|
Log-Analyse und Auswertung: Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppeltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
25.07.2014, 10:10 | #1 |
| Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Hallo, ich habe das Problem, dass meine aktuelle Anwendung ständig in den Hintergrund gedrängt wird. Bei der Eingabe dieses Textes muss ich ca. alle drei Zeichen ins Feld klicken, damit ich weiterschreiben kann. Im Taskmanager ist der Prozess "wisptis.exe" doppelt, einmal mit und einmal ohne Benutzername. Der ohne Benutzername lässt sich nicht beenden. Der Prozess "OUTLOOK.EXE *32" taucht auf und verschwindet im 2-3-Sekunden-Takt. Die CPU-Auslastung schwankt sehr stark, teilweise bis zum Maximum, obwohl kaum Anwendungen aktiv sind. Ich habe bereits Scans mit Malwarebytes Anti-Malware, frst und GMER durchgeführt, die Logs liegen vor. Ich habe im Forum gelesen, dass das Problem mit "wisptis.exe" nicht neu ist. Es wurde dort aber nicht deutlich, ob der Rechner evtl. inifiziert war. Ich hoffe, jemand kann mir helfen, vielen Dank schonmal im Voraus! |
25.07.2014, 10:47 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
25.07.2014, 13:47 | #3 |
| Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Hallo cosinus,
__________________erst einmal danke für die schnelle Reaktion. Scan mit frst hatte ich schon (siehe oben, das wurde im Text nicht hervorgehoben, frag nicht, warum. Hier die logs: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 16:59 on 24/07/2014 (Doreen) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 18.07.2014 Suchlauf-Zeit: 18:20:19 Logdatei: Malwarebytes Anti-Malware .txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.07.18.07 Rootkit Datenbank: v2014.07.17.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Doreen Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 289798 Verstrichene Zeit: 29 Min, 32 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 2 PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [ed129c045c1fb284f319863bd23017e9], PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [33cc5d43542795a1907cbb06b15121df], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 3 PUP.Optional.Spigot.A, C:\Users\Doreen\AppData\LocalLow\Search Settings, In Quarantäne, [e11effa13348b680d8ea1b9f3bc7f808], PUP.Optional.Spigot.A, C:\Users\Doreen\AppData\LocalLow\Search Settings\res, In Quarantäne, [e11effa13348b680d8ea1b9f3bc7f808], PUP.Optional.Spigot.A, C:\Users\Doreen\AppData\LocalLow\Search Settings\temp, In Quarantäne, [e11effa13348b680d8ea1b9f3bc7f808], Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 18.07.2014 18:18:06, SYSTEM, DOREEN-PC, Manual, Rootkit Database, 2014.7.3.1, 2014.7.17.1, Update, 18.07.2014 18:18:30, SYSTEM, DOREEN-PC, Manual, Malware Database, 2014.7.6.8, 2014.7.18.7, (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 18.07.2014 18:18:06, SYSTEM, DOREEN-PC, Manual, Rootkit Database, 2014.7.3.1, 2014.7.17.1, Update, 18.07.2014 18:18:30, SYSTEM, DOREEN-PC, Manual, Malware Database, 2014.7.6.8, 2014.7.18.7, (end) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 Ran by Doreen (administrator) on DOREEN-PC on 24-07-2014 17:09:18 Running from C:\Users\Doreen\Downloads Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (O2Micro International) C:\Windows\System32\drivers\o2flash.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe () C:\Program Files (x86)\Join Air\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe () C:\Windows\System32\atwtusb.exe () C:\Windows\System32\atwtusb.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe () C:\Windows\PLFSetI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\System32\AtwtusbIcon.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe () C:\Users\Doreen\Desktop\Defogger.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 Ran by Doreen at 2014-07-24 17:11:25 Running from C:\Users\Doreen\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version: - 1&1 Internet AG) 1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden 5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH) Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team) Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - ) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version: - ) Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version: - ) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit) Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version: - ) DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version: - ) F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - ) Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft) Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team) Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - ) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Intel PROSet Wireless (Version: - ) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation) Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM) Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.) Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - ) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge) PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version: - Peter Pledel, -Softwareentwicklung-) Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skillstraining (HKLM-x32\...\Skillstraining ) (Version: - ) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated) TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - ) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.) ==================== Custom CLSID entries: ========================== (Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 16-07-2014 09:27:25 Windows Update 22-07-2014 10:30:58 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn) Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software) Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit) Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit) Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit) Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe ==================== Loaded Modules (whitelisted) ============= 2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe 2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe 2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe 2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe 2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe 2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll 2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll 2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001d7bf ID des fehlerhaften Prozesses: 0x1560 Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0 Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1 Pfad des fehlerhaften Moduls: OUTLOOK.EXE2 Berichtskennung: OUTLOOK.EXE3 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Ausnahmecode: 0x40000015 Fehleroffset: 0x000a0940 ID des fehlerhaften Prozesses: 0x87c Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0 Pfad der fehlerhaften Anwendung: HelperService.exe1 Pfad des fehlerhaften Moduls: HelperService.exe2 Berichtskennung: HelperService.exe3 System errors: ============= Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: %%1115 Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht. Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Microsoft Office Sessions: ========================= Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2 CodeIntegrity Errors: =================================== Date: 2014-07-10 22:30:14.811 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 22:20:32.815 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:34:17.122 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:22:12.189 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-07 16:52:55.845 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-06 17:43:28.578 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 74% Total physical RAM: 1976.96 MB Available physical RAM: 507.9 MB Total Pagefile: 3953.92 MB Available Pagefile: 2170.19 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 Ran by Doreen at 2014-07-24 17:11:25 Running from C:\Users\Doreen\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version: - 1&1 Internet AG) 1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden 5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH) Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team) Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - ) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version: - ) Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version: - ) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit) Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version: - ) DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version: - ) F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - ) Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft) Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team) Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - ) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Intel PROSet Wireless (Version: - ) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation) Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM) Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.) Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - ) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge) PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version: - Peter Pledel, -Softwareentwicklung-) Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skillstraining (HKLM-x32\...\Skillstraining ) (Version: - ) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated) TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - ) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.) ==================== Custom CLSID entries: ========================== (Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 16-07-2014 09:27:25 Windows Update 22-07-2014 10:30:58 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn) Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software) Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit) Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit) Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit) Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe ==================== Loaded Modules (whitelisted) ============= 2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe 2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe 2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe 2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe 2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe 2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll 2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll 2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001d7bf ID des fehlerhaften Prozesses: 0x1560 Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0 Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1 Pfad des fehlerhaften Moduls: OUTLOOK.EXE2 Berichtskennung: OUTLOOK.EXE3 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Ausnahmecode: 0x40000015 Fehleroffset: 0x000a0940 ID des fehlerhaften Prozesses: 0x87c Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0 Pfad der fehlerhaften Anwendung: HelperService.exe1 Pfad des fehlerhaften Moduls: HelperService.exe2 Berichtskennung: HelperService.exe3 System errors: ============= Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: %%1115 Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht. Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Microsoft Office Sessions: ========================= Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2 CodeIntegrity Errors: =================================== Date: 2014-07-10 22:30:14.811 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 22:20:32.815 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:34:17.122 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:22:12.189 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-07 16:52:55.845 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-06 17:43:28.578 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 74% Total physical RAM: 1976.96 MB Available physical RAM: 507.9 MB Total Pagefile: 3953.92 MB Available Pagefile: 2170.19 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Ich hoffe, ich habe nichts vergessen. |
25.07.2014, 14:17 | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppeltZitat:
Enterprise-Editionen gibt es nicht mal so beim nöchsten Laden um die Ecke. Ich vermute, dass dieser Rechner gewerblich genutzt wird, lieg ich da richtig?
__________________ Logfiles bitte immer in CODE-Tags posten |
25.07.2014, 16:24 | #5 |
| Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Nein. Rechner ist privat. Wir hatten ihn ohne Betriebssystem gekauft, weil ich als Student über einen Hochschulaccount verschiedene Software, u. a. BS, kostenlos bekommen konnte. Darauf hin hat uns ein guter Bekannter, Systemadmin bei der Allianz, bei der Installation geholfen (seine Install-CD und mein Key). Der Key sollte eigentlich W 7 Professional freischalten, hat dann aber die Enterprise-Installation nicht verändert. |
25.07.2014, 22:07 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Ok...ich hab leider vergessen zu erwähnen, dass das FRST.txt Logfile unvollständig ist
__________________ --> Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt |
25.07.2014, 23:09 | #7 |
| Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Okay, hier nochmal die FRST logs: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 Ran by Doreen (administrator) on DOREEN-PC on 24-07-2014 17:09:18 Running from C:\Users\Doreen\Downloads Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (O2Micro International) C:\Windows\System32\drivers\o2flash.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe () C:\Program Files (x86)\Join Air\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe () C:\Windows\System32\atwtusb.exe () C:\Windows\System32\atwtusb.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe () C:\Windows\PLFSetI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\System32\AtwtusbIcon.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe () C:\Users\Doreen\Desktop\Defogger.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 Ran by Doreen at 2014-07-24 17:11:25 Running from C:\Users\Doreen\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version: - 1&1 Internet AG) 1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden 5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH) Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team) Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - ) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version: - ) Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version: - ) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit) Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version: - ) DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version: - ) F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - ) Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft) Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team) Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - ) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Intel PROSet Wireless (Version: - ) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation) Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM) Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.) Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - ) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge) PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version: - Peter Pledel, -Softwareentwicklung-) Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skillstraining (HKLM-x32\...\Skillstraining ) (Version: - ) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated) TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - ) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.) ==================== Custom CLSID entries: ========================== (Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 16-07-2014 09:27:25 Windows Update 22-07-2014 10:30:58 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn) Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software) Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit) Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit) Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit) Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe ==================== Loaded Modules (whitelisted) ============= 2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe 2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe 2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe 2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe 2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe 2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll 2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll 2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001d7bf ID des fehlerhaften Prozesses: 0x1560 Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0 Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1 Pfad des fehlerhaften Moduls: OUTLOOK.EXE2 Berichtskennung: OUTLOOK.EXE3 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Ausnahmecode: 0x40000015 Fehleroffset: 0x000a0940 ID des fehlerhaften Prozesses: 0x87c Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0 Pfad der fehlerhaften Anwendung: HelperService.exe1 Pfad des fehlerhaften Moduls: HelperService.exe2 Berichtskennung: HelperService.exe3 System errors: ============= Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: %%1115 Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht. Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Microsoft Office Sessions: ========================= Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2 CodeIntegrity Errors: =================================== Date: 2014-07-10 22:30:14.811 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 22:20:32.815 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:34:17.122 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:22:12.189 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-07 16:52:55.845 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-06 17:43:28.578 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 74% Total physical RAM: 1976.96 MB Available physical RAM: 507.9 MB Total Pagefile: 3953.92 MB Available Pagefile: 2170.19 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS) ==================== End Of Log ============================ --- --- --- |
25.07.2014, 23:38 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Das erste Log hast du schon wieder unvollständig gepostet....
