| charly-UM | 04.06.2014 15:50 |
FIXLOG: Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:02-06-2014
Ran by Ewald Kaufmann at 2014-06-04 16:44:23 Run:2
Running from C:\Users\Ewald Kaufmann\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\All Users\IhijUshe.dat
C:\ProgramData\IhijUshe.dat
C:\Users\Ewald Kaufmann\AppData\Local\Downloaded Installations\{FB20D3A1-7281-4136-BE99-10838BAE8B18}
C:\Users\Ewald Kaufmann\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\1fbc2305-6156967d
C:\Users\Ewald Kaufmann\AppData\Roaming\Mozilla\Firefox\Profiles\0u2s3apf.default\prefs.js.bak
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VINL9I3
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQ5PXKA4
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GT6P9KWF
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JG5V8NTX
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Run: [IhijUshe] => regsvr32.exe "C:\ProgramData\IhijUshe.dat"
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
2014-05-29 21:43 - 2013-05-06 14:47 - 00000000 ____D () C:\Users\Ewald
Folder: Kaufmann\_TEMP
Folder: C:\Users\Public\Öffentliche TEMP
C:\Users\Ewald Kaufmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcmro2k.dll
*****************
"C:\Users\All Users\IhijUshe.dat" => File/Directory not found.
"C:\ProgramData\IhijUshe.dat" => File/Directory not found.
C:\Users\Ewald Kaufmann\AppData\Local\Downloaded Installations\{FB20D3A1-7281-4136-BE99-10838BAE8B18} => Moved successfully.
C:\Users\Ewald Kaufmann\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\1fbc2305-6156967d => Moved successfully.
C:\Users\Ewald Kaufmann\AppData\Roaming\Mozilla\Firefox\Profiles\0u2s3apf.default\prefs.js.bak => Moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VINL9I3 => Moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQ5PXKA4 => Moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GT6P9KWF => Moved successfully.
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JG5V8NTX => Moved successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKLM => Group Policy Restriction on software restored successfully.
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\Software\Microsoft\Windows\CurrentVersion\Run\\IhijUshe => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"C:\Users\Ewald" => File/Directory not found.
========================= Folder: Kaufmann\_TEMP ========================
Directory Not Found
========================= Folder: C:\Users\Public\Öffentliche TEMP ========================
2009-12-15 00:15 - 2009-12-15 00:15 - 0000162 ____H () C:\Users\Public\Öffentliche TEMP\~$hresrückblick 2009.doc
2009-08-12 20:43 - 2009-08-14 11:43 - 0153600 _____ () C:\Users\Public\Öffentliche TEMP\Einladung 60 Ewald 2.ppt
2009-08-11 21:46 - 2009-08-14 09:17 - 0159232 _____ () C:\Users\Public\Öffentliche TEMP\Einladung 60 Ewald.ppt
2009-08-12 20:35 - 2009-08-29 17:08 - 0019456 _____ () C:\Users\Public\Öffentliche TEMP\Einladungsliste.xls
2010-08-22 20:08 - 2010-08-22 20:08 - 0968560 _____ () C:\Users\Public\Öffentliche TEMP\Handbuch Formula Bremsen.pdf
2010-08-22 20:14 - 2010-08-22 20:14 - 1457822 _____ () C:\Users\Public\Öffentliche TEMP\Handbuch-Formula-Oro_spill_TED.pdf
2009-12-09 22:03 - 2009-12-09 22:03 - 0124407 _____ () C:\Users\Public\Öffentliche TEMP\Mieterselbstauskunft.pdf
2009-11-29 17:14 - 2009-11-29 17:43 - 0036352 _____ () C:\Users\Public\Öffentliche TEMP\Ordner-Rücken.doc
2009-11-29 17:27 - 2009-12-14 13:50 - 0029184 _____ () C:\Users\Public\Öffentliche TEMP\Ordner-Rücken2.doc
2009-12-09 23:42 - 2009-12-11 16:24 - 0037376 _____ () C:\Users\Public\Öffentliche TEMP\SELBSTAUSKUNFT DES MIETINTERESSENTEN.doc
2010-01-25 00:40 - 2010-01-25 00:41 - 0112351 _____ () C:\Users\Public\Öffentliche TEMP\Stromanbieterwechsel.pdf
2010-04-14 21:50 - 2010-04-14 21:50 - 0014848 ___SH () C:\Users\Public\Öffentliche TEMP\Thumbs.db
2009-11-21 22:23 - 2009-11-21 22:23 - 0026201 _____ () C:\Users\Public\Öffentliche TEMP\Überweisung für Löschungsbewilligung EDG.pdf
2010-05-05 13:57 - 2010-05-05 13:57 - 0015489 _____ () C:\Users\Public\Öffentliche TEMP\Vollmacht.pdf
2010-07-20 22:45 - 2010-07-20 22:45 - 0024064 _____ () C:\Users\Public\Öffentliche TEMP\xxxx.doc
2010-01-24 23:35 - 2010-01-24 23:35 - 0028444 _____ () C:\Users\Public\Öffentliche TEMP\Zahlung Quicken Software.pdf
====== End of Folder: ======
"C:\Users\Ewald Kaufmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcmro2k.dll" => File/Directory not found.
==== End of Fixlog ====
FRST.txt:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Ewald Kaufmann (administrator) on VISTA-PC on 04-06-2014 16:46:05
Running from C:\Users\Ewald Kaufmann\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dropbox, Inc.) C:\Users\Ewald Kaufmann\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(Garmin Ltd or its subsidiaries) C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Empolis GmbH) C:\Program Files\Common Files\Gnab\Service\ServiceController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
(Empolis GmbH) C:\Program Files\Medion\MEDIONbox\Program\GCS.exe
(Prolific Technology Inc.) C:\Windows\System32\IoctlSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\QualityManager.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Buhl Data Service GmbH) C:\Program Files\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Apple Inc.) C:\AirPrint\airprint.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\issm.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
() C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
() C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
(Intel(R) Corporation) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2007-10-09] (Intel Corporation)
HKLM\...\Run: [NMSSupport] => C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe [439512 2007-06-27] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4706304 2007-11-14] (Realtek Semiconductor)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-02] (RealNetworks, Inc.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\.DEFAULT\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [122200 2014-04-23] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [Messenger (Yahoo!)] => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-04-30] (Google Inc.)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [Remote Control Editor] => C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe [1105920 2008-12-09] (TerraTec Electronic GmbH)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [Search Protection] => C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [1und1Agent] => C:\Program Files\Internetradio Player\ps_agent.exe
HKU\S-1-5-21-2643817713-3400089558-1708297070-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe [1104256 2014-05-08] (Adobe Systems Incorporated)
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2643817713-3400089558-1708297070-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Ewald Kaufmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Ewald Kaufmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Ewald Kaufmann\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Program Files\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} hxxp://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Ewald Kaufmann\AppData\Roaming\Mozilla\Firefox\Profiles\0u2s3apf.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Deutsches Wörterbuch (alte Rechtschreibung) für die Rechtschreibprüfung in Mozilla-Produkten - C:\Users\Ewald Kaufmann\AppData\Roaming\Mozilla\Firefox\Profiles\0u2s3apf.default\Extensions\de-DE-alt@dictionaries.addons.mozilla.org [2008-03-11]
FF Extension: German Dictionary - C:\Users\Ewald Kaufmann\AppData\Roaming\Mozilla\Firefox\Profiles\0u2s3apf.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2013-03-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Ewald Kaufmann\AppData\Roaming\Mozilla\Firefox\Profiles\0u2s3apf.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-07-19]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-10]
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ []
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-02]
Chrome:
=======
CHR HomePage: https://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Ewald Kaufmann\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-01-04]
CHR Extension: (Google-Suche) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-01-04]
CHR Extension: (RealDownloader) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-07-06]
CHR Extension: (Skype Click to Call) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-12-16]
CHR Extension: (Google Wallet) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-10]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-12-10]
CHR Extension: (Google Mail) - C:\Users\Ewald Kaufmann\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-01-04]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-05-16]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2011-12-12]
========================== Services (Whitelisted) =================
R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AirPrint; C:\AirPrint\airprint.exe [234784 2012-10-29] (Apple Inc.)
R2 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [223448 2007-06-27] (Intel(R) Corporation)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1039440 2014-05-27] (Avira Operations GmbH & Co. KG)
S3 DHTRACE; C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe [39640 2007-06-27] (Intel(R) Corporation)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2007-02-12] ()
S3 FirebirdServerMAGIXInstance; C:\Program Files\ALDI Sued Foto Service\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864 2012-09-07] (Freemake)
R2 Garmin Core Update Service; C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [436056 2014-04-23] (Garmin Ltd or its subsidiaries)
S3 getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [33752 2008-12-01] (NOS Microsystems Ltd.)
R2 GnabService; c:\program files\common files\gnab\service\servicecontroller.exe [36864 2007-04-13] (Empolis GmbH)
S4 GoogleDesktopManager-061008-081103; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [29744 2008-09-22] (Google)
R2 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [59096 2007-06-27] (Intel(R) Corporation)
R2 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [268504 2007-06-27] ()
R2 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [157912 2007-06-27] (Intel(R) Corporation)
R2 NMSCore; C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe [317656 2007-06-27] (Intel(R) Corporation)
R2 QualityManager; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe [272600 2007-06-27] (Intel(R) Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [446680 2007-06-27] (Intel(R) Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [272024 2007-01-09] ()
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
R2 srvcPVR; C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe [1681408 2007-08-16] (Buhl Data Service GmbH)
R2 TVECapSvc; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe [290909 2007-10-19] ()
R2 TVESched; C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe [114779 2007-10-19] ()
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10)
==================== Drivers (Whitelisted) ====================
R3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1302368 2008-01-08] (NXP Semiconductors Germany GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [93528 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-04-18] ()
R3 IntelDH; C:\Windows\System32\Drivers\IntelDH.sys [5632 2007-10-15] (Intel Corporation)
R3 LVPr2Mon; C:\Windows\System32\Drivers\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-12-17] (Logitech Inc.)
S3 mod7700; C:\Windows\System32\DRIVERS\dvb7700all.sys [449408 2007-11-16] (DiBcom)
S3 NAL; C:\Windows\system32\Drivers\iqvw32.sys [31072 2007-05-23] (Intel Corporation )
R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [554496 2007-09-21] (Ralink Technology Corp.)
