C:\Users\Janis\AppData\Local\Temp\nsrB8F5.exe
C:\Users\Janis\AppData\Local\Temp\SIntf16.dll
C:\Users\Janis\AppData\Local\Temp\SIntf32.dll
C:\Users\Janis\AppData\Local\Temp\SIntfNT.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-15 04:48
==================== End Of Log ============================
--- --- ---
--- --- ---
][/CODE]
Addition:
[Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2014 01
Ran by Janis at 2014-04-13 11:02:35
Running from H:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version: - Microsoft) Hidden
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
Apowersoft Gratis - Audiorekorder V2.1.2 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.1.2 - Apowersoft)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Blender (HKLM\...\Blender) (Version: 2.68 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 7 (HKLM-x32\...\{C0E8FE43-C35B-451D-B35F-D4BD056D70E7}) (Version: 7.1.1 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
EDIUS (HKLM\...\{E7CCB338-2A54-4F44-947B-958BD847A5D3}) (Version: 7.21 - Grass Valley K.K.)
EDIUS Codec Option 7.21 (HKLM-x32\...\{7E4E5B65-9B8B-4ECE-9C1F-9C96DA0BC620}) (Version: 7.21 - Grass Valley K.K.)
EDIUS DVD Menu Style 7.00 (HKLM\...\{7E8ED929-2A09-4A42-B2F5-C361A4E525B9}) (Version: 7.00 - Grass Valley K.K.)
EDIUS Manual 7.00 DE (HKLM\...\{EA477796-FDF9-4A2E-8925-686339F884A8}) (Version: 7.00 - Grass Valley K.K.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 4.6.1 (HKLM-x32\...\{9D8BAA74-5B7D-11E2-8273-984BE15F174E}) (Version: 4.6.1.7860 - Evernote Corp.)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - )
FaceTrackNoIR version 1.7 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7 - FaceTrackNoIR Team)
Fairground 2 Halloween - Version 2.0.5 (HKLM-x32\...\{DDFB5452-C0D5-480E-AC26-E44799DF189A}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Fast Image-Map 2.2.1 (HKLM-x32\...\FastImageMap_is1) (Version: 2.2.1.0 - Martin Hentschel (CL-Soft))
FixFoto 3.00 (HKLM-x32\...\FixFoto_is1) (Version: - Joachim Koopmann Software)
Flughafen-Feuerwehr-Simulator 2013 Version 1.0 (HKLM-x32\...\{86D596F4-CB90-4F4B-B752-8A55D0C62664}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FreeCAD 0.13 (HKLM-x32\...\{2B2B5D2B-0F01-410B-843B-8F437FD75FBF}) (Version: 0.13.1828 - Juergen Riegel (FreeCAD@juergen-riegel.net))
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter Version 4.1.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.0 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
Galaxy On Fire 2 (c) BitComposer games version 1 (HKLM-x32\...\Galaxy On Fire 2 (c) BitComposer games_is1) (Version: 1 - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Ghostcontrol Inc. Version 1.0.7 (HKLM-x32\...\{E0D897CC-7364-4B67-B46F-383E5C53CE23}_is1) (Version: 1.0.7 - bumblebee. / Application Systems Heidelberg)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5183 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{E121A4FE-009B-385B-BB0D-B934E2A88288}) (Version: 5.2.4.18058 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GV LicenseManager 2.21 (HKLM-x32\...\{EE256B6B-7F66-409B-9CF2-CE9B64947CBC}) (Version: 2.21 - Grass Valley K.K.)