__________________ Logfiles bitte immer in CODE-Tags posten |
26.07.2014, 23:33 | #9 |
| Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Verflixt, ich war der Meinung mit <STRG>A würde alles markiert, aber irgend etwas hat mir ein NULL in die log geschummelt, daher hat er immer an der Stelle abgebrochen, jetzt also nochmal: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 Ran by Doreen (administrator) on DOREEN-PC on 24-07-2014 17:09:18 Running from C:\Users\Doreen\Downloads Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (O2Micro International) C:\Windows\System32\drivers\o2flash.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe () C:\Program Files (x86)\Join Air\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe () C:\Windows\System32\atwtusb.exe () C:\Windows\System32\atwtusb.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe () C:\Windows\PLFSetI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\System32\AtwtusbIcon.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe () C:\Users\Doreen\Desktop\Defogger.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe HKLM\...\Run: [TAPIDroidProductActivation] => C:\Program Files\TAPIDroid\productactivation.exe [1521008 2014-06-04] (CONVERGIT GmbH) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-11] (AVAST Software) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6262552 2014-06-24] (Piriform Ltd) HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {86607117-1b26-11e1-8f06-4c0f6e9255d2} - G:\EasySuite.exe HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {9bfd98c6-b2f3-11e0-8f0d-206a8a1fcc7d} - H:\.\Autorun.exe AUTORUN=1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TAPICall4.lnk ShortcutTarget: TAPICall4.lnk -> C:\Windows\Installer\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}\TAPICall.ico () Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0E89DCB6843CCC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {08F73DEC-0B27-44D2-A1E8-4A71A760693A} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms} SearchScopes: HKCU - {0EFBD239-5D93-413E-A0AC-6D619F894A7B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms} SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms} SearchScopes: HKCU - {4FC75C4E-3F6E-4DC2-A268-CA23CB83B255} URL = hxxp://go.web.de/suchbox/google?q={searchTerms} SearchScopes: HKCU - {5AB3C5FC-13B4-4DFD-B4F8-1DE63D981EC0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=C48A5F8F-3977-4242-8029-4554F0A2D31D&apn_sauid=4A3E7850-B174-4F26-A8A8-A031B5282E58 SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {EAF13F8A-9DDC-4DC1-B525-504EECEEF6E3} URL = hxxp://start.iminent.com/?appId=F4CD3D6E-4EDF-4B49-9714-69062FB287F0&ref=toolbox&q={searchTerms} SearchScopes: HKCU - {EB100D93-C264-4570-ADC0-F505E9F61DDB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {01F29AE5-D48D-417B-9D00-8A115C23A0EB} -> C:\Users\Doreen\AppData\LocalLow\systems ie bho\bho.dll () BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No File BHO-x32: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\SysWow64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default FF SearchEngineOrder.1: Yahoo! (Avast) FF Homepage: www.google.de FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\searchplugins\yahoo-avast.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26] FF Extension: Adblock Plus - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-11] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-18] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-03] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software) R2 HandleService; C:\Users\Doreen\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 serviceIEConfig; C:\Windows\SysWOW64\ieconfig_1und1_svc.exe [1053848 2013-04-28] () R2 TAPILineAgent; C:\Program Files\TAPIDroid\dalservice.exe [1269616 2014-06-04] (CONVERGIT GmbH) R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [241664 2009-08-31] () [File not signed] R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2011-07-20] () R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-09-20] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] () S3 ewsercd; C:\Windows\System32\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.) S3 ewsercd; C:\Windows\SysWOW64\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.) S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [116864 2008-12-13] (Huawei Technologies Co., Ltd.) S3 hwusbfake; C:\Windows\SysWOW64\DRIVERS\ewusbfake.sys [116224 2011-07-20] (Huawei Technologies Co., Ltd.) R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider) R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [63264 2009-05-07] (O2Micro ) R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider) S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-24 17:09 - 2014-07-24 17:10 - 00019519 _____ () C:\Users\Doreen\Downloads\FRST.txt 2014-07-24 17:09 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST 2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe 2014-07-24 17:02 - 2014-07-24 17:02 - 00129016 _____ () C:\Users\Doreen\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log 2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable 2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe 2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe 2014-07-12 16:54 - 2014-07-12 21:50 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall 2014-07-12 16:52 - 2014-07-12 21:50 - 00000000 ____D () C:\ProgramData\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall 2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid 2014-07-12 13:24 - 2014-06-04 20:39 - 03063664 _____ (CONVERGIT GmbH) C:\Windows\system32\TapiDroid.tsp 2014-07-12 13:24 - 2014-06-04 20:39 - 00267120 _____ (CONVERGIT GmbH) C:\Windows\system32\lineagent.tsp 2014-07-12 12:26 - 2014-07-12 12:30 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT 2014-07-12 12:19 - 2014-07-12 12:20 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe 2014-07-12 12:16 - 2009-08-04 19:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe 2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll 2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-07-11 16:04 - 2014-07-15 14:24 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft 2014-07-10 21:34 - 2014-07-10 22:12 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe 2014-07-10 10:45 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 10:44 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 10:44 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 10:43 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 10:43 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 10:43 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 10:43 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 10:43 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 10:43 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 10:43 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 10:43 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 10:43 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 10:43 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 10:43 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 10:43 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 10:43 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 10:42 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 10:42 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 10:42 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 10:42 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 10:42 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 10:42 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 10:42 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 10:42 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 10:42 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-10 10:42 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 10:42 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 10:42 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 10:42 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 10:42 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 10:42 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 10:42 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 10:42 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 10:42 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 10:42 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 10:42 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 10:42 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 10:42 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 