R2 nmsunidr; C:\Windows\System32\DRIVERS\nmsunidr.sys [5376 2007-02-18] (Gteko Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-10-10] (Avira GmbH)
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [14552 2007-06-27] ()
S3 WINFLASH; C:\Medion\Bios 1.0A_WInflash\WinFlash.sys [10848 2007-01-12] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\Users\EWALDK~1\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-04 16:46 - 2014-06-04 16:46 - 00030740 _____ () C:\Users\Ewald Kaufmann\Desktop\FRST.txt
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\Users\Ewald Kaufmann\Desktop\FRST-OlderVersion
2014-06-03 23:52 - 2014-06-03 23:52 - 00038411 _____ () C:\ComboFix.txt
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\IUSR_NMPR\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-03 23:32 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-03 23:32 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-03 23:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-03 23:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-03 23:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-03 23:32 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-03 23:32 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-03 23:32 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-03 23:31 - 2014-06-03 23:53 - 00000000 ____D () C:\ComboFix
2014-06-03 16:42 - 2014-06-03 23:52 - 00000000 ____D () C:\Qoobox
2014-06-03 16:39 - 2014-06-03 23:50 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 16:31 - 2014-06-03 16:31 - 05206532 ____R (Swearware) C:\Users\Ewald Kaufmann\Desktop\ComboFix.exe
2014-06-02 19:37 - 2014-06-02 19:37 - 02347384 _____ (ESET) C:\Users\Ewald Kaufmann\Desktop\esetsmartinstaller_deu.exe
2014-06-01 22:48 - 2014-06-01 22:48 - 00001606 _____ () C:\xxxxxxxxxx.txt
2014-06-01 22:05 - 2014-06-01 22:05 - 00001601 _____ () C:\Users\Ewald Kaufmann\Desktop\mbam2.txt
2014-06-01 21:51 - 2014-06-01 21:51 - 00001601 _____ () C:\mbam2.txt
2014-05-30 22:41 - 2014-05-30 22:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 22:37 - 2014-05-30 22:37 - 01016261 _____ (Thisisu) C:\Users\Ewald Kaufmann\Desktop\JRT.exe
2014-05-30 22:00 - 2014-06-01 22:50 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 22:00 - 2014-05-30 22:00 - 00000955 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 22:00 - 2014-05-30 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 22:00 - 2014-05-30 22:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-30 22:00 - 2014-05-30 22:00 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-30 22:00 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-30 22:00 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-30 22:00 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-30 21:56 - 2014-05-30 21:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ewald Kaufmann\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 22:58 - 2014-05-29 23:03 - 00000000 ____D () C:\AdwCleaner
2014-05-29 22:52 - 2014-05-29 22:52 - 01327971 _____ () C:\Users\Ewald Kaufmann\Desktop\adwcleaner_3.211.exe
2014-05-29 16:30 - 2014-05-29 16:30 - 00380416 _____ () C:\Users\Ewald Kaufmann\Desktop\Gmer-19357.exe
2014-05-29 16:09 - 2014-06-04 16:46 - 00000000 ____D () C:\FRST
2014-05-29 16:05 - 2014-06-04 16:44 - 01059840 _____ (Farbar) C:\Users\Ewald Kaufmann\Desktop\FRST.exe
2014-05-29 15:47 - 2014-05-29 15:47 - 00050477 _____ () C:\Users\Ewald Kaufmann\Desktop\Defogger.exe
2014-05-28 22:09 - 2014-05-28 22:09 - 00000456 _____ () C:\Windows\TT_VTX.log
2014-05-23 21:57 - 2014-06-04 07:59 - 00002980 _____ () C:\Windows\PFRO.log
2014-05-23 21:21 - 2014-05-24 14:00 - 00002451 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-18 19:56 - 2014-05-18 19:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-16 08:31 - 2014-05-16 08:31 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 08:17 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 08:17 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 08:17 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 13:11 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-07 10:32 - 2014-05-07 10:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-05-07 10:32 - 2014-05-07 10:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-05-07 08:26 - 2014-06-04 16:39 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Roaming\DropboxMaster
==================== One Month Modified Files and Folders =======
2014-06-04 16:46 - 2014-06-04 16:46 - 00030740 _____ () C:\Users\Ewald Kaufmann\Desktop\FRST.txt
2014-06-04 16:46 - 2014-05-29 16:09 - 00000000 ____D () C:\FRST
2014-06-04 16:46 - 2008-03-06 18:32 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Local\Temp
2014-06-04 16:44 - 2014-06-04 16:44 - 00000000 ____D () C:\Users\Ewald Kaufmann\Desktop\FRST-OlderVersion
2014-06-04 16:44 - 2014-05-29 16:05 - 01059840 _____ (Farbar) C:\Users\Ewald Kaufmann\Desktop\FRST.exe
2014-06-04 16:44 - 2009-02-10 00:35 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Local\Downloaded Installations
2014-06-04 16:39 - 2014-05-07 08:26 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Roaming\DropboxMaster
2014-06-04 16:39 - 2013-02-12 22:21 - 00000000 ___RD () C:\Users\Ewald Kaufmann\Dropbox
2014-06-04 16:39 - 2013-02-12 22:14 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Roaming\Dropbox
2014-06-04 16:38 - 2008-03-06 18:14 - 01795576 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 16:35 - 2006-11-02 14:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-04 16:29 - 2014-05-03 18:45 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Local\FreePDF_XP
2014-06-04 16:29 - 2013-05-10 08:01 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce4d43c6b102c0.job
