| |
| |||||||
Log-Analyse und Auswertung: RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.08.2014, 18:51
| #1 |
| |  RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) Hallo liebe IT-Spezialisten, ich habe - wie schon andere vor mir - seit heute auch das Problem mit der o.g. Meldung von Windows 7 beim Hochfahren. Ich habe mir gestern den/die Trojaner tr/crypt.xpack.gen2 und tr/crypt.zpack.gen2 eingefangen. Antivir hat alles in die Quarantäne verschoben, aber ich war so blöd, die gesamte Ladung wieder daraus zu löschen, weil ich dachte, dass damit die Dateien gelöscht würden. Habe daraufhin einen Scan im abgesicherten Modus gemacht (14 Funde -> Quarantäne -> gelöscht im Quarantäneordner) sowie dann nochmals im normalen Modus. Leider kann ich keinen log schicken, da ich Antivir zwischenzeitlich de- und neuinstalliert habe, weil es ein Problem mit der Firewall gab. Und habe natürlich nicht daran gedacht, vorher zu speichern. Danach habe ich adwcleaner laufen Lassen -> keine Funde. Danach habe ich JRT gescannt: Code:
ATTFilter
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\free download manager
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-584107321-1109983158-1431727784-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B6C485C6-2602-4AA8-B8B0-9A6EB8674543}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Program Files (x86)\plus-hd-3.8"
Successfully deleted: [Empty Folder] C:\Users\langnet\appdata\local\{4F0879AF-FCF1-438B-8FF0-349D6747703A}
Successfully deleted: [Empty Folder] C:\Users\langnet\appdata\local\{8297AFA6-12EB-4551-8535-4D4D5F23675D}
Successfully deleted: [Empty Folder] C:\Users\langnet\appdata\local\{86B233F9-CC3E-4EA3-A489-E3D97C41B33F}
Successfully deleted: [Empty Folder] C:\Users\langnet\appdata\local\{DC9E9731-255E-4A23-8A26-DDBB2137E9D8}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\langnet\AppData\Roaming\mozilla\firefox\profiles\pu4ub387.default\extensions\staged
Successfully deleted: [Folder] C:\Users\langnet\AppData\Roaming\mozilla\firefox\profiles\pu4ub387.default\extensions\{ef522540-89f5-46b9-b6fe-1829e2b572c6}
Emptied folder: C:\Users\langnet\AppData\Roaming\mozilla\firefox\profiles\pu4ub387.default\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.08.2014 at 17:30:49,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log FRST: Code:
ATTFilter ==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Windows\System32\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\CCF_Reputation\fsorsp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Fondazione Ugo Bordoni) C:\Program Files (x86)\Nemesys\dist\Nemesys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(SDL) C:\Program Files (x86)\SDL\SDL Trados Studio\Studio3\ProductTelemetricsService\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSMA32.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSHDLL64.EXE
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-16] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-02-17] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-12] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre8\bin\jusched.exe"
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe [336560 2010-10-04] (Expert System S.p.A.)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-17] (Google Inc.)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3293184 2007-11-21] (Google)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [GoogleChromeAutoLaunch_84F9BC2A18CE16FFEB8736544725BB78] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [OdatuWlanc] => regsvr32.exe "
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {c28cfd76-13db-11e3-84f3-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {c88a30a2-a3a3-11e2-bec7-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {c88a30a4-a3a3-11e2-bec7-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {d62446b5-1875-11e3-bfbf-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {d71a8bf2-2b93-11e2-a138-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {d71a8bf8-2b93-11e2-a138-0015e92d5e74} - E:\StartVMCLite.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SDL Trados 2007 Speed Launcher.lnk
ShortcutTarget: SDL Trados 2007 Speed Launcher.lnk -> C:\Program Files (x86)\SDL International\SDL Trados Synergy 2007\Synergy.exe (SDL International)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\langnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
SearchScopes: HKLM - {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM-x32 - {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKCU - DefaultScope {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deIT509
SearchScopes: HKCU - 45D4E5427CC242CF86B79046E7EE679D URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deIT509
SearchScopes: HKCU - {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deIT509
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\abs@avira.com [2014-08-18]
FF Extension: Media Hint - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\mediahint@jetpack.xpi [2014-03-04]
FF Extension: CoolPreviews - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-03-08]
FF Extension: Adblock Edge - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-03-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\UniLexPro\WCaptureMoz
FF Extension: WordCaptureX UniLex Pro Quick!Search - C:\Program Files (x86)\UniLexPro\WCaptureMoz [2013-01-27]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.spiegel.de/"
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-08-18]
CHR Extension: (ZenMate) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-18]
CHR Extension: (Avira Browser Safety) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-18]
CHR Extension: (AdBlock) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-18]
CHR Extension: (Skype Click to Call) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-19]
CHR Extension: (Google Wallet) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-11-12] (Macrovision Europe Ltd.) [File not signed]
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 fshoster; C:\Program Files (x86)\Vodafone\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSMA32.EXE [207808 2013-08-27] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Vodafone\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-10] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MSSQL$ACROSS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NalServ; C:\windows\SysWOW64\nalserv.exe [147056 2014-03-11] (Nalpeiron Ltd.)
R2 Nemesys; C:\Program Files (x86)\Nemesys\dist\Nemesys.exe [90112 2013-02-20] (Fondazione Ugo Bordoni) [File not signed]
S2 NewServiceInstall1; C:\Program Files (x86)\SDL International\T2007\TT\Lng\Dialogs1031.lng [11264 2007-04-23] () [File not signed]
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S2 SDL FLEXlm License Server; C:\Program Files (x86)\SDL International\License Server\Lmgrd.exe [1339392 2007-02-22] (Macrovision Corporation) [File not signed]
R2 Sdl.Studio.ProductTelemetrics.v1; C:\Program Files (x86)\SDL\SDL Trados Studio\Studio3\ProductTelemetricsService\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [11776 2014-04-16] (SDL) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-02] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [41024 2013-11-02] ()
R3 fsni; C:\Program Files (x86)\Vodafone\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-27] ()
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [21096 2012-01-05] (Realtek Microelectronics)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1082472 2012-01-17] (Realtek Semiconductor Corporation )
S3 TDEIO; \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-18 18:52 - 2014-08-18 18:53 - 00028787 _____ () C:\Users\langnet\Desktop\FRST.txt
2014-08-18 17:23 - 2014-08-18 17:23 - 00000000 ____D () C:\windows\ERUNT
2014-08-18 17:22 - 2014-08-18 17:22 - 01016261 _____ (Thisisu) C:\Users\langnet\Desktop\JRT.exe
2014-08-18 17:17 - 2014-08-18 17:17 - 00155658 _____ () C:\Users\langnet\Desktop\Gmer.txt
2014-08-18 16:54 - 2014-08-18 16:54 - 00380416 _____ () C:\Users\langnet\Desktop\Gmer-19357.exe
2014-08-18 16:07 - 2014-08-18 18:52 - 00000000 ____D () C:\FRST
2014-08-18 16:05 - 2014-08-18 16:05 - 02101760 _____ (Farbar) C:\Users\langnet\Desktop\FRST64.exe
2014-08-18 15:29 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-18 15:28 - 2014-08-18 18:38 - 00000000 ____D () C:\AdwCleaner
2014-08-18 15:27 - 2014-08-18 15:27 - 01361671 _____ () C:\Users\langnet\Desktop\adwcleaner_3.307.exe
2014-08-18 15:17 - 2014-08-18 15:17 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Avira
2014-08-18 15:14 - 2014-08-18 15:12 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-08-18 15:09 - 2014-07-23 13:29 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-08-18 15:09 - 2014-07-23 13:29 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-08-18 15:09 - 2014-07-23 13:29 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-08-18 14:53 - 2014-08-18 18:40 - 00000336 _____ () C:\windows\setupact.log
2014-08-18 14:53 - 2014-08-18 14:53 - 00000000 _____ () C:\windows\setuperr.log
2014-08-18 14:52 - 2014-08-18 18:40 - 00136936 _____ () C:\windows\PFRO.log
2014-08-18 13:18 - 2014-08-18 13:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-18 13:18 - 2014-08-18 13:18 - 00002776 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-18 13:18 - 2014-08-18 13:18 - 00000874 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-18 13:18 - 2014-08-18 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-18 08:20 - 2014-08-18 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 08:20 - 2014-08-18 15:09 - 00000000 ____D () C:\ProgramData\Avira
2014-08-18 08:20 - 2014-08-18 15:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 08:20 - 2014-08-18 08:20 - 00001149 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 00:04 - 2014-08-18 00:04 - 00025657 _____ () C:\Users\langnet\AppData\Roaming\hs_err_pid7296.log
2014-08-18 00:03 - 2014-08-18 00:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-17 23:58 - 2014-08-18 18:40 - 00000816 _____ () C:\windows\Tasks\Security Center Update - 4139784919.job
2014-08-17 23:58 - 2014-08-17 23:58 - 00003828 _____ () C:\windows\System32\Tasks\Security Center Update - 4139784919
2014-08-17 23:52 - 2014-08-18 11:50 - 00000000 ____D () C:\ProgramData\OdatuWlanc
2014-08-17 18:40 - 2014-08-17 18:40 - 00000000 ____H () C:\Users\langnet\Documents\Default.rdp
2014-08-16 14:42 - 2014-08-16 14:49 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00001877 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-08-16 13:39 - 2014-08-16 13:39 - 00002564 _____ () C:\windows\diagwrn.xml
2014-08-16 13:39 - 2014-08-16 13:39 - 00001908 _____ () C:\windows\diagerr.xml
2014-08-16 10:23 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-16 10:23 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-16 10:22 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-16 10:22 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-16 10:22 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-16 10:22 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-16 10:22 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-16 10:22 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-14 22:27 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-14 22:27 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-14 22:27 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-14 22:27 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-14 22:27 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-14 22:27 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-14 22:27 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-14 22:27 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-14 22:27 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-08-14 22:27 - 2014-07-09 00:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-08-14 22:27 - 2014-07-09 00:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-08-14 22:26 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-14 22:26 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-14 22:26 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-14 22:26 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-14 22:26 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-14 22:26 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-14 22:26 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-14 22:26 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-14 22:26 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-14 22:26 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-14 22:26 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-14 22:26 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-14 22:26 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-14 22:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-14 22:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-14 22:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-14 22:26 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-14 22:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-14 22:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-14 21:12 - 2014-08-14 21:12 - 00002164 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-02 09:25 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-02 09:25 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-02 09:25 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-02 09:25 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-02 09:24 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-02 09:24 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-02 09:23 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-02 09:23 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-02 09:23 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-02 09:23 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-07-23 10:14 - 2014-07-23 10:14 - 00000863 _____ () C:\Users\langnet\AppData\Local\recently-used.xbel
2014-07-19 11:30 - 2014-07-19 11:30 - 00000000 ____D () C:\Users\langnet\AppData\Local\Package Cache
2014-07-19 11:25 - 2014-07-19 11:25 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Extended Search
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-18 18:53 - 2014-08-18 18:52 - 00028787 _____ () C:\Users\langnet\Desktop\FRST.txt
2014-08-18 18:52 - 2014-08-18 16:07 - 00000000 ____D () C:\FRST
2014-08-18 18:51 - 2012-11-10 21:15 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Skype
2014-08-18 18:51 - 2009-07-14 06:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-18 18:51 - 2009-07-14 06:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-18 18:47 - 2012-05-04 23:57 - 01205775 _____ () C:\windows\WindowsUpdate.log
2014-08-18 18:42 - 2009-07-14 06:45 - 00501168 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-18 18:41 - 2012-02-17 07:25 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 18:40 - 2014-08-18 14:53 - 00000336 _____ () C:\windows\setupact.log
2014-08-18 18:40 - 2014-08-18 14:52 - 00136936 _____ () C:\windows\PFRO.log
2014-08-18 18:40 - 2014-08-17 23:58 - 00000816 _____ () C:\windows\Tasks\Security Center Update - 4139784919.job
2014-08-18 18:40 - 2012-05-05 00:03 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-08-18 18:40 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-18 18:38 - 2014-08-18 15:28 - 00000000 ____D () C:\AdwCleaner
2014-08-18 18:09 - 2012-02-17 07:25 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-18 17:23 - 2014-08-18 17:23 - 00000000 ____D () C:\windows\ERUNT
2014-08-18 17:22 - 2014-08-18 17:22 - 01016261 _____ (Thisisu) C:\Users\langnet\Desktop\JRT.exe
2014-08-18 17:17 - 2014-08-18 17:17 - 00155658 _____ () C:\Users\langnet\Desktop\Gmer.txt
2014-08-18 16:54 - 2014-08-18 16:54 - 00380416 _____ () C:\Users\langnet\Desktop\Gmer-19357.exe
2014-08-18 16:05 - 2014-08-18 16:05 - 02101760 _____ (Farbar) C:\Users\langnet\Desktop\FRST64.exe
2014-08-18 15:58 - 2012-11-11 02:29 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Nitro PDF
2014-08-18 15:27 - 2014-08-18 15:27 - 01361671 _____ () C:\Users\langnet\Desktop\adwcleaner_3.307.exe
2014-08-18 15:25 - 2014-05-12 17:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-18 15:25 - 2012-02-17 07:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:17 - 2014-08-18 15:17 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Avira
2014-08-18 15:12 - 2014-08-18 15:14 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-08-18 15:11 - 2014-08-18 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 15:09 - 2014-08-18 08:20 - 00000000 ____D () C:\ProgramData\Avira
2014-08-18 15:09 - 2014-08-18 08:20 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 14:54 - 2012-05-05 00:03 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-08-18 14:53 - 2014-08-18 14:53 - 00000000 _____ () C:\windows\setuperr.log
2014-08-18 14:38 - 2012-11-11 03:56 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Free Download Manager
2014-08-18 14:37 - 2012-02-18 06:32 - 00000000 ____D () C:\windows\Panther
2014-08-18 13:20 - 2014-08-18 13:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-18 13:18 - 2014-08-18 13:18 - 00002776 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-18 13:18 - 2014-08-18 13:18 - 00000874 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-18 13:18 - 2014-08-18 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-18 12:08 - 2014-03-23 14:56 - 00000000 ____D () C:\ProgramData\EPSON
2014-08-18 11:50 - 2014-08-17 23:52 - 00000000 ____D () C:\ProgramData\OdatuWlanc
2014-08-18 08:20 - 2014-08-18 08:20 - 00001149 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 08:20 - 2013-12-31 20:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 00:04 - 2014-08-18 00:04 - 00025657 _____ () C:\Users\langnet\AppData\Roaming\hs_err_pid7296.log
2014-08-18 00:03 - 2014-08-18 00:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-17 23:58 - 2014-08-17 23:58 - 00003828 _____ () C:\windows\System32\Tasks\Security Center Update - 4139784919
2014-08-17 23:52 - 2013-01-27 05:17 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 18:40 - 2014-08-17 18:40 - 00000000 ____H () C:\Users\langnet\Documents\Default.rdp
2014-08-17 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-08-17 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-08-17 16:58 - 2011-02-11 10:21 - 00749564 _____ () C:\windows\system32\perfh007.dat
2014-08-17 16:58 - 2011-02-11 10:21 - 00168964 _____ () C:\windows\system32\perfc007.dat
2014-08-17 16:58 - 2009-07-14 07:13 - 01761670 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-17 12:12 - 2014-02-14 17:52 - 00015872 ___SH () C:\Users\langnet\Thumbs.db
2014-08-17 09:59 - 2012-02-17 07:01 - 00000000 ____D () C:\ProgramData\Skype
2014-08-16 14:49 - 2014-08-16 14:42 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00001877 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-08-16 13:39 - 2014-08-16 13:39 - 00002564 _____ () C:\windows\diagwrn.xml
2014-08-16 13:39 - 2014-08-16 13:39 - 00001908 _____ () C:\windows\diagerr.xml
2014-08-16 10:44 - 2012-11-10 22:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-16 10:37 - 2013-07-20 03:00 - 00000000 ____D () C:\windows\system32\MRT
2014-08-16 10:29 - 2012-11-12 22:50 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-16 10:21 - 2014-05-06 17:05 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-15 15:00 - 2014-05-03 14:32 - 00002171 _____ () C:\Users\Public\Desktop\SDL Trados Studio 2014.lnk
2014-08-14 21:12 - 2014-08-14 21:12 - 00002164 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-13 08:49 - 2014-04-27 21:35 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-07 04:06 - 2014-08-14 22:26 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 22:26 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-04 18:45 - 2013-03-16 04:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 18:45 - 2013-03-16 04:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 20:46 - 2013-02-08 19:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-26 09:45 - 2013-03-16 04:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 14:11 - 2014-08-14 22:27 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-24 14:10 - 2014-08-14 22:27 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-24 14:10 - 2014-08-14 22:27 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 19279872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 15399936 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-24 14:09 - 2014-08-14 22:27 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-24 12:52 - 2014-08-14 22:27 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-24 12:52 - 2014-08-14 22:27 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 14371328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 13757440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-24 12:51 - 2014-08-14 22:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-24 12:33 - 2014-08-14 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-24 12:29 - 2014-08-14 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-23 13:29 - 2014-08-18 15:09 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-07-23 13:29 - 2014-08-18 15:09 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-07-23 13:29 - 2014-08-18 15:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-07-23 13:25 - 2012-11-11 18:30 - 00000000 ___RD () C:\Arbeitsplatz
2014-07-23 10:15 - 2013-03-15 16:26 - 00000000 ____D () C:\Users\langnet\.gimp-2.8
2014-07-23 10:14 - 2014-07-23 10:14 - 00000863 _____ () C:\Users\langnet\AppData\Local\recently-used.xbel
2014-07-19 11:30 - 2014-07-19 11:30 - 00000000 ____D () C:\Users\langnet\AppData\Local\Package Cache
2014-07-19 11:26 - 2014-03-04 12:36 - 00000044 _____ () C:\model.bat
2014-07-19 11:26 - 2012-11-10 23:19 - 00000000 ____D () C:\Users\langnet\AppData\Local\Downloaded Installations
2014-07-19 11:25 - 2014-07-19 11:25 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Extended Search
2014-07-19 09:54 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2014-07-19 09:54 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\Dism
Some content of TEMP:
====================
C:\Users\langnet\AppData\Local\Temp\avgnt.exe
C:\Users\langnet\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 18:27
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by langnet at 2014-08-18 18:54:03
Running from C:\Users\langnet\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Protezione Computer (Disabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Protezione Computer (Disabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Acolada UniLex Update 09.2007 (HKLM-x32\...\{48BF6E09-26D8-473D-BE6B-95B4E3499001}) (Version: 09.2007 - Acolada GmbH)
Across Personal Edition (HKLM-x32\...\{3C38D421-BC10-4C08-92AB-6C0C8D834275}) (Version: 5.00.0 - Across Systems GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ApSIC Xbench 2.9 (HKLM-x32\...\ApSIC Xbench) (Version: 2.9 - ApSIC, S.L.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.00.00(T) - TOSHIBA CORPORATION)
calibre 64bit (HKLM\...\{4C296BF8-1A08-4C8D-A4B3-16FB6AECEF20}) (Version: 1.30.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChangeTracker version 1.0.2 (HKLM-x32\...\{AF4D8472-4913-4D50-9638-4397A3ED74F2}_is1) (Version: 1.0.2 - Technolex Translation Studio)
Computer Security 12.71.105.0 (release) (x32 Version: 12.71.105.0 - F-Secure Corporation) Hidden
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CountAnything (HKLM-x32\...\CountAnything_is1) (Version: 2.1 - Ginstrom IT Solutions (GITS))
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dictionary Plug-in For SDL Trados 2014 (HKCU\...\{44015112-aaad-4446-a9bf-de6f6ee41666}) (Version: 1.0.0.4 - TwoSoft)
Dictionary Plug-in For SDL Trados 2014 (x32 Version: 1.0.0.4 - TwoSoft) Hidden
Duden Korrektor Patch 022010 (HKLM-x32\...\{6E554A6F-7BA1-4FCE-ABFA-430A24631111}) (Version: 7.00.0000 - Bibliographisches Institut GmbH)
Duden Korrektor PLUS (HKLM-x32\...\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}) (Version: 7.00.0000 - Bibliographisches Institut GmbH)
Extended Search (HKLM-x32\...\Extended Search) (Version: 1.8 - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.23.124.8831 (release) (x32 Version: 1.23.124.8831 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.126 (x32 Version: 1.02.126 - F-Secure Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Glossary Converter (HKLM-x32\...\{4F5BD463-3A83-4E80-BAA1-68961AA50A23}) (Version: 3.0.0 - SDL OpenExchange)
Glossary Plugin (HKLM-x32\...\{FC86C5FA-F90B-4BE5-98E8-5D1303AF0F78}) (Version: 1.0.3 - SDL Open Exchange)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
J2SE Runtime Environment 5.0 Update 10 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150100}) (Version: 1.5.0.100 - Sun Microsystems, Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.2.2.1 (HKLM-x32\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
localix.biz tw4winClean (HKLM-x32\...\localix.biz tw4winClean) (Version: - ) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visio MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (ACROSS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
MisuraInternet Speed Test 1.1.2 (HKLM-x32\...\MisuraInternet Speed Test_is1) (Version: 1.1.2 - Fondazione Ugo Bordoni) <==== ATTENTION
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nemesys 2.1.3 (HKLM-x32\...\Nemesys_is1) (Version: 2.1.3 - Fondazione Ugo Bordoni)
Nero 11 Essentials (HKLM-x32\...\{F8635CF8-B797-4EFD-80BC-DE2D26C65D4F}) (Version: 11.0.00300 - Nero AG)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.0.18000.19.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero BurnRights 11 (x32 Version: 5.0.10300.4.100 - Nero AG) Hidden
Nero BurnRights 11 Help (CHM) (x32 Version: 11.0.10100 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.15500.1.16 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.0.11900.24.100 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11400.27.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden
Nitro Pro 8 (HKLM\...\{47B42E7A-57E9-407B-8DBB-017B86D7B13F}) (Version: 8.5.2.10 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OmegaT version 3.0.6_Beta (HKLM-x32\...\OmegaT 3.0.6_Beta_is1) (Version: - OmegaT)
OmegaT version 3.0.8_04_Beta (HKLM-x32\...\OmegaT 3.0.8_04_Beta_is1) (Version: - OmegaT)
Online Safety 2.71.927.655 (x32 Version: 2.71.927.655 - F-Secure Corporation) Hidden
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
PDF Password Remover (HKLM-x32\...\{DB150C19-4A8F-4EF7-AC75-96098EACE179}) (Version: 1.0.6 - PDF Technologies)
Philips Phone Manager (HKLM-x32\...\{A1251409-ABB0-4D7F-888C-9180AD1BA982}) (Version: 2.0.8.1 - Philips)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.4.2 - Vaclav Slavik)
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RailLexic3 (HKLM-x32\...\{6170C6C9-3823-11D6-9FCB-0050BA2BF51C}) (Version: 1.00.0000 - International Union of Railways)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6597 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
RtkClassFilter (HKLM-x32\...\InstallShield_{8220FCF2-A57F-4236-BFCC-C6C2268E851E}) (Version: 1.2.1.4 - REALTEK Semiconductor Corp)
RtkClassFilter (x32 Version: 1.2.1.4 - REALTEK Semiconductor Corp) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SDL FLEXlm License Server (HKLM-x32\...\{465B20FE-0674-4399-AA03-98E1FDA47CA9}) (Version: 8.2.835 - SDL International)
SDL legit! (HKLM-x32\...\{3A392034-29D4-4A6B-8C29-B4D0B0201A92}) (Version: 1.00.0000 - SDL)
SDL MultiTerm 2014 SP1 - Remove suite of products (HKLM-x32\...\Multiterm2014) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Convert (HKLM-x32\...\{00E7ECF4-38BC-475F-BBE6-282ABFF02BD8}) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Core (HKLM-x32\...\{5D288314-1F3C-4CD0-B3E3-D0B5C9E77D8E}) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Desktop (HKLM-x32\...\{5769F2EE-3613-46F4-B13B-F836AC9351ED}) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Word Integration (HKLM-x32\...\{D246804B-0CB7-45E4-A7F6-F081E5518881}) (Version: 11.1.1266 - SDL)
SDL MultiTerm SideBySide Tools (HKLM-x32\...\{18107EE8-6977-4181-A2D2-A9DF2DB609DD}) (Version: 1.0.181 - SDL)
SDL Passolo 2009 Essential SR3 (HKLM-x32\...\SDL Passolo 2009 Essential SR3) (Version: SDL Passolo 2009 Essential SR3 - SDL Passolo GmbH)
SDL Passolo Essential 2011 SP6 (HKLM-x32\...\{24ECA561-FBF3-46D1-9293-0BB3605A63B6}) (Version: 11.9.0.53 - SDL)
SDL Studio InQuote (HKLM-x32\...\{8296CD0E-B9B6-4198-99FE-214B5873599D}) (Version: 1.00.0001 - SDL)
SDL Trados 2007 (HKLM-x32\...\{69C76448-D4B8-4886-A848-61CD4EB4B2C7}) (Version: 8.2.835 - SDL International)
SDL Trados 2007 Freelance (HKLM-x32\...\{43BD0C58-6E6E-4500-AFB0-263423319604}) (Version: 8.3.863 - SDL International)
SDL Trados 2007 Translation Memory Plug-in for Studio 2014 (HKLM-x32\...\{6A70521D-4BDB-4254-BB7A-2D44B8F313C6}) (Version: 2.0.169 - SDL)
SDL Trados 2014 SP1 - Remove suite of products (HKLM-x32\...\TranslationStudio2014) (Version: 3.1.3931 - SDL)
SDL Trados Studio 2009 SP3 (HKLM-x32\...\{399F2130-59E1-11DF-9F46-8091DFD72085}) (Version: 1.3.2307.0 - SDL)
SDL Trados Studio 2014 SP1 (HKLM-x32\...\{B0709AD8-CF92-4E8E-9154-21B0CF43F4FD}) (Version: 3.1.4085 - SDL)
SDL Trados Synergy 2007 (HKLM-x32\...\{7E62742F-1EEF-4532-B7FF-2D58004BDEAE}) (Version: 2.3.161.0 - SDL International)
SDLX (HKLM-x32\...\{CE98383B-7BB4-457C-AEAB-D89E9537628F}) (Version: 9.3.7080 - )
SDLX (x32 Version: 9.2.7035 - SDL International) Hidden
SDLXliff2Tmx (HKLM-x32\...\{F60442E4-187F-4AFC-BFFA-2664B8C2C13D}) (Version: 1.0.0 - TMServe)
Sigil 0.7.3 (HKLM-x32\...\Sigil_is1) (Version: - John Schember)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.2 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{2C486987-D447-4E36-8D61-86E48E24199C}) (Version: 1.3.10.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.04 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2004 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0009 - TOSHIBA)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.0021.640203 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.0021.640203 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.33 - TOSHIBA Corporation) Hidden
Translation Office 3000, Version 11 (HKLM-x32\...\Translation Office 3000, Version 11_is1) (Version: - Advanced International Translations)
Translation Workspace Client 3.20 (HKLM-x32\...\Translation Workspace Client_is1) (Version: - Lionbridge Global Software Products, Inc.)
Translation Workspace XLIFF Editor 2.10.4.Stable (2013-12-13_15 (HKLM-x32\...\TranslationWorkspaceXliffEditor_is1) (Version: 2.10.4 - Lionbridge, Inc.)
UniLex Pro (HKLM-x32\...\UniLex Pro) (Version: 3.13.1.23 - Acolada GmbH)
UniLex Pro (x32 Version: 3.13.1.23 - Acolada GmbH) Hidden
UniTerm Light (HKLM-x32\...\UniTerm Light) (Version: - Acolada GmbH)
UniTerm Light (x32 Version: 4.12.9.25 - Acolada GmbH) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.2.2.182 - Vodafone)
Vodafone PC Protection (HKLM-x32\...\F-Secure ServiceEnabler 4730514) (Version: 1.71.340.0 - F-Secure Corporation)
Vodafone PC Protection (x32 Version: 1.71.340.0 - F-Secure Corporation) Hidden
VodafoneStation2 (HKLM-x32\...\org.mart3.VodafoneStation) (Version: 1.1 - Vodafone Group Services GmbH)
VodafoneStation2 (x32 Version: 1.1 - Vodafone Group Services GmbH) Hidden
welcome (x32 Version: 11.0.22500.0.0 - Nero AG) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (12/02/2011 2.3.8.1) (HKLM\...\EA90D42054890B3938D0BEF1E8A316D20C6D6003) (Version: 12/02/2011 2.3.8.1 - Realtek Semiconductor Corp.)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\119046B6D39BBB85A700BB4D451858A003C331AC) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\4D59E7849DD13622C7CD9736C3BC8D67F8FF1F23) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\768E87C91FF81FF582D166E1AC9D74633D9B741D) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\C24BC9096B2E5D1847B32CB5C18C05C9AA99B843) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wyhlidal (HKLM-x32\...\Wyhlidal) (Version: - )
Your SDL Studio (HKLM-x32\...\{E7394661-2E20-4359-879F-98903FA2597E}) (Version: 1.00.0000 - SDL)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-584107321-1109983158-1431727784-1000_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
==================== Restore Points =========================
15-08-2014 18:29:26 Windows Update
16-08-2014 08:20:38 Windows Update
18-08-2014 06:35:56 Avira Free Antivirus - 18.08.2014 08:35
18-08-2014 13:24:01 Removed Java(TM) 6 Update 14
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2397EF68-B8EE-4221-913B-E57EA8E309DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17] (Google Inc.)
Task: {32327052-A89D-4F10-9F25-7D703B70193F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {7F2113DD-8941-4275-8FF5-DDB49AA01E42} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {80928F34-6242-4324-95FD-0A0859C20B0F} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {9EDF2181-2728-4C42-9D5B-21586CE86F58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17] (Google Inc.)
Task: {D15818DF-1669-4345-A600-B80C857E2363} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {E6BC1221-C65F-4B75-B600-394994CE60E1} - System32\Tasks\Security Center Update - 4139784919 => C:\Users\langnet\AppData\Roaming\Ysimxae\ciaszao.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\Security Center Update - 4139784919.job => C:\Users\langnet\AppData\Roaming\Ysimxae\ciaszao.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-05-05 00:18 - 2010-09-10 02:26 - 00162824 _____ () C:\Windows\System32\GFNEXSrv.exe
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-08-23 00:19 - 2011-08-23 00:19 - 11204992 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2011-11-24 22:20 - 2011-11-24 22:20 - 00593856 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2010-12-16 00:19 - 2010-12-16 00:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2012-03-27 02:33 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-05 00:03 - 2012-02-21 21:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2011-11-26 03:51 - 2011-11-26 03:51 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2013-11-02 02:52 - 2013-08-27 18:19 - 00045504 _____ () C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-11-26 14:49 - 2012-11-26 14:49 - 00216632 _____ () C:\Program Files (x86)\Vodafone\daas2.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-18 08:28 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\langnet\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-03-05 21:19 - 2011-02-26 20:01 - 00027648 _____ () C:\Program Files (x86)\Nemesys\dist\servicemanager.pyd
2014-03-05 21:19 - 2011-02-27 18:13 - 00110080 _____ () C:\Program Files (x86)\Nemesys\dist\pywintypes27.dll
2014-03-05 21:19 - 2011-02-26 20:00 - 00040960 _____ () C:\Program Files (x86)\Nemesys\dist\win32service.pyd
2014-03-05 21:19 - 2011-02-26 20:00 - 00096768 _____ () C:\Program Files (x86)\Nemesys\dist\win32api.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00287232 _____ () C:\Program Files (x86)\Nemesys\dist\_hashlib.pyd
2014-03-05 21:19 - 2011-02-26 20:02 - 00354304 _____ () C:\Program Files (x86)\Nemesys\dist\pythoncom27.dll
2014-03-05 21:19 - 2011-02-26 19:59 - 00017408 _____ () C:\Program Files (x86)\Nemesys\dist\win32event.pyd
2014-03-05 21:19 - 2011-06-12 15:09 - 00038400 _____ () C:\Program Files (x86)\Nemesys\dist\_socket.pyd
2014-03-05 21:19 - 2011-06-12 15:09 - 00720896 _____ () C:\Program Files (x86)\Nemesys\dist\_ssl.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00011776 _____ () C:\Program Files (x86)\Nemesys\dist\select.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00152576 _____ () C:\Program Files (x86)\Nemesys\dist\pyexpat.pyd
2014-03-05 21:19 - 2012-05-31 11:14 - 00048641 _____ () C:\Program Files (x86)\Nemesys\dist\pktman.pyd
2014-03-05 21:19 - 2012-05-11 12:35 - 00016896 _____ () C:\Program Files (x86)\Nemesys\dist\netifaces.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00106496 _____ () C:\Program Files (x86)\Nemesys\dist\_ctypes.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00030208 _____ () C:\Program Files (x86)\Nemesys\dist\_tkinter.pyd
2014-08-13 08:49 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-11-02 02:56 - 2013-11-02 02:56 - 00030888 _____ () C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-11-02 02:52 - 2013-12-11 05:00 - 00212008 _____ () C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Spam Control\fsas.dll
2012-01-25 19:57 - 2012-01-25 19:57 - 00172032 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll
2012-05-05 00:02 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk => C:\windows\pss\Toshiba Places Icon Utility.lnk.CommonStartup
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: F-Secure Hoster (4730514) => "C:\Program Files (x86)\Vodafone\fshoster32.exe" -app -hosterid:1
MSCONFIG\startupreg: F-Secure Manager => "C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSM32.EXE" /splash
MSCONFIG\startupreg: GoogleChromeAutoLaunch_84F9BC2A18CE16FFEB8736544725BB78 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/18/2014 06:42:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 06:42:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Lmgrd.exe, Version: 11.4.0.0, Zeitstempel: 0x452ebed9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0xLmgrd.exe0
Pfad der fehlerhaften Anwendung: Lmgrd.exe1
Pfad des fehlerhaften Moduls: Lmgrd.exe2
Berichtskennung: Lmgrd.exe3
Error: (08/18/2014 05:47:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 05:46:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Lmgrd.exe, Version: 11.4.0.0, Zeitstempel: 0x452ebed9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1134
Startzeit der fehlerhaften Anwendung: 0xLmgrd.exe0
Pfad der fehlerhaften Anwendung: Lmgrd.exe1
Pfad des fehlerhaften Moduls: Lmgrd.exe2
Berichtskennung: Lmgrd.exe3
Error: (08/18/2014 05:45:59 PM) (Source: ExpatShieldService) (EventID: 10117) (User: )
Description: ExpatShieldService error: 2OPENVPNAS: Registry key HKLM\SOFTWARE\ExpatShield not found
System errors:
=============
Error: (08/18/2014 06:42:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NewServiceInstall1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error: (08/18/2014 05:46:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NewServiceInstall1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error: (08/18/2014 05:45:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Expat Shield Service" wurde mit folgendem Fehler beendet:
%%2
Microsoft Office Sessions:
=========================
Error: (01/28/2014 06:18:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 49121 seconds with 8340 seconds of active time. This session ended with a crash.
Error: (01/23/2014 02:02:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 328457 seconds with 26460 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:57:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:53:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:52:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:52:38 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:51:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:50:32 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:49:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 394541 seconds with 5640 seconds of active time. This session ended with a crash.
Error: (10/31/2013 07:03:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 97032 seconds with 17940 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-11-02 00:48:37.859
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-02 00:48:37.797
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-02 00:46:36.710
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-02 00:46:36.663
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-16 00:45:00.195
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-16 00:45:00.148
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-14 16:48:58.848
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-14 16:48:58.786
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-12 04:01:23.254
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-12 04:01:23.207
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 44%
Total physical RAM: 3985.8 MB
Available physical RAM: 2222.64 MB
Total Pagefile: 7969.79 MB
Available Pagefile: 5149.1 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (Systemlaufwerk) (Fixed) (Total:448.14 GB) (Free:242.87 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1DE56D1D)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=448.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=17)
==================== End Of Log ============================
Kann mir jemand helfen, diese blöde Meldung wegzukriegen?  |
|
18.08.2014, 19:05
| #2 |
| /// the machine /// TB-Ausbilder    | RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) hi,
__________________ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte.
__________________ |
|
18.08.2014, 23:50
| #3 |
| | RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) So, hier nach 4 Stunden der ESET-Log (4 Funde):
__________________Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=13def8b7fb9f414dab59980564203628
# engine=19718
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-18 10:22:19
# local_time=2014-08-19 12:22:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 30908 2285592 0 0
# compatibility_mode_1='Computer Security'
# compatibility_mode=2308 16777213 100 91 16554 30781472 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 39343 160030388 0 0
# scanned=166601
# found=4
# cleaned=0
# scan_time=14302
sh=2EA01BDDE25D4303699A47C59405AACF07BCE798 ft=1 fh=ff4d777e01df7e28 vn="Win32/StartPage.OPH Trojaner" ac=I fn="B:\Software\vlc-2.0.4-win64.exe"
sh=234F7F905259F7FEC16FC56B6A80BCB84E4FDE83 ft=1 fh=7e877ee978bcaee0 vn="möglicherweise Variante von Win32/YourFileDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\goforfiles\uninstall.exe.vir"
sh=C2EEB7A2E6ED49A1CF602CFEB9224B62A0D14994 ft=1 fh=f0dc28e17e336e2e vn="Variante von Win32/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\langnet\AppData\Roaming\OpenCandy\D1E10894FA864CC593A977BB02D09D0B\Installer.exe.vir"
sh=26596C16C3B4B62664C7042BA3F23D6C646AC730 ft=1 fh=7fd31d9885c9dbb6 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Arbeitsplatz\Downloads\HSS-2.25-install-anchorfree-232-expatshield.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Protezione Computer
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 30
Java 7 Update 55
Java 8
Java version out of Date!
Adobe Flash Player 12.0.0.70 Flash Player out of Date!
Adobe Reader XI
Mozilla Firefox 29.0.1 Firefox out of Date!
Mozilla Thunderbird (24.6.0)
Google Chrome 36.0.1985.125
Google Chrome 36.0.1985.143
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Vodafone apps ComputerSecurity Anti-Virus\FSGK32.EXE
Vodafone apps ComputerSecurity Anti-Virus\fssm32.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
18.08.2014, 23:50
| #4 |
| | RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by langnet (administrator) on LANGNET-TOSH on 19-08-2014 00:34:07
Running from C:\Users\langnet\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Windows\System32\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Google) C:\Program Files (x86)\Google\Google Talk\googletalk.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\CCF_Reputation\fsorsp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nalserv.exe
(Fondazione Ugo Bordoni) C:\Program Files (x86)\Nemesys\dist\Nemesys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(SDL) C:\Program Files (x86)\SDL\SDL Trados Studio\Studio3\ProductTelemetricsService\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSMA32.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSHDLL64.EXE
(F-Secure Corporation) C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeBtMng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosLeSrvProvider.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHid.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-16] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1548208 2011-11-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-15] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2012-02-17] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1492264 2011-11-18] (Nero AG)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-12] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\.DEFAULT\...\Run: [Duden Korrektor SysTray] => C:\Program Files (x86)\Duden\Duden Korrektor\DKTray.exe [336560 2010-10-04] (Expert System S.p.A.)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-02-17] (Google Inc.)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3293184 2007-11-21] (Google)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [222128 2007-03-29] (Macrovision Corporation)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [GoogleChromeAutoLaunch_84F9BC2A18CE16FFEB8736544725BB78] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-08-07] (Google Inc.)
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [OdatuWlanc] => regsvr32.exe "
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {c28cfd76-13db-11e3-84f3-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {c88a30a2-a3a3-11e2-bec7-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {c88a30a4-a3a3-11e2-bec7-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {d62446b5-1875-11e3-bfbf-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {d71a8bf2-2b93-11e2-a138-0015e92d5e74} - E:\StartVMCLite.exe
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\MountPoints2: {d71a8bf8-2b93-11e2-a138-0015e92d5e74} - E:\StartVMCLite.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SDL Trados 2007 Speed Launcher.lnk
ShortcutTarget: SDL Trados 2007 Speed Launcher.lnk -> C:\Program Files (x86)\SDL International\SDL Trados Synergy 2007\Synergy.exe (SDL International)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\langnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/
SearchScopes: HKLM - {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKLM-x32 - {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA;
SearchScopes: HKCU - DefaultScope {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deIT509
SearchScopes: HKCU - 45D4E5427CC242CF86B79046E7EE679D URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deIT509
SearchScopes: HKCU - {EB59FF46-E6CC-4BED-A06B-787BC7F47B59} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TEUA_deIT509
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default
FF NewTab: about:blank
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF Keyword.URL: hxxp://www.google.com/search?rls=org.mozilla:en-US:official&client=firefox-a&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.0.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.0.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\abs@avira.com [2014-08-18]
FF Extension: Media Hint - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\mediahint@jetpack.xpi [2014-03-04]
FF Extension: CoolPreviews - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-03-08]
FF Extension: Adblock Edge - C:\Users\langnet\AppData\Roaming\Mozilla\Firefox\Profiles\pu4ub387.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-03-04]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKCU\...\Firefox\Extensions: [wcapturex@deskperience.com] - C:\Program Files (x86)\UniLexPro\WCaptureMoz
FF Extension: WordCaptureX UniLex Pro Quick!Search - C:\Program Files (x86)\UniLexPro\WCaptureMoz [2013-01-27]
Chrome:
=======
CHR HomePage:
CHR StartupUrls: "hxxp://www.spiegel.de/"
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-08-18]
CHR Extension: (ZenMate) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-08-18]
CHR Extension: (Avira Browser Safety) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-18]
CHR Extension: (AdBlock) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-18]
CHR Extension: (Skype Click to Call) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-19]
CHR Extension: (Google Wallet) - C:\Users\langnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2012-11-12] (Macrovision Europe Ltd.) [File not signed]
R2 FoxitCloudUpdateService; C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 fshoster; C:\Program Files (x86)\Vodafone\fshoster32.exe [183864 2012-11-26] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSMA32.EXE [207808 2013-08-27] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Vodafone\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-10] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 MSSQL$ACROSS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 NalServ; C:\windows\SysWOW64\nalserv.exe [147056 2014-03-11] (Nalpeiron Ltd.)
R2 Nemesys; C:\Program Files (x86)\Nemesys\dist\Nemesys.exe [90112 2013-02-20] (Fondazione Ugo Bordoni) [File not signed]
S2 NewServiceInstall1; C:\Program Files (x86)\SDL International\T2007\TT\Lng\Dialogs1031.lng [11264 2007-04-23] () [File not signed]
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
S2 SDL FLEXlm License Server; C:\Program Files (x86)\SDL International\License Server\Lmgrd.exe [1339392 2007-02-22] (Macrovision Corporation) [File not signed]
R2 Sdl.Studio.ProductTelemetrics.v1; C:\Program Files (x86)\SDL\SDL Trados Studio\Studio3\ProductTelemetricsService\Sdl.Desktop.ProductTelemetrics.Host.Windows.exe [11776 2014-04-16] (SDL) [File not signed]
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-02] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [41024 2013-11-02] ()
R3 fsni; C:\Program Files (x86)\Vodafone\apps\CCF_Scanning\fsni64.sys [80832 2013-04-25] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-27] ()
S3 RtkBtFilter; C:\Windows\System32\DRIVERS\RtkBtfilter.sys [21096 2012-01-05] (Realtek Microelectronics)
R3 RTL8192Ce; C:\Windows\System32\DRIVERS\rtwlane.sys [1082472 2012-01-17] (Realtek Semiconductor Corporation )
S3 TDEIO; \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 00:34 - 2014-08-19 00:34 - 00028745 _____ () C:\Users\langnet\Desktop\FRST.txt
2014-08-19 00:32 - 2014-08-19 00:33 - 00001227 _____ () C:\Users\langnet\Desktop\checkup.txt
2014-08-18 20:21 - 2014-08-18 20:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-18 20:20 - 2014-08-18 20:20 - 00854417 _____ () C:\Users\langnet\Desktop\SecurityCheck.exe
2014-08-18 20:17 - 2014-08-18 20:17 - 02347384 _____ (ESET) C:\Users\langnet\Desktop\esetsmartinstaller_deu.exe
2014-08-18 17:30 - 2014-08-18 17:30 - 00002140 _____ () C:\Users\langnet\Desktop\JRT.txt
2014-08-18 17:23 - 2014-08-18 17:23 - 00000000 ____D () C:\windows\ERUNT
2014-08-18 17:22 - 2014-08-18 17:22 - 01016261 _____ (Thisisu) C:\Users\langnet\Desktop\JRT.exe
2014-08-18 17:17 - 2014-08-18 17:17 - 00155658 _____ () C:\Users\langnet\Desktop\Gmer.txt
2014-08-18 16:54 - 2014-08-18 16:54 - 00380416 _____ () C:\Users\langnet\Desktop\Gmer-19357.exe
2014-08-18 16:07 - 2014-08-19 00:34 - 00000000 ____D () C:\FRST
2014-08-18 16:05 - 2014-08-18 16:05 - 02101760 _____ (Farbar) C:\Users\langnet\Desktop\FRST64.exe
2014-08-18 15:29 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-08-18 15:28 - 2014-08-18 18:38 - 00000000 ____D () C:\AdwCleaner
2014-08-18 15:27 - 2014-08-18 15:27 - 01361671 _____ () C:\Users\langnet\Desktop\adwcleaner_3.307.exe
2014-08-18 15:17 - 2014-08-18 15:17 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Avira
2014-08-18 15:14 - 2014-08-18 15:12 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-08-18 15:09 - 2014-07-23 13:29 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-08-18 15:09 - 2014-07-23 13:29 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-08-18 15:09 - 2014-07-23 13:29 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-08-18 14:53 - 2014-08-18 18:40 - 00000336 _____ () C:\windows\setupact.log
2014-08-18 14:53 - 2014-08-18 14:53 - 00000000 _____ () C:\windows\setuperr.log
2014-08-18 14:52 - 2014-08-18 18:40 - 00136936 _____ () C:\windows\PFRO.log
2014-08-18 13:18 - 2014-08-18 13:20 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-18 13:18 - 2014-08-18 13:18 - 00002776 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-18 13:18 - 2014-08-18 13:18 - 00000874 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-18 13:18 - 2014-08-18 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-18 08:20 - 2014-08-18 15:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 08:20 - 2014-08-18 15:09 - 00000000 ____D () C:\ProgramData\Avira
2014-08-18 08:20 - 2014-08-18 15:09 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 08:20 - 2014-08-18 08:20 - 00001149 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 00:04 - 2014-08-18 00:04 - 00025657 _____ () C:\Users\langnet\AppData\Roaming\hs_err_pid7296.log
2014-08-18 00:03 - 2014-08-18 00:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-17 23:58 - 2014-08-19 00:21 - 00000816 _____ () C:\windows\Tasks\Security Center Update - 4139784919.job
2014-08-17 23:58 - 2014-08-17 23:58 - 00003828 _____ () C:\windows\System32\Tasks\Security Center Update - 4139784919
2014-08-17 23:52 - 2014-08-18 11:50 - 00000000 ____D () C:\ProgramData\OdatuWlanc
2014-08-17 18:40 - 2014-08-17 18:40 - 00000000 ____H () C:\Users\langnet\Documents\Default.rdp
2014-08-16 14:42 - 2014-08-16 14:49 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00001877 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-08-16 13:39 - 2014-08-16 13:39 - 00002564 _____ () C:\windows\diagwrn.xml
2014-08-16 13:39 - 2014-08-16 13:39 - 00001908 _____ () C:\windows\diagerr.xml
2014-08-16 10:23 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-16 10:23 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\windows\SysWOW64\infocardapi.dll
2014-08-16 10:22 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-16 10:22 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardres.dll
2014-08-16 10:22 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\windows\SysWOW64\TsWpfWrp.exe
2014-08-16 10:22 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-16 10:22 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-16 10:22 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\windows\SysWOW64\icardagt.exe
2014-08-14 22:27 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-08-14 22:27 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-14 22:27 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-14 22:27 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-14 22:27 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-08-14 22:27 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-08-14 22:27 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-08-14 22:27 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-08-14 22:27 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-08-14 22:27 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-14 22:27 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDYAK.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAT.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDRU1.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
2014-08-14 22:27 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDRU.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDYAK.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAT.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU1.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDRU.DLL
2014-08-14 22:27 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
2014-08-14 22:27 - 2014-07-09 00:38 - 00419992 _____ () C:\windows\system32\locale.nls
2014-08-14 22:27 - 2014-07-09 00:30 - 00419992 _____ () C:\windows\SysWOW64\locale.nls
2014-08-14 22:26 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-14 22:26 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-14 22:26 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-14 22:26 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-14 22:26 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-08-14 22:26 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2014-08-14 22:26 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-14 22:26 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2014-08-14 22:26 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2014-08-14 22:26 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2014-08-14 22:26 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2014-08-14 22:26 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-14 22:26 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-14 22:26 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-14 22:26 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-14 22:26 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-14 22:26 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
2014-08-14 22:26 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
2014-08-14 22:26 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
2014-08-14 21:12 - 2014-08-14 21:12 - 00002164 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-02 09:25 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-08-02 09:25 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-08-02 09:25 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2014-08-02 09:25 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2014-08-02 09:24 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2014-08-02 09:24 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-08-02 09:24 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-08-02 09:23 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2014-08-02 09:23 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2014-08-02 09:23 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2014-08-02 09:23 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2014-07-23 10:14 - 2014-07-23 10:14 - 00000863 _____ () C:\Users\langnet\AppData\Local\recently-used.xbel
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 00:34 - 2014-08-19 00:34 - 00028745 _____ () C:\Users\langnet\Desktop\FRST.txt
2014-08-19 00:34 - 2014-08-18 16:07 - 00000000 ____D () C:\FRST
2014-08-19 00:34 - 2012-11-10 21:15 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Skype
2014-08-19 00:33 - 2014-08-19 00:32 - 00001227 _____ () C:\Users\langnet\Desktop\checkup.txt
2014-08-19 00:22 - 2012-05-04 23:57 - 01207302 _____ () C:\windows\WindowsUpdate.log
2014-08-19 00:22 - 2012-02-17 07:25 - 00001124 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 00:21 - 2014-08-17 23:58 - 00000816 _____ () C:\windows\Tasks\Security Center Update - 4139784919.job
2014-08-18 20:21 - 2014-08-18 20:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-08-18 20:20 - 2014-08-18 20:20 - 00854417 _____ () C:\Users\langnet\Desktop\SecurityCheck.exe
2014-08-18 20:17 - 2014-08-18 20:17 - 02347384 _____ (ESET) C:\Users\langnet\Desktop\esetsmartinstaller_deu.exe
2014-08-18 20:05 - 2011-02-11 10:21 - 00749564 _____ () C:\windows\system32\perfh007.dat
2014-08-18 20:05 - 2011-02-11 10:21 - 00168964 _____ () C:\windows\system32\perfc007.dat
2014-08-18 20:05 - 2009-07-14 07:13 - 01761670 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-18 18:51 - 2009-07-14 06:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-18 18:51 - 2009-07-14 06:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-18 18:42 - 2009-07-14 06:45 - 00501168 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-18 18:41 - 2012-02-17 07:25 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-18 18:40 - 2014-08-18 14:53 - 00000336 _____ () C:\windows\setupact.log
2014-08-18 18:40 - 2014-08-18 14:52 - 00136936 _____ () C:\windows\PFRO.log
2014-08-18 18:40 - 2012-05-05 00:03 - 00000828 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-08-18 18:40 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-18 18:38 - 2014-08-18 15:28 - 00000000 ____D () C:\AdwCleaner
2014-08-18 17:30 - 2014-08-18 17:30 - 00002140 _____ () C:\Users\langnet\Desktop\JRT.txt
2014-08-18 17:23 - 2014-08-18 17:23 - 00000000 ____D () C:\windows\ERUNT
2014-08-18 17:22 - 2014-08-18 17:22 - 01016261 _____ (Thisisu) C:\Users\langnet\Desktop\JRT.exe
2014-08-18 17:17 - 2014-08-18 17:17 - 00155658 _____ () C:\Users\langnet\Desktop\Gmer.txt
2014-08-18 16:54 - 2014-08-18 16:54 - 00380416 _____ () C:\Users\langnet\Desktop\Gmer-19357.exe
2014-08-18 16:05 - 2014-08-18 16:05 - 02101760 _____ (Farbar) C:\Users\langnet\Desktop\FRST64.exe
2014-08-18 15:58 - 2012-11-11 02:29 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Nitro PDF
2014-08-18 15:27 - 2014-08-18 15:27 - 01361671 _____ () C:\Users\langnet\Desktop\adwcleaner_3.307.exe
2014-08-18 15:25 - 2014-05-12 17:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-18 15:25 - 2012-02-17 07:14 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-18 15:17 - 2014-08-18 15:17 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Avira
2014-08-18 15:12 - 2014-08-18 15:14 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2014-08-18 15:11 - 2014-08-18 08:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-18 15:09 - 2014-08-18 08:20 - 00000000 ____D () C:\ProgramData\Avira
2014-08-18 15:09 - 2014-08-18 08:20 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-18 14:54 - 2012-05-05 00:03 - 00000830 _____ () C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-08-18 14:53 - 2014-08-18 14:53 - 00000000 _____ () C:\windows\setuperr.log
2014-08-18 14:38 - 2012-11-11 03:56 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\Free Download Manager
2014-08-18 14:37 - 2012-02-18 06:32 - 00000000 ____D () C:\windows\Panther
2014-08-18 13:20 - 2014-08-18 13:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-18 13:18 - 2014-08-18 13:18 - 00002776 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-08-18 13:18 - 2014-08-18 13:18 - 00000874 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-08-18 13:18 - 2014-08-18 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-18 12:08 - 2014-03-23 14:56 - 00000000 ____D () C:\ProgramData\EPSON
2014-08-18 11:50 - 2014-08-17 23:52 - 00000000 ____D () C:\ProgramData\OdatuWlanc
2014-08-18 08:20 - 2014-08-18 08:20 - 00001149 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-18 08:20 - 2013-12-31 20:16 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 00:04 - 2014-08-18 00:04 - 00025657 _____ () C:\Users\langnet\AppData\Roaming\hs_err_pid7296.log
2014-08-18 00:03 - 2014-08-18 00:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-17 23:58 - 2014-08-17 23:58 - 00003828 _____ () C:\windows\System32\Tasks\Security Center Update - 4139784919
2014-08-17 23:52 - 2013-01-27 05:17 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 18:40 - 2014-08-17 18:40 - 00000000 ____H () C:\Users\langnet\Documents\Default.rdp
2014-08-17 18:40 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2014-08-17 17:06 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\system32\NDF
2014-08-17 12:12 - 2014-02-14 17:52 - 00015872 ___SH () C:\Users\langnet\Thumbs.db
2014-08-17 09:59 - 2012-02-17 07:01 - 00000000 ____D () C:\ProgramData\Skype
2014-08-16 14:49 - 2014-08-16 14:42 - 00000000 ____D () C:\Users\langnet\AppData\Roaming\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00001889 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00001877 _____ () C:\Users\Public\Desktop\ImgBurn.lnk
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-08-16 14:29 - 2014-08-16 14:29 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-08-16 13:39 - 2014-08-16 13:39 - 00002564 _____ () C:\windows\diagwrn.xml
2014-08-16 13:39 - 2014-08-16 13:39 - 00001908 _____ () C:\windows\diagerr.xml
2014-08-16 10:44 - 2012-11-10 22:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-16 10:37 - 2013-07-20 03:00 - 00000000 ____D () C:\windows\system32\MRT
2014-08-16 10:29 - 2012-11-12 22:50 - 99218768 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-08-16 10:21 - 2014-05-06 17:05 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-08-15 15:00 - 2014-05-03 14:32 - 00002171 _____ () C:\Users\Public\Desktop\SDL Trados Studio 2014.lnk
2014-08-14 21:12 - 2014-08-14 21:12 - 00002164 _____ () C:\Users\Public\Desktop\Foxit Reader.lnk
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\Users\Public\Foxit Software
2014-08-14 21:12 - 2014-08-14 21:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2014-08-13 08:49 - 2014-04-27 21:35 - 00002187 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-07 04:06 - 2014-08-14 22:26 - 00529920 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 22:26 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-08-04 18:45 - 2013-03-16 04:02 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-04 18:45 - 2013-03-16 04:02 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 20:46 - 2013-02-08 19:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-07-26 09:45 - 2013-03-16 04:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 14:11 - 2014-08-14 22:27 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-24 14:10 - 2014-08-14 22:27 - 02240000 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-24 14:10 - 2014-08-14 22:27 - 01407488 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 19279872 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 15399936 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 02655232 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-24 14:09 - 2014-08-14 22:27 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00451584 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00097280 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-24 14:09 - 2014-08-14 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-24 12:52 - 2014-08-14 22:27 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-24 12:52 - 2014-08-14 22:27 - 01180672 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 14371328 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 13757440 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 02861568 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 02054656 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-24 12:51 - 2014-08-14 22:27 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-24 12:51 - 2014-08-14 22:27 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-24 12:33 - 2014-08-14 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-24 12:29 - 2014-08-14 22:27 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-23 13:29 - 2014-08-18 15:09 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2014-07-23 13:29 - 2014-08-18 15:09 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2014-07-23 13:29 - 2014-08-18 15:09 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys
2014-07-23 13:25 - 2012-11-11 18:30 - 00000000 ___RD () C:\Arbeitsplatz
2014-07-23 10:15 - 2013-03-15 16:26 - 00000000 ____D () C:\Users\langnet\.gimp-2.8
2014-07-23 10:14 - 2014-07-23 10:14 - 00000863 _____ () C:\Users\langnet\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\langnet\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-17 18:27
==================== End Of Log ============================
Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by langnet at 2014-08-19 00:35:15
Running from C:\Users\langnet\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Protezione Computer (Disabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Protezione Computer (Disabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Acolada UniLex Update 09.2007 (HKLM-x32\...\{48BF6E09-26D8-473D-BE6B-95B4E3499001}) (Version: 09.2007 - Acolada GmbH)
Across Personal Edition (HKLM-x32\...\{3C38D421-BC10-4C08-92AB-6C0C8D834275}) (Version: 5.00.0 - Across Systems GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
ApSIC Xbench 2.9 (HKLM-x32\...\ApSIC Xbench) (Version: 2.9 - ApSIC, S.L.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.00.00(T) - TOSHIBA CORPORATION)
calibre 64bit (HKLM\...\{4C296BF8-1A08-4C8D-A4B3-16FB6AECEF20}) (Version: 1.30.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
ChangeTracker version 1.0.2 (HKLM-x32\...\{AF4D8472-4913-4D50-9638-4397A3ED74F2}_is1) (Version: 1.0.2 - Technolex Translation Studio)
Computer Security 12.71.105.0 (release) (x32 Version: 12.71.105.0 - F-Secure Corporation) Hidden
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
CountAnything (HKLM-x32\...\CountAnything_is1) (Version: 2.1 - Ginstrom IT Solutions (GITS))
CyberGhost VPN (HKLM\...\CyberGhost VPN_is1) (Version: - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dictionary Plug-in For SDL Trados 2014 (HKCU\...\{44015112-aaad-4446-a9bf-de6f6ee41666}) (Version: 1.0.0.4 - TwoSoft)
Dictionary Plug-in For SDL Trados 2014 (x32 Version: 1.0.0.4 - TwoSoft) Hidden
Duden Korrektor Patch 022010 (HKLM-x32\...\{6E554A6F-7BA1-4FCE-ABFA-430A24631111}) (Version: 7.00.0000 - Bibliographisches Institut GmbH)
Duden Korrektor PLUS (HKLM-x32\...\{2E8ECB58-EE3A-452C-B57E-1B982735F0F2}) (Version: 7.00.0000 - Bibliographisches Institut GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Extended Search (HKLM-x32\...\Extended Search) (Version: 1.8 - )
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.2.802 - Foxit Corporation)
Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.23.124.8831 (release) (x32 Version: 1.23.124.8831 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.126 (x32 Version: 1.02.126 - F-Secure Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Glossary Converter (HKLM-x32\...\{4F5BD463-3A83-4E80-BAA1-68961AA50A23}) (Version: 3.0.0 - SDL OpenExchange)
Glossary Plugin (HKLM-x32\...\{FC86C5FA-F90B-4BE5-98E8-5D1303AF0F78}) (Version: 1.0.3 - SDL Open Exchange)
Google Books Downloader version 2.3 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.3 - GBOOKSDOWNLOADER.COM)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - )
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 11.1.10500.2.65 - Nero AG) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
J2SE Runtime Environment 5.0 Update 10 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150100}) (Version: 1.5.0.100 - Sun Microsystems, Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LibreOffice 4.2.2.1 (HKLM-x32\...\{0ECDB550-79ED-4E9E-851B-19A8B2B4EBFA}) (Version: 4.2.2.1 - The Document Foundation)
localix.biz tw4winClean (HKLM-x32\...\localix.biz tw4winClean) (Version: - ) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Visio MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (ACROSS) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
MisuraInternet Speed Test 1.1.2 (HKLM-x32\...\MisuraInternet Speed Test_is1) (Version: 1.1.2 - Fondazione Ugo Bordoni) <==== ATTENTION
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nemesys 2.1.3 (HKLM-x32\...\Nemesys_is1) (Version: 2.1.3 - Fondazione Ugo Bordoni)
Nero 11 Essentials (HKLM-x32\...\{F8635CF8-B797-4EFD-80BC-DE2D26C65D4F}) (Version: 11.0.00300 - Nero AG)
Nero 11 Kwik Themes Basic (x32 Version: 11.0.11200.12.0 - Nero AG) Hidden
Nero BackItUp 11 (x32 Version: 6.0.18000.19.100 - Nero AG) Hidden
Nero BackItUp 11 Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero BurnRights 11 (x32 Version: 5.0.10300.4.100 - Nero AG) Hidden
Nero BurnRights 11 Help (CHM) (x32 Version: 11.0.10100 - Nero AG) Hidden
Nero ControlCenter 11 (x32 Version: 11.0.12700.0.27 - Nero AG) Hidden
Nero ControlCenter 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Core Components 11 (x32 Version: 11.0.15500.1.16 - Nero AG) Hidden
Nero Express 11 (x32 Version: 11.0.11900.24.100 - Nero AG) Hidden
Nero Express 11 Help (CHM) (x32 Version: 11.0.10300 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.10.24800.146.100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 11.0.10200 - Nero AG) Hidden
Nero RescueAgent 11 (x32 Version: 4.0.10600.10.100 - Nero AG) Hidden
Nero RescueAgent 11 Help (CHM) (x32 Version: 11.0.10400 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11400.27.0 - Nero AG) Hidden
nero.prerequisites.msi (x32 Version: 11.0.20008 - Nero AG) Hidden
Nitro Pro 8 (HKLM\...\{47B42E7A-57E9-407B-8DBB-017B86D7B13F}) (Version: 8.5.2.10 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
OmegaT version 3.0.6_Beta (HKLM-x32\...\OmegaT 3.0.6_Beta_is1) (Version: - OmegaT)
OmegaT version 3.0.8_04_Beta (HKLM-x32\...\OmegaT 3.0.8_04_Beta_is1) (Version: - OmegaT)
Online Safety 2.71.927.655 (x32 Version: 2.71.927.655 - F-Secure Corporation) Hidden
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
PDF Password Remover (HKLM-x32\...\{DB150C19-4A8F-4EF7-AC75-96098EACE179}) (Version: 1.0.6 - PDF Technologies)
Philips Phone Manager (HKLM-x32\...\{A1251409-ABB0-4D7F-888C-9180AD1BA982}) (Version: 2.0.8.1 - Philips)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.4.2 - Vaclav Slavik)
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
RailLexic3 (HKLM-x32\...\{6170C6C9-3823-11D6-9FCB-0050BA2BF51C}) (Version: 1.00.0000 - International Union of Railways)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6597 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
RtkClassFilter (HKLM-x32\...\InstallShield_{8220FCF2-A57F-4236-BFCC-C6C2268E851E}) (Version: 1.2.1.4 - REALTEK Semiconductor Corp)
RtkClassFilter (x32 Version: 1.2.1.4 - REALTEK Semiconductor Corp) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
SDL FLEXlm License Server (HKLM-x32\...\{465B20FE-0674-4399-AA03-98E1FDA47CA9}) (Version: 8.2.835 - SDL International)
SDL legit! (HKLM-x32\...\{3A392034-29D4-4A6B-8C29-B4D0B0201A92}) (Version: 1.00.0000 - SDL)
SDL MultiTerm 2014 SP1 - Remove suite of products (HKLM-x32\...\Multiterm2014) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Convert (HKLM-x32\...\{00E7ECF4-38BC-475F-BBE6-282ABFF02BD8}) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Core (HKLM-x32\...\{5D288314-1F3C-4CD0-B3E3-D0B5C9E77D8E}) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Desktop (HKLM-x32\...\{5769F2EE-3613-46F4-B13B-F836AC9351ED}) (Version: 11.1.1266 - SDL)
SDL MultiTerm 2014 SP1 Word Integration (HKLM-x32\...\{D246804B-0CB7-45E4-A7F6-F081E5518881}) (Version: 11.1.1266 - SDL)
SDL MultiTerm SideBySide Tools (HKLM-x32\...\{18107EE8-6977-4181-A2D2-A9DF2DB609DD}) (Version: 1.0.181 - SDL)
SDL Passolo 2009 Essential SR3 (HKLM-x32\...\SDL Passolo 2009 Essential SR3) (Version: SDL Passolo 2009 Essential SR3 - SDL Passolo GmbH)
SDL Passolo Essential 2011 SP6 (HKLM-x32\...\{24ECA561-FBF3-46D1-9293-0BB3605A63B6}) (Version: 11.9.0.53 - SDL)
SDL Studio InQuote (HKLM-x32\...\{8296CD0E-B9B6-4198-99FE-214B5873599D}) (Version: 1.00.0001 - SDL)
SDL Trados 2007 (HKLM-x32\...\{69C76448-D4B8-4886-A848-61CD4EB4B2C7}) (Version: 8.2.835 - SDL International)
SDL Trados 2007 Freelance (HKLM-x32\...\{43BD0C58-6E6E-4500-AFB0-263423319604}) (Version: 8.3.863 - SDL International)
SDL Trados 2007 Translation Memory Plug-in for Studio 2014 (HKLM-x32\...\{6A70521D-4BDB-4254-BB7A-2D44B8F313C6}) (Version: 2.0.169 - SDL)
SDL Trados 2014 SP1 - Remove suite of products (HKLM-x32\...\TranslationStudio2014) (Version: 3.1.3931 - SDL)
SDL Trados Studio 2009 SP3 (HKLM-x32\...\{399F2130-59E1-11DF-9F46-8091DFD72085}) (Version: 1.3.2307.0 - SDL)
SDL Trados Studio 2014 SP1 (HKLM-x32\...\{B0709AD8-CF92-4E8E-9154-21B0CF43F4FD}) (Version: 3.1.4085 - SDL)
SDL Trados Synergy 2007 (HKLM-x32\...\{7E62742F-1EEF-4532-B7FF-2D58004BDEAE}) (Version: 2.3.161.0 - SDL International)
SDLX (HKLM-x32\...\{CE98383B-7BB4-457C-AEAB-D89E9537628F}) (Version: 9.3.7080 - )
SDLX (x32 Version: 9.2.7035 - SDL International) Hidden
SDLXliff2Tmx (HKLM-x32\...\{F60442E4-187F-4AFC-BFFA-2664B8C2C13D}) (Version: 1.0.0 - TMServe)
Sigil 0.7.3 (HKLM-x32\...\Sigil_is1) (Version: - John Schember)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.2 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{2C486987-D447-4E36-8D61-86E48E24199C}) (Version: 1.3.10.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.04 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2004 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0009 - TOSHIBA)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.0021.640203 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.0021.640203 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.33 - TOSHIBA Corporation) Hidden
Translation Office 3000, Version 11 (HKLM-x32\...\Translation Office 3000, Version 11_is1) (Version: - Advanced International Translations)
Translation Workspace Client 3.20 (HKLM-x32\...\Translation Workspace Client_is1) (Version: - Lionbridge Global Software Products, Inc.)
Translation Workspace XLIFF Editor 2.10.4.Stable (2013-12-13_15 (HKLM-x32\...\TranslationWorkspaceXliffEditor_is1) (Version: 2.10.4 - Lionbridge, Inc.)
UniLex Pro (HKLM-x32\...\UniLex Pro) (Version: 3.13.1.23 - Acolada GmbH)
UniLex Pro (x32 Version: 3.13.1.23 - Acolada GmbH) Hidden
UniTerm Light (HKLM-x32\...\UniTerm Light) (Version: - Acolada GmbH)
UniTerm Light (x32 Version: 4.12.9.25 - Acolada GmbH) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{B5761811-28F3-4257-B537-815C5EEF472C}) (Version: 3.2.2.182 - Vodafone)
Vodafone PC Protection (HKLM-x32\...\F-Secure ServiceEnabler 4730514) (Version: 1.71.340.0 - F-Secure Corporation)
Vodafone PC Protection (x32 Version: 1.71.340.0 - F-Secure Corporation) Hidden
VodafoneStation2 (HKLM-x32\...\org.mart3.VodafoneStation) (Version: 1.1 - Vodafone Group Services GmbH)
VodafoneStation2 (x32 Version: 1.1 - Vodafone Group Services GmbH) Hidden
welcome (x32 Version: 11.0.22500.0.0 - Nero AG) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (12/02/2011 2.3.8.1) (HKLM\...\EA90D42054890B3938D0BEF1E8A316D20C6D6003) (Version: 12/02/2011 2.3.8.1 - Realtek Semiconductor Corp.)
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\119046B6D39BBB85A700BB4D451858A003C331AC) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\4D59E7849DD13622C7CD9736C3BC8D67F8FF1F23) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\768E87C91FF81FF582D166E1AC9D74633D9B741D) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Windows-Treiberpaket - Koninklijke Philips Electronics N.V. (usbser) Ports (05/31/2012 6.0.0.0) (HKLM\...\C24BC9096B2E5D1847B32CB5C18C05C9AA99B843) (Version: 05/31/2012 6.0.0.0 - Koninklijke Philips Electronics N.V.)
Wyhlidal (HKLM-x32\...\Wyhlidal) (Version: - )
Your SDL Studio (HKLM-x32\...\{E7394661-2E20-4359-879F-98903FA2597E}) (Version: 1.00.0000 - SDL)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-584107321-1109983158-1431727784-1000_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
==================== Restore Points =========================
15-08-2014 18:29:26 Windows Update
16-08-2014 08:20:38 Windows Update
18-08-2014 06:35:56 Avira Free Antivirus - 18.08.2014 08:35
18-08-2014 13:24:01 Removed Java(TM) 6 Update 14
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2397EF68-B8EE-4221-913B-E57EA8E309DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17] (Google Inc.)
Task: {32327052-A89D-4F10-9F25-7D703B70193F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {7F2113DD-8941-4275-8FF5-DDB49AA01E42} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {80928F34-6242-4324-95FD-0A0859C20B0F} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {9EDF2181-2728-4C42-9D5B-21586CE86F58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-17] (Google Inc.)
Task: {D15818DF-1669-4345-A600-B80C857E2363} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {E6BC1221-C65F-4B75-B600-394994CE60E1} - System32\Tasks\Security Center Update - 4139784919 => C:\Users\langnet\AppData\Roaming\Ysimxae\ciaszao.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\windows\Tasks\Security Center Update - 4139784919.job => C:\Users\langnet\AppData\Roaming\Ysimxae\ciaszao.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2012-05-05 00:18 - 2010-09-10 02:26 - 00162824 _____ () C:\Windows\System32\GFNEXSrv.exe
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2011-08-23 00:19 - 2011-08-23 00:19 - 11204992 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2011-11-24 22:20 - 2011-11-24 22:20 - 00593856 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2010-12-16 00:19 - 2010-12-16 00:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2012-03-27 02:33 - 2012-03-27 02:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-05-05 00:03 - 2012-02-21 21:29 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2011-11-26 03:51 - 2011-11-26 03:51 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2013-11-02 02:52 - 2013-08-27 18:19 - 00045504 _____ () C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2012-11-26 14:49 - 2012-11-26 14:49 - 00216632 _____ () C:\Program Files (x86)\Vodafone\daas2.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-18 08:28 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\langnet\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-03-05 21:19 - 2011-02-26 20:01 - 00027648 _____ () C:\Program Files (x86)\Nemesys\dist\servicemanager.pyd
2014-03-05 21:19 - 2011-02-27 18:13 - 00110080 _____ () C:\Program Files (x86)\Nemesys\dist\pywintypes27.dll
2014-03-05 21:19 - 2011-02-26 20:00 - 00040960 _____ () C:\Program Files (x86)\Nemesys\dist\win32service.pyd
2014-03-05 21:19 - 2011-02-26 20:00 - 00096768 _____ () C:\Program Files (x86)\Nemesys\dist\win32api.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00287232 _____ () C:\Program Files (x86)\Nemesys\dist\_hashlib.pyd
2014-03-05 21:19 - 2011-02-26 20:02 - 00354304 _____ () C:\Program Files (x86)\Nemesys\dist\pythoncom27.dll
2014-03-05 21:19 - 2011-02-26 19:59 - 00017408 _____ () C:\Program Files (x86)\Nemesys\dist\win32event.pyd
2014-03-05 21:19 - 2011-06-12 15:09 - 00038400 _____ () C:\Program Files (x86)\Nemesys\dist\_socket.pyd
2014-03-05 21:19 - 2011-06-12 15:09 - 00720896 _____ () C:\Program Files (x86)\Nemesys\dist\_ssl.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00011776 _____ () C:\Program Files (x86)\Nemesys\dist\select.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00152576 _____ () C:\Program Files (x86)\Nemesys\dist\pyexpat.pyd
2014-03-05 21:19 - 2012-05-31 11:14 - 00048641 _____ () C:\Program Files (x86)\Nemesys\dist\pktman.pyd
2014-03-05 21:19 - 2012-05-11 12:35 - 00016896 _____ () C:\Program Files (x86)\Nemesys\dist\netifaces.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00106496 _____ () C:\Program Files (x86)\Nemesys\dist\_ctypes.pyd
2014-03-05 21:19 - 2011-06-12 15:06 - 00030208 _____ () C:\Program Files (x86)\Nemesys\dist\_tkinter.pyd
2014-08-13 08:49 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-13 08:49 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2013-11-02 02:56 - 2013-11-02 02:56 - 00030888 _____ () C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2013-11-02 02:52 - 2013-12-11 05:00 - 00212008 _____ () C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Spam Control\fsas.dll
2012-01-25 19:57 - 2012-01-25 19:57 - 00172032 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll
2012-05-05 00:02 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Toshiba Places Icon Utility.lnk => C:\windows\pss\Toshiba Places Icon Utility.lnk.CommonStartup
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: F-Secure Hoster (4730514) => "C:\Program Files (x86)\Vodafone\fshoster32.exe" -app -hosterid:1
MSCONFIG\startupreg: F-Secure Manager => "C:\Program Files (x86)\Vodafone\apps\ComputerSecurity\Common\FSM32.EXE" /splash
MSCONFIG\startupreg: GoogleChromeAutoLaunch_84F9BC2A18CE16FFEB8736544725BB78 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/19/2014 00:27:33 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:21:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:21:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:21:10 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:21:01 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:20:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:20:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 08:17:36 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (08/18/2014 06:42:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2014 06:42:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Lmgrd.exe, Version: 11.4.0.0, Zeitstempel: 0x452ebed9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x115c
Startzeit der fehlerhaften Anwendung: 0xLmgrd.exe0
Pfad der fehlerhaften Anwendung: Lmgrd.exe1
Pfad des fehlerhaften Moduls: Lmgrd.exe2
Berichtskennung: Lmgrd.exe3
System errors:
=============
Error: (08/19/2014 00:21:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MMCSS erreicht.
Error: (08/18/2014 06:42:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NewServiceInstall1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error: (08/18/2014 05:46:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NewServiceInstall1" wurde aufgrund folgenden Fehlers nicht gestartet:
%%193
Error: (08/18/2014 05:45:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Expat Shield Service" wurde mit folgendem Fehler beendet:
%%2
Microsoft Office Sessions:
=========================
Error: (01/28/2014 06:18:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 49121 seconds with 8340 seconds of active time. This session ended with a crash.
Error: (01/23/2014 02:02:39 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 328457 seconds with 26460 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:57:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:53:51 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:52:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 4 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:52:38 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:51:47 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:50:32 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/25/2013 00:49:16 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 394541 seconds with 5640 seconds of active time. This session ended with a crash.
Error: (10/31/2013 07:03:04 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 97032 seconds with 17940 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-11-02 00:48:37.859
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-02 00:48:37.797
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-02 00:46:36.710
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-02 00:46:36.663
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-16 00:45:00.195
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-16 00:45:00.148
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-14 16:48:58.848
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-14 16:48:58.786
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-12 04:01:23.254
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-10-12 04:01:23.207
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 75%
Total physical RAM: 3985.8 MB
Available physical RAM: 966.72 MB
Total Pagefile: 7969.79 MB
Available Pagefile: 1949.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive b: (Daten) (Fixed) (Total:100 GB) (Free:88.47 GB) NTFS
Drive c: (Systemlaufwerk) (Fixed) (Total:448.14 GB) (Free:240.74 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1DE56D1D)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=448.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.2 GB) - (Type=17)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 100 GB) (Disk ID: A7A6B0F7)
Partition 1: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
19.08.2014, 20:39
| #5 |
| /// the machine /// TB-Ausbilder | RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) Flash und Firefox updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [OdatuWlanc] => regsvr32.exe "
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.08.2014, 10:20
| #6 |
| | RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) Hallo Schrauber, erstmal vielen herzlichen Dank für die schnelle und kompetente Hilfe, die Meldung ist jetzt definitiv weg. Hier der Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 17-08-2014 01
Ran by langnet at 2014-08-20 11:18:33 Run:1
Running from C:\Users\langnet\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\...\Run: [OdatuWlanc] => regsvr32.exe "
*****************
HKU\S-1-5-21-584107321-1109983158-1431727784-1000\Software\Microsoft\Windows\CurrentVersion\Run\\OdatuWlanc => value deleted successfully.
==== End of Fixlog ====
Geändert von Kuschelweich (20.08.2014 um 10:53 Uhr) |
|
21.08.2014, 07:55
| #7 |
| /// the machine /// TB-Ausbilder | RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) klar, schiess los 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu RegSvr32 "Fehler beim Laden des Moduls """ (mal wieder...) |
| antivir, antivirus, avira, converter, cyberghost, desktop, device driver, downloader, email, error, excel, fehler, flash player, free download, google, homepage, lightning, mozilla, newtab, problem, realtek, registry, scan, software, svchost.exe, system, tr/crypt.xpack.gen, trojaner, usb, windows |
Linear-Darstellung