Inkscape 0.48.4 (HKCU\...\Inkscape) (Version: 0.48.4 - )
Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iShutdown (HKLM-x32\...\{08AB3EB6-158A-4415-8627-C41C629CC611}) (Version: 1.00.0000 - Your Company Name)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kindersicherung 2013 (HKLM-x32\...\Kindersicherung_is1) (Version: - Salfeld Computer GmbH)
Klomanager (HKLM-x32\...\Klomanager) (Version: - )
Klomanager Deluxe (HKLM-x32\...\{C0233BEE-D9AA-4CAF-A745-10C2CC902F11}) (Version: 1.6.0.0 - Anvil-Soft)
KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version: - KompoZer)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
Lupas Rename 2000 v5.0 Release (HKLM-x32\...\Lupas Rename 2000_is1) (Version: - Ivan Anton Albarracin)
MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
MediaInfo 0.7.65 (HKLM\...\MediaInfo) (Version: 0.7.65 - MediaArea.net)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MonochromiX 1.39 (HKLM-x32\...\MonochromiX_is1) (Version: - Joachim Koopmann Software)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
OMSI - Der Omnibussimulator (HKLM-x32\...\{9AE850A4-B89D-4875-A159-B1B64D717EFB}) (Version: 1.06 - aerosoft)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PhotoSync (HKLM\...\{7D69D25B-03CD-4FD3-9E05-7069B8CB88F4}) (Version: 2.1.2 - touchbyte GmbH)
PhraseExpress v10.1.28 (HKLM-x32\...\PhraseExpress_is1) (Version: 10.1.28 - Bartels Media GmbH)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Real Heroes Firefighter (HKLM-x32\...\Real Heroes - Firefighter_is1) (Version: - rondomedia)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.6 - Realtek)
RESCUE 2013 (HKCU\...\RESCUE 2013) (Version: 1.30.00.00 - rondomedia GmbH)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
Schlagwortsuche 1.14 (HKLM-x32\...\Schlagwortsuche_is1) (Version: - Joachim Koopmann Software)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SpeedCommander 15 (HKLM-x32\...\SpeedCommander 15) (Version: 15.00.7340 - SWE Sven Ritter)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Stadtbahn Simulator Düsseldorf (HKLM-x32\...\{83CD9117-D772-437B-8B18-6D00BCFE9E01}) (Version: 1.0.0 - Rondomedia)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syncios Version 3.0.3 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 3.0.3 - Anvsoft, Inc.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
theHunter Launcher (HKLM-x32\...\FBDFBE7F-2DB8-47E2-B88E-32F4A2A74AA8_is1) (Version: 622 - Expansive Worlds)
TMPGEnc Authoring Works 4 (HKLM-x32\...\{B8D91F6B-803A-4579-9DAD-1377B56DC657}) (Version: 4.0.7.32 - Pegasys Inc.)
TP-LINK TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
TrackMania² Valley (HKLM-x32\...\Steam App 243360) (Version: - Nadeo)
Trainz Simulator 12 (HKLM-x32\...\Steam App 24670) (Version: - N3V Games)
Videoload (HKCU\...\3241508355.wcps.t-online.de) (Version: - wcps.t-online.de)
Viscera Cleanup Detail - ALPHA (HKLM\...\UDK-7887d759-a576-4abc-9119-92293a000d71) (Version: - RuneStorm)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Werkfeuerwehr Simulator 2014 Version 1.2 (HKLM-x32\...\{8694B919-8C39-41FB-875E-0FC8E3EE3216}_is1) (Version: - rondomedia Marketing & Vertriebs GmbH)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.10.5 (32-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.5 - The Wireshark developer community, hxxp://www.wireshark.org)
World of Subways Vol.2 (HKLM-x32\...\{0A902DF4-B767-49DB-98D3-D413E6F1E703}) (Version: 1.20 - TML-Studios)
Youtube Downloader HD v. 2.9.9.2 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {86EB76BE-217E-4DBE-B2E3-086ACEFE1BA6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)
Task: {8CB8F3D2-5BA4-4F06-A641-8455141F21B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {93064B35-7DAA-4073-BC54-75516538AC73} - System32\Tasks\{D62CF34C-4195-4396-B923-4957957D6092} => Chrome.exe hxxp://ui.skype.com/ui/0/6.10.0.104/de/go/help.faq.installer?source=lightinstaller&LastError=1618
Task: {B18855DF-42C5-4A47-B5A6-CA39E0B88211} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-11] (Google Inc.)