2014-06-04 16:29 - 2008-11-13 12:54 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-04 16:29 - 2007-10-09 16:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-04 16:29 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-04 16:29 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-04 16:29 - 2006-11-02 14:47 - 00003344 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-04 15:08 - 2006-11-02 15:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-04 10:42 - 2012-08-05 13:59 - 00002617 _____ () C:\Users\Ewald Kaufmann\Desktop\Microsoft Word 2010.lnk
2014-06-04 08:24 - 2007-10-15 18:38 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-06-04 07:59 - 2014-05-23 21:57 - 00002980 _____ () C:\Windows\PFRO.log
2014-06-03 23:53 - 2014-06-03 23:31 - 00000000 ____D () C:\ComboFix
2014-06-03 23:52 - 2014-06-03 23:52 - 00038411 _____ () C:\ComboFix.txt
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\IUSR_NMPR\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 23:52 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-03 23:52 - 2014-06-03 16:42 - 00000000 ____D () C:\Qoobox
2014-06-03 23:52 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default
2014-06-03 23:52 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public
2014-06-03 23:50 - 2014-06-03 16:39 - 00000000 ____D () C:\Windows\erdnt
2014-06-03 23:49 - 2006-11-02 12:23 - 00000248 _____ () C:\Windows\system.ini
2014-06-03 16:31 - 2014-06-03 16:31 - 05206532 ____R (Swearware) C:\Users\Ewald Kaufmann\Desktop\ComboFix.exe
2014-06-03 15:45 - 2008-03-19 12:32 - 00000000 ____D () C:\Users\Ewald Kaufmann\Scanner
2014-06-02 19:37 - 2014-06-02 19:37 - 02347384 _____ (ESET) C:\Users\Ewald Kaufmann\Desktop\esetsmartinstaller_deu.exe
2014-06-02 18:54 - 2006-11-02 12:33 - 01603066 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 17:05 - 2014-04-09 21:00 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-06-02 17:01 - 2010-10-18 22:30 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Local\Apps\2.0
2014-06-02 16:57 - 2006-11-02 13:18 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-01 22:50 - 2014-05-30 22:00 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-01 22:48 - 2014-06-01 22:48 - 00001606 _____ () C:\xxxxxxxxxx.txt
2014-06-01 22:05 - 2014-06-01 22:05 - 00001601 _____ () C:\Users\Ewald Kaufmann\Desktop\mbam2.txt
2014-06-01 21:51 - 2014-06-01 21:51 - 00001601 _____ () C:\mbam2.txt
2014-06-01 20:56 - 2014-01-13 23:07 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Roaming\BOM
2014-05-30 22:41 - 2014-05-30 22:41 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 22:37 - 2014-05-30 22:37 - 01016261 _____ (Thisisu) C:\Users\Ewald Kaufmann\Desktop\JRT.exe
2014-05-30 22:00 - 2014-05-30 22:00 - 00000955 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-30 22:00 - 2014-05-30 22:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-30 22:00 - 2014-05-30 22:00 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-30 22:00 - 2014-05-30 22:00 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-30 21:57 - 2014-05-30 21:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ewald Kaufmann\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 23:57 - 2009-10-10 19:58 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-29 23:45 - 2012-07-29 17:28 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-29 23:03 - 2014-05-29 22:58 - 00000000 ____D () C:\AdwCleaner
2014-05-29 23:03 - 2008-03-06 18:32 - 00000000 ____D () C:\Users\Ewald Kaufmann
2014-05-29 22:52 - 2014-05-29 22:52 - 01327971 _____ () C:\Users\Ewald Kaufmann\Desktop\adwcleaner_3.211.exe
2014-05-29 22:46 - 2007-10-10 12:37 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-29 22:04 - 2008-12-30 12:53 - 00000000 ____D () C:\Users\Public\Öffentliche TEMP
2014-05-29 21:43 - 2013-05-06 14:47 - 00000000 ____D () C:\Users\Ewald Kaufmann\_TEMP
2014-05-29 16:30 - 2014-05-29 16:30 - 00380416 _____ () C:\Users\Ewald Kaufmann\Desktop\Gmer-19357.exe
2014-05-29 15:47 - 2014-05-29 15:47 - 00050477 _____ () C:\Users\Ewald Kaufmann\Desktop\Defogger.exe
2014-05-29 08:47 - 2013-02-22 13:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-28 22:09 - 2014-05-28 22:09 - 00000456 _____ () C:\Windows\TT_VTX.log
2014-05-28 08:17 - 2013-02-12 22:21 - 00000998 _____ () C:\Users\Ewald Kaufmann\Desktop\Dropbox.lnk
2014-05-28 08:17 - 2013-02-12 22:15 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-27 16:39 - 2013-11-05 22:43 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-27 16:39 - 2013-11-05 22:43 - 00093528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-26 21:14 - 2014-01-13 23:07 - 00000000 ____D () C:\Program Files\Biet-O-Matic
2014-05-24 21:28 - 2013-01-07 15:40 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Local\Canon Easy-PhotoPrint EX
2014-05-24 14:00 - 2014-05-23 21:21 - 00002451 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-24 08:59 - 2009-10-10 20:03 - 00002005 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-23 21:22 - 2008-03-07 00:56 - 00000000 ____D () C:\Users\Ewald Kaufmann\AppData\Local\Adobe
2014-05-23 21:21 - 2011-06-24 13:40 - 00001932 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-23 21:21 - 2008-03-07 01:50 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-05-23 21:21 - 2007-10-10 13:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-23 21:21 - 2007-10-10 13:05 - 00000000 ____D () C:\Program Files\Adobe
2014-05-18 19:56 - 2014-05-18 19:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-16 19:15 - 2010-12-30 20:41 - 00058880 _____ () C:\Users\Ewald Kaufmann\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-05-16 15:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-16 08:31 - 2014-05-16 08:31 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-05-16 08:30 - 2013-07-16 07:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 08:23 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-14 16:45 - 2012-07-29 17:28 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 16:45 - 2011-10-14 07:28 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-12 07:26 - 2014-05-30 22:00 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-30 22:00 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-30 22:00 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-10 14:20 - 2013-02-21 14:02 - 00002659 _____ () C:\Users\Ewald Kaufmann\Desktop\Microsoft PowerPoint 2010.lnk
2014-05-07 15:05 - 2008-10-03 11:10 - 00000103 _____ () C:\Users\Ewald Kaufmann\AppData\default.pls
2014-05-07 10:33 - 2012-12-23 13:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-07 10:32 - 2014-05-07 10:32 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Garmin
2014-05-07 10:32 - 2014-05-07 10:32 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Garmin
2014-05-07 10:32 - 2013-04-18 10:20 - 00001805 _____ () C:\Users\Public\Desktop\Garmin Express.lnk
2014-05-07 10:32 - 2009-05-18 21:36 - 00000000 ____D () C:\Program Files\Garmin
2014-05-07 10:32 - 2008-08-06 09:03 - 00000000 ____D () C:\ProgramData\GARMIN
2014-05-07 10:32 - 2008-03-14 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2014-05-06 01:32 - 2014-05-16 08:17 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-16 08:17 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 01:14 - 2014-05-16 08:17 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Ewald Kaufmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuabecv.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-06-04 16:39
==================== End Of Log ============================
--- --- ---
ADDITION.txt : Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014
Ran by Ewald Kaufmann at 2014-06-04 16:47:00
Running from C:\Users\Ewald Kaufmann\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
1&1 HomeNet-Client (HKLM\...\1&1 HomeNet-Client) (Version: - )
3D Live Pool (HKLM\...\3D Live Pool_is1) (Version: - Etiumsoft, Inc.)
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1568.4089 - ABBYY Software House)
Ace WINScreen 4.5 (HKLM\...\Ace WINScreen_is1) (Version: 4.5 - Caltrox Software Systems)
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AntiBrowserSpy (HKLM\...\{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1) (Version: 4.0.110 - Abelssoft)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Software Suite (HKLM\...\{497A1721-088F-41EF-8876-B43C9DA5528B}) (Version: 1.0 - ArcSoft)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
AVM FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.2.1.0 - AVM Berlin)
AXIS Media Control Embedded (HKLM\...\AXIS Media Control Embedded) (Version: - )
Biet-O-Matic v2.14.12 (HKLM\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
BMW TV Version 1.5.0 (HKLM\...\BMW TV_is1) (Version: - BMW)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MG5300 series Benutzerregistrierung (HKLM\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - )
Canon MG5300 series On-screen Manual (HKLM\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.12 - Piriform)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version: - )
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
DDBAC (HKLM\...\{763231D7-2E4E-44D6-8FC2-6A0C7EDCE3B6}) (Version: 4.3.46 - DataDesign)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version: - Microsoft)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Elevated Installer (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
FileZilla Client 3.3.2.1 (HKLM\...\FileZilla Client) (Version: 3.3.2.1 - )
Firebird SQL Server - MAGIX Edition (HKLM\...\Firebird SQL Server D) (Version: 2.0.1.8 - MAGIX AG)
Freemake Video Converter Version 3.2.1 (HKLM\...\Freemake Video Converter_is1) (Version: 3.2.1 - Ellora Assets Corporation)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Garmin BaseCamp (HKLM\...\{EBAC8FD4-28EC-46F7-BF9E-89D6E6673001}) (Version: 4.2.5 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe (Unicode) NT 2014.40 Update (HKLM\...\{D8E9584C-28A2-4C79-ABA6-68710DFF86F9}) (Version: 17.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin City Navigator Europe NT 2014.30 Update (HKLM\...\{F956C0BB-D2FA-4BA5-80D7-AC08E7CD611B}) (Version: 17.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM\...\{C7DD94A8-F775-426C-B56C-8E555A59F9E2}) (Version: 2.9.2 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{a2c69cba-542a-4a49-af31-b8a49349064d}) (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 3.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin MapSource (HKLM\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}) (Version: 2.5.5 - Garmin Ltd or its subsidiaries)
getPlus(R) for Adobe (HKLM\...\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}) (Version: 1.5.2.35 - NOS Microsystems Ltd.)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.7.0806.10245 - Google)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.)
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
InfoTech-Service Freischalt-Center 2.3 (HKLM\...\InfoTech-Service Freischalt-Center) (Version: 2.3 - InfoTech-Service, Christian Rimsl)
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel(R) PRO Network Connections 12.2.41.0 (HKLM\...\PROSetDX) (Version: 12.2.41.0 - Intel)
Intel(R) PRO Network Connections 12.2.41.0 (Version: 12.2.41.0 - Intel) Hidden
Intel® Viiv™ Software (HKLM\...\Intel(R) Configuration Center) (Version: 1.7.512.0 - Intel Corporation)
Intel® Viiv™ Software (Version: 1.7.512.0 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java(TM) 6 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160040}) (Version: 1.6.0.40 - Sun Microsystems, Inc.)
Letstrade (HKLM\...\{E0091C29-DEE8-4B24-BF65-8C35B5940D77}) (Version: 1.00.0000 - Buhl Data Service)
LetsTrade Komponenten (HKLM\...\LetsTrade) (Version: - )
Lexware Info Service (HKLM\...\{59624372-3B85-47f4-9B04-4911E551DF1E}) (Version: 2.61.00.0033 - Lexware GmbH & Co. KG)
Lexware online banking (HKLM\...\{6C35CAC7-27C9-4CB0-BBB8-CBF9994215DA}) (Version: 8.00.00.0067 - Lexware GmbH & Co. KG)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
MakeDisc (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.0.2516 - CyberLink Corp.)
MakeitOne - MP3AlbumMaker (HKLM\...\{DD6FA976-3F0A-4C6C-A30F-6E75DFC39DE9}) (Version: 1.0.0 - MakeitOne)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MCE Software Encoder 1.1 (HKLM\...\{7655E113-C306-11D9-A373-0050BAE317E1}) (Version: 1.1.0.1918 - CyberLink Corporation)
MediaShow (HKLM\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
MEDION Fotos auf CD Sued (HKLM\...\MEDION Fotos auf CD Sued D) (Version: 6.0.2.0 - MAGIX AG)
Medion Media Center 0 (HKLM\...\{23CE4550-F67C-4114-88DF-FE923BC13E7F}) (Version: 1.0.12.0 - Medion)
MEDIONbox (HKLM\...\{27FDF949-69CE-435A-8372-339F72336AC5}) (Version: 1.09.0000.00050 - Medion)
MFC RunTime files (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{A71D5E81-B967-43DB-93D7-FD31BFB95748}) (Version: 3.1.5.0 - Apple Inc.)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 EasySplitter (Trial) (HKLM\...\MP3 EasySplitter (Trial)_is1) (Version: - )
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Premium (HKLM\...\{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1031}) (Version: 7.03.1152 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NimoFilm (HKLM\...\{CE52F670-9E10-4C0A-B0CB-D78BAB0A7923}) (Version: 1.9.21 - Mysher)
NVIDIA 3D Vision Controller-Treiber 296.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 296.10 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.12.0213 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version: - )
PC Fresh (HKLM\...\PC Fresh_is1) (Version: 2012 - Abelssoft GmbH)
PC SpeedScan Pro (Version: 7.1.1 - Ascentive) Hidden
Phoenix Service Software 2010.48.004.44602 (HKLM\...\Phoenix Service Software 2010.48.004.44602_is1) (Version: - leopard Tech)
PHOTOfunSTUDIO 6.1 HD Lite Edition (HKLM\...\{7E653036-DE31-4BFD-96BB-421CC72E06FC}) (Version: 6.01.015 - Panasonic Corporation)
PhotoNow! (HKLM\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.0.4310 - CyberLink Corp.)
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209a - CyberLink Corp.)
PowerDirector (Version: 6.5.2209a - CyberLink Corp.) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corporation)
PowerProducer (HKLM\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 4.2.2504 - CyberLink Corp.)
Quicken 2010 - Servicepack 5 (HKLM\...\{4C9E7EA5-9A3F-4C54-9038-EBB4CF25C29D}) (Version: 17.05.0000 - Lexware GmbH & Co KG)
Quicken 2010 (HKLM\...\InstallShield_{4F8AFA74-1562-4980-8B87-8C07E8DE8FAF}) (Version: 17.00.00.0081 - Lexware GmbH & Co. KG)
Quicken 2010 (Version: 17.00.00.0081 - Lexware GmbH & Co. KG) Hidden
Quicken Import Export Server 2010 (HKLM\...\{7DA9F24A-CEC3-426E-BFFA-ADB94D922463}) (Version: 17.00.00.0048 - Lexware GmbH & Co. KG)
QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5512 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rechenbüro Professionell 2004 2.416 (HKLM\...\Rechenbüro Professionell 2004) (Version: 2.416 - InfoTech-Service, Christian Rimsl)
Remote Wonder Series Driver and Control Panel (HKLM\...\X10Hardware) (Version: - )
Safari (HKLM\...\{C5C649A8-1D21-4C83-9B08-7B3752E580F4}) (Version: 4.30.17.0 - Apple Inc.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
Sceneo AbsolutTV (HKLM\...\{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
Servicepack Datumsaktualisierung (Version: 1.00.00.0005 - Haufe-Lexware) Hidden
SILKYPIX Developer Studio 3.0 SE (HKLM\...\InstallShield_{B2F25F71-D920-4288-A548-54CD253DEF14}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.0 SE (Version: 3 - Ichikawa Soft Laboratory) Hidden
SimpleScreenshot 1.40 (HKLM\...\SimpleScreenshot) (Version: - )
Skype Toolbars (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7555 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 8 (HKLM\...\{AC76BA86-7AD7-5464-3428-800000000004}) (Version: 8.1.0 - Adobe Systems)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steuer-Spar-Erklärung 2011 (HKLM\...\{9F5FD796-86F0-4360-85F8-D54C0F5411EB}) (Version: 16.14 - Akademische Arbeitsgemeinschaft Verlag)
Steuer-Spar-Erklärung 2012 (HKLM\...\{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}) (Version: 17.13 - Wolters Kluwer Deutschland GmbH)
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Super LoiLoScope WebShortcut (HKLM\...\{AC589470-884E-4E15-96D8-437780F8185D}) (Version: 1.0.0 - LoiLo)
TAXMAN 2007 (Version: 13.00 - Lexware) Hidden
TerraTec Home Cinema (HKLM\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 5.125.0 - )
TextBridge Pro 8.0 (HKLM\...\TextBridge Pro 8.0) (Version: - )
TopStyle Lite (Version 3.0) (HKLM\...\TopStyle Lite (Version 3.0)) (Version: 3.1.0 - Bradbury Software, LLC)
TubeBox (HKLM\...\{60597b3f-d714-4f4e-8094-be088a31ff25}) (Version: 4.1.1.0 - Freetec)
TubeBox (Version: 4.1.1.0 - Freetec) Hidden
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
TV Enhance (HKLM\...\{E4C891D6-6844-41B8-86E8-633CACCC644F}) (Version: 1.0.4916 - CyberLink Corp.)
TVsweeper 3 (HKLM\...\{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}) (Version: 3.0.3 - Sonavis)
Ulead PhotoImpact 12 (HKLM\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VR-NetWorld (HKLM\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version: - )
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinGDB3 3.70 (HKLM\...\WinGDB3) (Version: 3.70 - Asyver)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Wise Registry Cleaner 7.91 (HKLM\...\Wise Registry Cleaner_is1) (Version: 7.91 - WiseCleaner.com, Inc.)
WISO Mein Geld 2009 Professional (HKLM\...\{44061C54-0775-4AE1-B433-79BCC6431817}) (Version: 10.00.0047 - Buhl Data Service GmbH)
==================== Restore Points =========================
29-04-2014 06:17:06 Windows Update
04-05-2014 06:24:32 Windows Update
07-05-2014 08:27:58 Garmin Express
07-05-2014 08:32:51 Garmin Express
16-05-2014 06:09:29 Windows Update
23-05-2014 19:12:41 Removed Adobe Reader X (10.1.10) - Deutsch.
03-06-2014 06:00:08 Removed Avira SearchFree Toolbar
==================== Hosts content: ==========================
2006-11-02 12:23 - 2009-03-17 19:10 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {09DA815D-5102-4DA5-B1BE-006C5B6A5FC4} - System32\Tasks\Norton Internet Security CBE\Norton Error Analyzer => C:\Program Files\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe
Task: {16B06D19-CD9F-46D2-9D10-D6E3CDDCCCB3} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ewald Kaufmann => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {577994AF-79CC-43B9-853F-86A19155E0D8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2643817713-3400089558-1708297070-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8595EFC3-7FBB-475F-BDFA-E25C7EE8C725} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2643817713-3400089558-1708297070-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {8B7560C0-381D-48E2-BFFE-AAF63897E89E} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-04-23] ()
Task: {8FEAB0EC-2724-4D8F-9DEB-D5BD0AAAD80B} - System32\Tasks\GoogleUpdateTaskMachineCore1ce4d43c6b102c0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-10] (Google Inc.)
Task: {965F8B8C-26CE-447D-8495-818783F20C8A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9DC98D58-5FB0-40CB-8139-D52796C6580A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {A951737B-1111-423B-84AD-448897E68818} - System32\Tasks\{741E324B-42E2-4875-9954-51C44AAB2EDD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.8.0.158/de/go/help.faq.installer?LastError=1618
Task: {ABE2DFC5-E788-496C-9F3E-0F2D53D822AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {B0A79CC2-C6B6-4464-ACE3-FBABA6197949} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2643817713-3400089558-1708297070-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {C9923C71-A490-4849-BDFD-D1AC37A055F0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {CE9C8633-288E-4FED-99B6-AB7EE5100D77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-10] (Google Inc.)
Task: {D45667F1-5FBE-470A-9312-5CC01B6ECAEB} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2643817713-3400089558-1708297070-1004 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {D8956B27-58ED-4D7F-B210-F734D74D412A} - System32\Tasks\Norton Internet Security CBE\Norton Error Processor => C:\Program Files\Norton Internet Security CBE\Engine\20.3.1.22\SymErr.exe
Task: {E19412A5-24DC-4B5A-ACD6-325289FF9232} - System32\Tasks\{F93099C5-5AEE-4D14-9D9E-2C45A6A55ADA} => C:\Program Files\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EDB64326-2C1B-453F-B54A-19DB547CFA0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-10-10] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1ce4d43c6b102c0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2643817713-3400089558-1708297070-1004.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
==================== Loaded Modules (whitelisted) =============
2014-04-29 12:54 - 2012-06-21 07:25 - 00094208 _____ () C:\Windows\System32\redmon32.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-21 20:19 - 2010-03-21 20:19 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2008-03-08 20:52 - 2007-09-20 19:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2008-03-07 14:39 - 1998-12-14 12:06 - 00163328 _____ () C:\Program Files\Common Files\Xerox Shared\easytb32.dll
2008-03-07 14:39 - 1998-12-14 12:06 - 00034304 _____ () C:\Program Files\Common Files\Xerox Shared\VGFILE.dll
2007-02-12 11:46 - 2007-02-12 11:46 - 00208896 _____ () C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
2014-06-04 16:31 - 2014-06-04 16:31 - 00043008 _____ () C:\Users\Ewald Kaufmann\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuabecv.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Ewald Kaufmann\AppData\Roaming\Dropbox\bin\libcef.dll
2013-07-11 08:30 - 2013-07-11 08:30 - 03391488 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_5b8ee2f1\mscorlib.dll
2013-07-11 08:30 - 2013-07-11 08:30 - 01966080 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_ecc31d15\system.dll
2013-07-11 08:30 - 2013-07-11 08:30 - 03035136 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_0dc2ac08\system.windows.forms.dll
2013-07-11 08:30 - 2013-07-11 08:30 - 02088960 _____ () c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_fa78f23c\system.xml.dll
2007-10-15 16:38 - 2007-04-13 18:14 - 00006656 _____ () c:\program files\medion\medionbox\program\structconverter.dll
2009-09-17 10:21 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2008-02-04 17:28 - 2007-01-09 11:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2007-10-22 13:49 - 2007-05-16 22:48 - 00421955 _____ () C:\Program Files\Sceneo\AbsolutTV\Services\PVR\tvtvRemote.dll
2008-02-04 17:30 - 2007-10-19 18:42 - 00290909 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
2008-02-04 17:29 - 2007-10-19 18:42 - 00094208 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchRecordMonitor.dll
2008-02-04 17:30 - 2007-12-12 12:21 - 00245858 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapEngine.dll
2008-02-04 17:30 - 2007-10-19 18:42 - 00032768 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLCapSvcps.dll
2008-02-04 17:30 - 2007-10-19 18:42 - 00114779 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
2008-02-04 17:30 - 2007-10-19 18:42 - 00114780 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLSchMgr.dll
2008-02-04 17:30 - 2007-10-19 18:42 - 00339968 _____ () C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\CLTinyDB.dll
2007-06-27 10:13 - 2007-06-27 10:13 - 00268504 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
2007-06-27 10:14 - 2007-06-27 10:14 - 00325848 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaserver.dll
2007-06-27 10:13 - 2007-06-27 10:13 - 00563416 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_client.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00070872 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_mediaspace.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00219352 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_import.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00041176 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_aggregate.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00030424 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_sync.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00025304 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunisauth.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00104664 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_tunists.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00088280 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnp.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00026328 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_upnppower.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00065240 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\xmb_upnppower.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00027864 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_xrturi.dll
2007-06-27 10:14 - 2007-06-27 10:14 - 00252120 _____ () C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\lib\mediaserver\mediaserver_zcardea.dll
2009-12-27 22:48 - 2004-05-26 00:06 - 00417792 _____ () C:\Windows\system32\ac3filter.ax
2009-10-06 09:16 - 2009-10-06 09:16 - 00077824 _____ () C:\Program Files\MyFree Codec\1.0b beta\XVID-CORE\xvid.ax
2014-05-24 08:59 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-24 08:59 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-24 08:59 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO -viewer-.lnk => C:\Windows\pss\PHOTOfunSTUDIO -viewer-.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VR-NetWorld Auftragsprüfung.lnk => C:\Windows\pss\VR-NetWorld Auftragsprüfung.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Ewald Kaufmann^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Ewald Kaufmann^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCUTRAYICON => C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: InstantAccess => C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Remote Control Editor => "C:\Program Files\Common Files\TerraTec\Remote\TTTvRc.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: TVEService => "C:\Program Files\HomeCinema\TV Enhance\TVEService.exe"
==================== Faulty Device Manager Devices =============
Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft-ISATAP-Adapter #4
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft-ISATAP-Adapter #5
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft-ISATAP-Adapter #6
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft-ISATAP-Adapter #9
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (06/03/2014 11:51:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP02> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:51:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP02> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:51:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\REGRUNS01> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:51:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\REGRUNS0A> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:51:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\REGRUNORIC> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:45:22 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP4900> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:44:00 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP3700> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:37:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP0201> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:37:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP0201> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (06/03/2014 11:37:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Eintrag <C:\COMBOFIX\TEMP0002> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (06/04/2014 04:36:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (06/04/2014 04:36:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (06/04/2014 04:34:45 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FRITZ-NAS",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3A31173B-00CB-4E00-B86A-E10D01A6-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (06/04/2014 04:34:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (06/04/2014 04:33:42 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (06/04/2014 04:33:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: X10 Device Network Service
Error: (06/04/2014 04:31:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Avira Browser-Schutz%%1260
Error: (06/04/2014 04:31:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (06/04/2014 04:29:51 PM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT-AUTORITÄT)
Description: 2147942402
Error: (06/04/2014 02:09:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: NVIDIA Update Service Daemon%%1069
Microsoft Office Sessions:
=========================
Error: (06/03/2014 11:51:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP02
Error: (06/03/2014 11:51:23 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP02
Error: (06/03/2014 11:51:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\REGRUNS01
Error: (06/03/2014 11:51:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\REGRUNS0A
Error: (06/03/2014 11:51:04 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\REGRUNORIC
Error: (06/03/2014 11:45:22 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP4900
Error: (06/03/2014 11:44:00 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP3700
Error: (06/03/2014 11:37:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP0201
Error: (06/03/2014 11:37:41 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP0201
Error: (06/03/2014 11:37:37 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
C:\COMBOFIX\TEMP0002
CodeIntegrity Errors:
===================================
Date: 2014-06-04 16:46:47.319
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:47.076
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:46.830
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:46.443
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:46.195
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:45.954
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:45.590
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:45.333
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:44.775
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-04 16:46:44.476
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 49%
Total physical RAM: 3069.45 MB
Available physical RAM: 1557.43 MB
Total Pagefile: 6361.77 MB
Available Pagefile: 4714.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1888.47 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:445.76 GB) (Free:135.78 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:9.5 GB) FAT32
Drive f: () (Removable) (Total:14.83 GB) (Free:10.83 GB) FAT32
Drive j: (HD-PVU2) (Fixed) (Total:465.76 GB) (Free:309.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2BAB359D)
Partition 1: (Active) - (Size=446 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15 GB) - (Type=0C)
========================================================
Disk: 5 (Size: 466 GB) (Disk ID: E8814535)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