10:42 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 10:42 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 10:42 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-10 10:42 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 10:42 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 10:42 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 10:42 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 10:42 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 10:42 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 10:42 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 10:42 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 10:42 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 10:42 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 10:42 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 10:42 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 10:42 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 10:42 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 10:41 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 10:41 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 10:41 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 10:41 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 10:41 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 10:41 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 10:40 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 10:39 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 10:39 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 10:39 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 10:39 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 10:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 10:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 10:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 10:39 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-07 00:06 - 2014-07-18 18:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-07 00:06 - 2014-07-07 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-07 00:05 - 2014-07-07 00:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-07 00:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-07 00:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-07 00:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-06 23:59 - 2014-07-07 00:00 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe 2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe 2014-07-06 23:47 - 2014-07-14 04:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job 2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task 2014-07-06 23:46 - 2014-07-14 07:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job 2014-07-06 23:46 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task 2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24 2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll 2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys 2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan 2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update 2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen) 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-24 17:10 - 2014-07-24 17:09 - 00019519 _____ () C:\Users\Doreen\Downloads\FRST.txt 2014-07-24 17:09 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST 2014-07-24 17:08 - 2014-02-18 20:35 - 00000000 ____D () C:\Users\Doreen\Documents\Outlook-Dateien 2014-07-24 17:08 - 2011-07-08 18:01 - 00740802 _____ () C:\Windows\system32\perfh00C.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00735444 _____ () C:\Windows\system32\perfh015.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00678840 _____ () C:\Windows\system32\perfh00E.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00474100 _____ () C:\Windows\system32\perfh001.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00172364 _____ () C:\Windows\system32\perfc00E.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00156962 _____ () C:\Windows\system32\perfc015.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00150670 _____ () C:\Windows\system32\perfc00C.dat 2014-07-24 17:08 - 2011-07-08 18:01 - 00095862 _____ () C:\Windows\system32\perfc001.dat 2014-07-24 17:08 - 2011-07-08 14:30 - 00476588 _____ () C:\Windows\system32\perfh00B.dat 2014-07-24 17:08 - 2011-07-08 14:30 - 00102610 _____ () C:\Windows\system32\perfc00B.dat 2014-07-24 17:08 - 2009-07-14 12:49 - 00703230 _____ () C:\Windows\system32\perfh007.dat 2014-07-24 17:08 - 2009-07-14 12:49 - 00150838 _____ () C:\Windows\system32\perfc007.dat 2014-07-24 17:08 - 2009-07-14 07:13 - 05407164 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-24 17:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-24 17:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe 2014-07-24 17:02 - 2014-07-24 17:02 - 00129016 _____ () C:\Users\Doreen\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log 2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable 2014-07-24 16:59 - 2011-07-07 10:39 - 00000000 ____D () C:\Users\Doreen 2014-07-24 16:55 - 2014-07-24 16:57 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe 2014-07-24 16:54 - 2011-07-07 10:38 - 01199344 _____ () C:\Windows\WindowsUpdate.log 2014-07-24 16:48 - 2012-09-15 11:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-24 16:46 - 2009-07-14 04:34 - 00000528 _____ () C:\Windows\win.ini 2014-07-24 16:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-24 15:35 - 2013-09-03 10:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-22 09:01 - 2014-05-15 11:02 - 00000000 ____D () C:\Users\Doreen\Documents\Betreuertätigkeit 2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe 2014-07-20 20:33 - 2012-11-18 19:16 - 00005133 _____ () C:\ProgramData\hpzinstall.log 2014-07-18 18:18 - 2014-07-07 00:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-15 14:24 - 2014-07-11 16:04 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft 2014-07-14 14:26 - 2011-12-06 01:54 - 00000000 ____D () C:\Users\Doreen\Documents\Bewerbungsunterlagen 2014-07-14 07:45 - 2014-07-06 23:46 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job 2014-07-14 04:45 - 2014-07-06 23:47 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job 2014-07-12 21:50 - 2014-07-12 16:54 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall 2014-07-12 21:50 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall 2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid 2014-07-12 12:30 - 2014-07-12 12:26 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT 2014-07-12 12:20 - 2014-07-12 12:19 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe 2014-07-12 12:17 - 2011-07-08 17:34 - 00000000 ____D () C:\Windows\ar-SA 2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA 2014-07-11 21:35 - 2014-02-20 23:40 - 00000000 ____D () C:\at work 2014-07-11 21:06 - 2013-09-03 10:54 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-07-11 21:06 - 2013-09-03 10:54 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-07-11 21:05 - 2014-05-27 18:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-07-11 21:05 - 2014-01-02 08:25 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-07-11 21:05 - 2013-09-03 10:54 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-07-11 18:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-11 03:15 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-11 03:15 - 2009-07-14 13:07 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-11 03:12 - 2011-07-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-11 03:10 - 2013-08-18 11:50 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-11 03:07 - 2010-08-10 21:51 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-10 22:19 - 2014-02-20 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BdB at work 2014-07-10 22:18 - 2014-02-20 23:43 - 00000672 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BdB at work 2013.lnk 2014-07-10 22:18 - 2014-02-20 23:43 - 00000666 _____ () C:\Users\Public\Desktop\BdB at work 2013.lnk 2014-07-10 22:12 - 2014-07-10 21:34 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe 2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-09 14:48 - 2012-09-15 11:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 14:48 - 2012-09-15 11:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 14:48 - 2011-07-10 19:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-07 09:03 - 2013-01-16 13:04 - 00000000 ____D () C:\Users\Doreen\Documents\Eigene Scans 2014-07-07 06:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security 2014-07-07 04:45 - 2014-05-13 17:43 - 00000000 ____D () C:\Program Files\Defraggler 2014-07-07 00:07 - 2014-07-07 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-07 00:07 - 2014-07-07 00:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-07 00:05 - 2013-03-14 12:06 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-07 00:00 - 2014-07-06 23:59 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe 2014-07-06 23:50 - 2014-05-13 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-06 23:50 - 2014-05-13 17:30 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe 2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task 2014-07-06 23:47 - 2014-07-06 23:46 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task 2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24 2014-06-30 04:09 - 2014-07-10 10:41 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 10:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-29 16:40 - 2014-06-15 16:39 - 00000000 ____D () C:\Users\Doreen\.jameica 2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-28 13:36 - 2011-07-08 12:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll 2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys 2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan 2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update 2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen) 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe Some content of TEMP: ==================== C:\Users\Doreen\AppData\Local\Temp\npfp.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-11 18:34 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014 Ran by Doreen at 2014-07-24 17:11:25 Running from C:\Users\Doreen\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version: - 1&1 Internet AG) 1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden 5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software) BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH) Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team) Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - ) Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version: - ) Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version: - ) DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit) Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version: - ) DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version: - ) F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version: - ) Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft) Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com) GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team) GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version: - GnuCash Development Team) Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version: - ) GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden Intel PROSet Wireless (Version: - ) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation) Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM) Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.) Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version: - ) Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team) O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge) PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge) pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version: - Peter Pledel, -Softwareentwicklung-) Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skillstraining (HKLM-x32\...\Skillstraining ) (Version: - ) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated) TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - ) UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.) Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent) WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Driver Package - Broadcom Bluetooth (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom) Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom) Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.) ==================== Custom CLSID entries: ========================== (Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 16-07-2014 09:27:25 Windows Update 22-07-2014 10:30:58 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.) Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation) Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn) Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software) Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit) Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit) Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit) Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe ==================== Loaded Modules (whitelisted) ============= 2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe 2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe 2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe 2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe 2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe 2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe 2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll 2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll 2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll 2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll 2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll 2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe" MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0001d7bf ID des fehlerhaften Prozesses: 0x1560 Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0 Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1 Pfad des fehlerhaften Moduls: OUTLOOK.EXE2 Berichtskennung: OUTLOOK.EXE3 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74 Ausnahmecode: 0x40000015 Fehleroffset: 0x000a0940 ID des fehlerhaften Prozesses: 0x87c Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0 Pfad der fehlerhaften Anwendung: HelperService.exe1 Pfad des fehlerhaften Moduls: HelperService.exe2 Berichtskennung: HelperService.exe3 System errors: ============= Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: %%1115 Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht. Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {0006F03A-0000-0000-C000-000000000046} Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: ) Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC", der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint. Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen. Microsoft Office Sessions: ========================= Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2 Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2 CodeIntegrity Errors: =================================== Date: 2014-07-10 22:30:14.811 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 22:20:32.815 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:34:17.122 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-10 21:22:12.189 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-07 16:52:55.845 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-07-06 17:43:28.578 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 74% Total physical RAM: 1976.96 MB Available physical RAM: 507.9 MB Total Pagefile: 3953.92 MB Available Pagefile: 2170.19 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
27.07.2014, 19:50 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
28.07.2014, 11:56 | #11 |
| Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Gut, also los: zu 1.) Code:
ATTFilter # AdwCleaner v3.300 - Bericht erstellt am 28/07/2014 um 11:04:51 # Aktualisiert 27/07/2014 von Xplode # Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits) # Benutzername : Doreen - DOREEN-PC # Gestartet von : C:\Users\Doreen\Desktop\adwcleaner_3.300.exe # Option : Suchen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gefunden : C:\Program Files (x86)\Common Files\IMGUpdater Ordner Gefunden : C:\Program Files (x86)\Common Files\Spigot Ordner Gefunden : C:\Program Files (x86)\Common Files\Umbrella Ordner Gefunden : C:\Program Files\Web Assistant Ordner Gefunden : C:\ProgramData\Ask Ordner Gefunden : C:\ProgramData\Premium Ordner Gefunden : C:\Users\Doreen\AppData\LocalLow\pdfforge Ordner Gefunden : C:\Users\Doreen\AppData\Roaming\pdfforge ***** [ Tasks ] ***** Task Gefunden : Driver Booster Scan Task Gefunden : Driver Booster Update ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gefunden : HKCU\Software\IM Schlüssel Gefunden : HKCU\Software\ImInstaller Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F} Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : HKCU\Software\OCS Schlüssel Gefunden : HKCU\Software\pdfforge Schlüssel Gefunden : HKCU\Software\Search Settings Schlüssel Gefunden : [x64] HKCU\Software\IM Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB} Schlüssel Gefunden : [x64] HKCU\Software\OCS Schlüssel Gefunden : [x64] HKCU\Software\pdfforge Schlüssel Gefunden : [x64] HKCU\Software\Search Settings Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F} Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} Schlüssel Gefunden : HKLM\Software\pdfforge Schlüssel Gefunden : HKLM\Software\Search Settings Schlüssel Gefunden : HKLM\Software\Web Assistant Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Web Assistant Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}] Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}] Wert Gefunden : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1] ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v30.0 (de) [ Datei : C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\prefs.js ] Zeile gefunden : user_pref("iminent.LayoutId", "28"); Zeile gefunden : user_pref("iminent.enableToolbar", "false"); Zeile gefunden : user_pref("iminent.enabledAds", "obsolete"); Zeile gefunden : user_pref("iminent.newtabredirect", "true"); Zeile gefunden : user_pref("iminent.nomsi", "true"); Zeile gefunden : user_pref("iminent.registerToolbarEvent102", "1403347070939"); Zeile gefunden : user_pref("iminent.searchindex", "1"); Zeile gefunden : user_pref("iminent.version", "8.25.2.1"); Zeile gefunden : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...] ************************* AdwCleaner[R0].txt - [5193 octets] - [28/07/2014 11:04:51] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5253 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Enterprise x64 Ran by Doreen on 28.07.2014 at 11:46:36,53 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2778196636-664131229-1303017621-1000\Software\web assistant Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5AB3C5FC-13B4-4DFD-B4F8-1DE63D981EC0} Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EAF13F8A-9DDC-4DC1-B525-504EECEEF6E3} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402} ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\premium" Successfully deleted: [Folder] "C:\Users\Doreen\AppData\Roaming\pdfforge" Successfully deleted: [Folder] "C:\Users\Doreen\appdata\locallow\pdfforge" Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot" Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\umbrella" Successfully deleted: [Empty Folder] C:\Users\Doreen\appdata\local\{C612833A-F322-4EBC-97B6-7C0541016183} Successfully deleted: [Folder] "C:\ProgramData\ask" ~~~ FireFox Successfully deleted: [File] C:\user.js Successfully deleted the following from C:\Users\Doreen\AppData\Roaming\mozilla\firefox\profiles\3xc3jzu1.default\prefs.js user_pref("iminent.LayoutId", "28"); user_pref("iminent.enableToolbar", "false"); user_pref("iminent.enabledAds", "obsolete"); user_pref("iminent.newtabredirect", "true"); user_pref("iminent.nomsi", "true"); user_pref("iminent.registerToolbarEvent102", "1403347070939"); user_pref("iminent.searchindex", "1"); user_pref("iminent.version", "8.25.2.1"); user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio Emptied folder: C:\Users\Doreen\AppData\Roaming\mozilla\firefox\profiles\3xc3jzu1.default\minidumps [68 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 28.07.2014 at 12:04:53,67 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014 Ran by Doreen (administrator) on DOREEN-PC on 28-07-2014 12:42:28 Running from C:\Users\Doreen\Downloads Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\wisptis.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\System32\wisptis.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (O2Micro International) C:\Windows\System32\drivers\o2flash.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe () C:\Program Files (x86)\Join Air\AssistantServices.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe () C:\Windows\System32\atwtusb.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE () C:\Windows\System32\atwtusb.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe () C:\Windows\PLFSetI.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\System32\AtwtusbIcon.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe () C:\Users\Doreen\Desktop\adwcleaner_3.300.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe (Thisisu) C:\Users\Doreen\Desktop\JRT.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] () HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated) HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe HKLM\...\Run: [TAPIDroidProductActivation] => C:\Program Files\TAPIDroid\productactivation.exe [1521008 2014-06-04] (CONVERGIT GmbH) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-11] (AVAST Software) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6262552 2014-06-24] (Piriform Ltd) HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {86607117-1b26-11e1-8f06-4c0f6e9255d2} - G:\EasySuite.exe HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {9bfd98c6-b2f3-11e0-8f0d-206a8a1fcc7d} - H:\.\Autorun.exe AUTORUN=1 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TAPICall4.lnk ShortcutTarget: TAPICall4.lnk -> C:\Windows\Installer\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}\TAPICall.ico () Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0E89DCB6843CCC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {08F73DEC-0B27-44D2-A1E8-4A71A760693A} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms} SearchScopes: HKCU - {0EFBD239-5D93-413E-A0AC-6D619F894A7B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms} SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms} SearchScopes: HKCU - {4FC75C4E-3F6E-4DC2-A268-CA23CB83B255} URL = hxxp://go.web.de/suchbox/google?q={searchTerms} SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - {EB100D93-C264-4570-ADC0-F505E9F61DDB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {01F29AE5-D48D-417B-9D00-8A115C23A0EB} -> C:\Users\Doreen\AppData\LocalLow\systems ie bho\bho.dll () BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\SysWow64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default FF SearchEngineOrder.1: Yahoo! (Avast) FF Homepage: www.google.de FF Keyword.URL: https://de.search.yahoo.com/yhs/search FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\searchplugins\yahoo-avast.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26] FF Extension: Adblock Plus - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-11] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-18] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-03] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software) R2 HandleService; C:\Users\Doreen\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 serviceIEConfig; C:\Windows\SysWOW64\ieconfig_1und1_svc.exe [1053848 2013-04-28] () R2 TAPILineAgent; C:\Program Files\TAPIDroid\dalservice.exe [1269616 2014-06-04] (CONVERGIT GmbH) R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [241664 2009-08-31] () [File not signed] R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2011-07-20] () R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-09-20] () [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] () S3 ewsercd; C:\Windows\System32\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.) S3 ewsercd; C:\Windows\SysWOW64\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.) S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [116864 2008-12-13] (Huawei Technologies Co., Ltd.) S3 hwusbfake; C:\Windows\SysWOW64\DRIVERS\ewusbfake.sys [116224 2011-07-20] (Huawei Technologies Co., Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-25] (Malwarebytes Corporation) R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider) R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [63264 2009-05-07] (O2Micro ) R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider) S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-28 12:42 - 2014-07-28 12:42 - 00019292 _____ () C:\Users\Doreen\Downloads\FRST.txt 2014-07-28 12:35 - 2014-07-28 12:35 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT1.txt 2014-07-28 12:04 - 2014-07-28 12:04 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT.txt 2014-07-28 11:46 - 2014-07-28 11:46 - 00000000 ____D () C:\Windows\ERUNT 2014-07-28 11:43 - 2014-07-28 11:43 - 01016261 _____ (Thisisu) C:\Users\Doreen\Desktop\JRT.exe 2014-07-28 11:36 - 2014-07-28 11:36 - 00005361 _____ () C:\Users\Doreen\Desktop\AdwCleaner[R0].txt 2014-07-28 11:04 - 2014-07-28 11:06 - 00000000 ____D () C:\AdwCleaner 2014-07-28 11:02 - 2014-07-28 11:02 - 01367289 _____ () C:\Users\Doreen\Desktop\adwcleaner_3.300.exe 2014-07-25 10:39 - 2014-07-25 10:39 - 00000262 _____ () C:\Users\Doreen\Desktop\Malwarebytes Anti-Malware Schutz.txt 2014-07-25 10:36 - 2014-07-25 10:36 - 00001884 _____ () C:\Users\Doreen\Desktop\ Malwarebytes Anti-Malware .txt 2014-07-24 23:05 - 2014-07-24 23:05 - 00456288 _____ () C:\Users\Doreen\Desktop\gmer.log 2014-07-24 17:20 - 2014-07-24 17:20 - 00380416 _____ () C:\Users\Doreen\Downloads\Gmer-19357.exe 2014-07-24 17:11 - 2014-07-24 17:14 - 00042201 _____ () C:\Users\Doreen\Desktop\Addition.txt 2014-07-24 17:09 - 2014-07-28 12:42 - 00000000 ____D () C:\FRST 2014-07-24 17:09 - 2014-07-24 17:14 - 00067941 _____ () C:\Users\Doreen\Desktop\FRST.txt 2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe 2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log 2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable 2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe 2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe 2014-07-12 16:54 - 2014-07-12 21:50 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall 2014-07-12 16:52 - 2014-07-12 21:50 - 00000000 ____D () C:\ProgramData\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall 2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid 2014-07-12 13:24 - 2014-06-04 20:39 - 03063664 _____ (CONVERGIT GmbH) C:\Windows\system32\TapiDroid.tsp 2014-07-12 13:24 - 2014-06-04 20:39 - 00267120 _____ (CONVERGIT GmbH) C:\Windows\system32\lineagent.tsp 2014-07-12 12:26 - 2014-07-12 12:30 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT 2014-07-12 12:19 - 2014-07-12 12:20 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe 2014-07-12 12:16 - 2009-08-04 19:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe 2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll 2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll 2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-07-11 16:04 - 2014-07-15 14:24 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft 2014-07-10 21:34 - 2014-07-10 22:12 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe 2014-07-10 10:45 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 10:45 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 10:45 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 10:44 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 10:44 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 10:43 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 10:43 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 10:43 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 10:43 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 10:43 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 10:43 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 10:43 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 10:43 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 10:43 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 10:43 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 10:43 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 10:43 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 10:43 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 10:42 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 10:42 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 10:42 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 10:42 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 10:42 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 10:42 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 10:42 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 10:42 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 10:42 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-10 10:42 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 10:42 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 10:42 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 10:42 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 10:42 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 10:42 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 10:42 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 10:42 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 10:42 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 10:42 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 10:42 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 10:42 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 10:42 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 10:42 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 10:42 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 10:42 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-10 10:42 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 10:42 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 10:42 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 10:42 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 10:42 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 10:42 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 10:42 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 10:42 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 10:42 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 10:42 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 10:42 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 10:42 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 10:42 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 10:42 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 10:41 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 10:41 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 10:41 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 10:41 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 10:41 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 10:41 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 10:40 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 10:39 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 10:39 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 10:39 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 10:39 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 10:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 10:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 10:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 10:39 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-07 00:06 - 2014-07-25 10:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-07 00:06 - 2014-07-07 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-07 00:05 - 2014-07-07 00:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-07 00:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-07 00:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-07 00:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-06 23:59 - 2014-07-07 00:00 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe 2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe 2014-07-06 23:47 - 2014-07-14 04:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job 2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task 2014-07-06 23:46 - 2014-07-14 07:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job 2014-07-06 23:46 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task 2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24 2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll 2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys 2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan 2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update 2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen) 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-07-28 12:43 - 2014-07-28 12:42 - 00019292 _____ () C:\Users\Doreen\Downloads\FRST.txt 2014-07-28 12:42 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST 2014-07-28 12:35 - 2014-07-28 12:35 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT1.txt 2014-07-28 12:34 - 2014-02-18 20:35 - 00000000 ____D () C:\Users\Doreen\Documents\Outlook-Dateien 2014-07-28 12:04 - 2014-07-28 12:04 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT.txt 2014-07-28 11:48 - 2012-09-15 11:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-28 11:46 - 2014-07-28 11:46 - 00000000 ____D () C:\Windows\ERUNT 2014-07-28 11:43 - 2014-07-28 11:43 - 01016261 _____ (Thisisu) C:\Users\Doreen\Desktop\JRT.exe 2014-07-28 11:36 - 2014-07-28 11:36 - 00005361 _____ () C:\Users\Doreen\Desktop\AdwCleaner[R0].txt 2014-07-28 11:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-28 11:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-28 11:06 - 2014-07-28 11:04 - 00000000 ____D () C:\AdwCleaner 2014-07-28 11:04 - 2011-07-08 18:01 - 00740802 _____ () C:\Windows\system32\perfh00C.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00735444 _____ () C:\Windows\system32\perfh015.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00678840 _____ () C:\Windows\system32\perfh00E.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00474100 _____ () C:\Windows\system32\perfh001.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00172364 _____ () C:\Windows\system32\perfc00E.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00156962 _____ () C:\Windows\system32\perfc015.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00150670 _____ () C:\Windows\system32\perfc00C.dat 2014-07-28 11:04 - 2011-07-08 18:01 - 00095862 _____ () C:\Windows\system32\perfc001.dat 2014-07-28 11:04 - 2011-07-08 14:30 - 00476588 _____ () C:\Windows\system32\perfh00B.dat 2014-07-28 11:04 - 2011-07-08 14:30 - 00102610 _____ () C:\Windows\system32\perfc00B.dat 2014-07-28 11:04 - 2009-07-14 12:49 - 00703230 _____ () C:\Windows\system32\perfh007.dat 2014-07-28 11:04 - 2009-07-14 12:49 - 00150838 _____ () C:\Windows\system32\perfc007.dat 2014-07-28 11:04 - 2009-07-14 07:13 - 05407164 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-28 11:03 - 2011-07-07 10:38 - 01275975 _____ () C:\Windows\WindowsUpdate.log 2014-07-28 11:02 - 2014-07-28 11:02 - 01367289 _____ () C:\Users\Doreen\Desktop\adwcleaner_3.300.exe 2014-07-28 10:58 - 2013-09-03 10:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-07-28 10:57 - 2009-07-14 04:34 - 00000528 _____ () C:\Windows\win.ini 2014-07-28 10:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-26 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-25 10:39 - 2014-07-25 10:39 - 00000262 _____ () C:\Users\Doreen\Desktop\Malwarebytes Anti-Malware Schutz.txt 2014-07-25 10:36 - 2014-07-25 10:36 - 00001884 _____ () C:\Users\Doreen\Desktop\ Malwarebytes Anti-Malware .txt 2014-07-25 10:33 - 2014-07-07 00:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-25 10:06 - 2013-03-14 08:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-25 10:06 - 2013-03-14 08:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-24 23:14 - 2013-03-14 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-24 23:05 - 2014-07-24 23:05 - 00456288 _____ () C:\Users\Doreen\Desktop\gmer.log 2014-07-24 17:20 - 2014-07-24 17:20 - 00380416 _____ () C:\Users\Doreen\Downloads\Gmer-19357.exe 2014-07-24 17:14 - 2014-07-24 17:11 - 00042201 _____ () C:\Users\Doreen\Desktop\Addition.txt 2014-07-24 17:14 - 2014-07-24 17:09 - 00067941 _____ () C:\Users\Doreen\Desktop\FRST.txt 2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe 2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log 2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable 2014-07-24 16:59 - 2011-07-07 10:39 - 00000000 ____D () C:\Users\Doreen 2014-07-24 16:55 - 2014-07-24 16:57 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe 2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe 2014-07-22 09:01 - 2014-05-15 11:02 - 00000000 ____D () C:\Users\Doreen\Documents\Betreuertätigkeit 2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe 2014-07-20 20:33 - 2012-11-18 19:16 - 00005133 _____ () C:\ProgramData\hpzinstall.log 2014-07-15 14:24 - 2014-07-11 16:04 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft 2014-07-14 14:26 - 2011-12-06 01:54 - 00000000 ____D () C:\Users\Doreen\Documents\Bewerbungsunterlagen 2014-07-14 07:45 - 2014-07-06 23:46 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job 2014-07-14 04:45 - 2014-07-06 23:47 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job 2014-07-12 21:50 - 2014-07-12 16:54 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall 2014-07-12 21:50 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall 2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall 2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid 2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid 2014-07-12 12:30 - 2014-07-12 12:26 - 00000000 ____D () C:\ProgramData\Package Cache 2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT 2014-07-12 12:20 - 2014-07-12 12:19 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe 2014-07-12 12:17 - 2011-07-08 17:34 - 00000000 ____D () C:\Windows\ar-SA 2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA 2014-07-11 21:35 - 2014-02-20 23:40 - 00000000 ____D () C:\at work 2014-07-11 21:06 - 2013-09-03 10:54 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-07-11 21:06 - 2013-09-03 10:54 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-07-11 21:05 - 2014-05-27 18:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-07-11 21:05 - 2014-01-02 08:25 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-07-11 21:05 - 2013-09-03 10:54 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-07-11 21:05 - 2013-09-03 10:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-07-11 03:15 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-11 03:15 - 2009-07-14 13:07 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-11 03:12 - 2011-07-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-07-11 03:10 - 2013-08-18 11:50 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-11 03:07 - 2010-08-10 21:51 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-10 22:19 - 2014-02-20 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BdB at work 2014-07-10 22:18 - 2014-02-20 23:43 - 00000672 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BdB at work 2013.lnk 2014-07-10 22:18 - 2014-02-20 23:43 - 00000666 _____ () C:\Users\Public\Desktop\BdB at work 2013.lnk 2014-07-10 22:12 - 2014-07-10 21:34 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe 2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-09 14:48 - 2012-09-15 11:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 14:48 - 2012-09-15 11:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 14:48 - 2011-07-10 19:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-07 09:03 - 2013-01-16 13:04 - 00000000 ____D () C:\Users\Doreen\Documents\Eigene Scans 2014-07-07 06:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security 2014-07-07 04:45 - 2014-05-13 17:43 - 00000000 ____D () C:\Program Files\Defraggler 2014-07-07 00:07 - 2014-07-07 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-07-07 00:07 - 2014-07-07 00:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-07-07 00:05 - 2013-03-14 12:06 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-07 00:00 - 2014-07-06 23:59 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe 2014-07-06 23:50 - 2014-05-13 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-06 23:50 - 2014-05-13 17:30 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe 2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task 2014-07-06 23:47 - 2014-07-06 23:46 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task 2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24 2014-06-30 04:09 - 2014-07-10 10:41 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 10:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-29 16:40 - 2014-06-15 16:39 - 00000000 ____D () C:\Users\Doreen\.jameica 2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl 2014-06-28 13:36 - 2011-07-08 12:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat 2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll 2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys 2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan 2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update 2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen) 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit 2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe Some content of TEMP: ==================== C:\Users\Doreen\AppData\Local\Temp\npfp.dll C:\Users\Doreen\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-11 18:34 ==================== End Of Log ============================ --- --- --- |
28.07.2014, 18:44 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt Edit: Lade adwCleaner bitte neu runter, die alte adwCleaner bitte löschen. Und bitte dann auch auf Löschen klicken nach dem Suchlauf.
__________________ Logfiles bitte immer in CODE-Tags posten Geändert von cosinus (28.07.2014 um 21:13 Uhr) |
Themen zu Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt |
aktiv, aktuelle, aktuelle anwendung wird in den hintergrund gedrängt, anti-malware, anwendung, anwendungen, benutzer, cpu-auslastung, doppel, doppelt, durchgeführt, eingabe, forum, gen, gmer, hintergrund, klicke, klicken, malwarebytes, neu, problem, prozess, rechner, schonmal, taskmanager, wisptis.exe doppelt, zeichen |