Task: {E50AB4C2-651B-421D-A4B5-A0965B0D42DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)
Task: {FD06857C-30C7-4F91-BC25-4DAAD081B1F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000Core.job => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1838116744-3577079692-1005199208-1000UA.job => C:\Users\Janis\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-05-31 02:00 - 2011-05-31 02:00 - 00017920 _____ () C:\Program Files (x86)\ishutdown\iShutdown\ilauncher.exe
2013-12-21 15:18 - 2013-12-03 09:34 - 00723456 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2011-06-14 23:31 - 2011-06-14 23:31 - 00056320 _____ () C:\Program Files (x86)\ishutdown\iShutdown\iShutdown.exe
2014-04-03 19:43 - 2014-04-02 13:19 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\opera_crashreporter.exe
2014-04-10 15:34 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-11-11 22:17 - 2009-11-28 23:34 - 00451584 _____ () C:\Portable\Networx\sqlite.dll
2013-12-21 15:18 - 2013-12-19 18:09 - 00377344 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2013-12-21 15:18 - 2013-10-27 00:02 - 00059904 _____ () C:\Program Files (x86)\Syncios\zlib.dll
2013-12-21 15:18 - 2013-10-27 00:00 - 00526848 _____ () C:\Program Files (x86)\Syncios\sqlite3.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00237384 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-04-10 15:34 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-04-10 15:34 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-04-10 15:34 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-04-10 15:34 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-04-10 15:34 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-03-18 17:37 - 2014-03-18 17:37 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-18 17:37 - 2014-03-18 17:37 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-18 17:37 - 2014-03-18 17:37 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-10 15:49 - 2014-04-10 15:49 - 00181760 _____ () C:\Users\Janis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd\2014.326.1305.2_0\plugin\ace.dll
2014-04-03 19:43 - 2014-04-02 13:19 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libglesv2.dll
2014-04-03 19:43 - 2014-04-02 13:19 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\libegl.dll
2014-04-03 19:43 - 2014-04-02 13:19 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.91\ffmpegsumo.dll
2014-04-09 19:57 - 2014-04-09 19:57 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
2014-03-30 16:34 - 2014-03-26 17:50 - 00457512 _____ () C:\Program Files (x86)\PhraseExpress\pexlang.dll
2012-08-29 07:50 - 2012-08-29 07:50 - 21009920 _____ () C:\Program Files (x86)\Evernote\Evernote\libcef.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00433664 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2012-09-08 13:16 - 2012-09-08 13:16 - 00315392 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2012-08-29 07:50 - 2012-08-29 07:50 - 00983054 _____ () C:\Program Files (x86)\Evernote\Evernote\avcodec-54.dll
2012-08-29 07:50 - 2012-08-29 07:50 - 00133134 _____ () C:\Program Files (x86)\Evernote\Evernote\avutil-51.dll
2012-08-29 07:50 - 2012-08-29 07:50 - 00189454 _____ () C:\Program Files (x86)\Evernote\Evernote\avformat-54.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:06A7F9ED
AlternateDataStreams: C:\ProgramData\TEMP:8FCD8443
AlternateDataStreams: C:\ProgramData\TEMP:A5B56640
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: HID-Tastatur
Description: HID-Tastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: kbdhid
Problem: : Windows cannot load the device driver for this hardware because a previous instance of the device driver is still in memory. (Code 38)
Resolution: The driver could not be loaded because a previous instance is still loaded.
Restart the computer.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/12/2014 06:55:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028
Error: (04/12/2014 06:55:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028
Error: (04/12/2014 06:55:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/12/2014 06:55:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1029
Error: (04/12/2014 06:55:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1029
Error: (04/12/2014 06:55:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/12/2014 09:25:51 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ccsync.exe, Version: 6.418.0.0, Zeitstempel: 0x52677676
Name des fehlerhaften Moduls: ccsync.exe, Version: 6.418.0.0, Zeitstempel: 0x52677676
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000061fe
ID des fehlerhaften Prozesses: 0x246c
Startzeit der fehlerhaften Anwendung: 0xccsync.exe0
Pfad der fehlerhaften Anwendung: ccsync.exe1
Pfad des fehlerhaften Moduls: ccsync.exe2
Berichtskennung: ccsync.exe3
Error: (04/12/2014 09:15:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38769946
Error: (04/12/2014 09:15:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38769946
Error: (04/12/2014 09:15:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (04/12/2014 03:21:18 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/11/2014 00:13:23 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (04/11/2014 00:12:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.
Error: (04/11/2014 00:12:12 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Schedule erreicht.
Error: (04/11/2014 00:11:42 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.
Error: (04/11/2014 11:56:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Bilderfassung (WIA)" ist vom Dienst "Shellhardwareerkennung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (04/11/2014 11:56:29 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/11/2014 11:56:21 AM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\cdrbsdrv.SYS nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (04/10/2014 07:59:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows-Bilderfassung (WIA)" ist vom Dienst "Shellhardwareerkennung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (04/10/2014 07:59:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-04-12 16:49:23.212
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:49:23.212
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:49:23.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:49:23.210
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:49:23.193
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:49:23.171
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:27:51.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:27:51.211
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:27:51.210
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-12 16:27:51.210
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\wdrvtd64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 54%
Total physical RAM: 8104.27 MB
Available physical RAM: 3686.42 MB
Total Pagefile: 16206.73 MB
Available Pagefile: 10187.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:82.91 GB) (Free:8.1 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (H-800GB) (Fixed) (Total:848.5 GB) (Free:292.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D8DDF3A1)
Partition: GPT Partition Type.
==================== End Of Log ============================][/CODE]
Kann keine Firewall installieren
(https://www.trojaner-board.de/152404-keine-firewall-installieren.html)
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
Lesestoff: