| |
| |||||||
Log-Analyse und Auswertung: firefox: Stimmen (Werbung) im HintergrundWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
24.01.2015, 02:34
| #1 |
 |  firefox: Stimmen (Werbung) im Hintergrund Vorerst DANKE für Euren Einsatz und die Hilfsbereitschaft! Seit zwei Tagen tauchen während einer firefox-session in unregelmäßigen Abständen im Hintergrund Werbeeinschaltungen auf. Dies äußert sich durch Stimmen, die etwa für Geberit aqua clean, für Ford Mondeo, für eine Zahncreme oder auch für eine Internetseite, etwa haendegut-allesgut.at werben. Manchmal spielt auch nur Musik. Diese Spots dauern meist nur einige Sekunden. Ich lasse praktisch täglich, vor dem Abschalten des Laptops, die Prüfung von Advanced System Care 8 über das System laufen und dieses bereinigen. Seit etwa zwei Wochen fährt der PC auch nicht mehr herunter und meldet, dass ein Programm sidebar.exe geöffnet wäre, welches das Herunterfahren verhindert. Obwohl ich das Herunterfahren danach erzwinge, stellt das Programm jeden Tag aufs Neue ein Hindernis dar. Keine Ahnung, ob diese beiden Probleme zusammenhängen aber vielleicht ist Euch das ja auch schon untergekommen? Leider bin ich bereits jenseits der 60, ein reiner Anwender und nicht sehr bewandert in PC-Technik oder in Fachausdrücken. Habt bitte Nachsicht und Geduld mit mir. Danke! Ich werde nun versuchen, die Files von FRST einzufügen und hoffe, dass das klappt: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2015
Ran by Mösslacher (administrator) on MEINZ on 24-01-2015 01:43:23
Running from C:\Users\Mösslacher\Downloads
Loaded Profiles: Mösslacher (Available profiles: Mösslacher & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\FighterSuiteService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Xobni Corporation) C:\Program Files (x86)\Xobni\XobniService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(GARMIN Corp.) C:\Garmin\gStart.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
(A-Trust Gesellschaft für Sicherheitssysteme im elektronischen Datenverkehr GmbH) C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\acSecurityLayer.exe
() C:\Users\Mösslacher\AppData\Roaming\InetStat\inetstat.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(A-Trust GmbH) C:\Program Files (x86)\A-Trust GmbH\a.sign Client\ASignLauncher.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nokia Corporation) C:\Program Files (x86)\Common Files\Nokia\MPAPI\MPAPI3s.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\Program Files (x86)\A1 Servicecenter\A1 Diagnose\A1Diagnose.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SPAMfighter ApS) C:\Program Files (x86)\Fighters\SPAMfighter\x64\LiveKitLoader64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1812776 2009-06-26] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] ()
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-25] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1718920 2013-02-02] (Ask)
HKLM-x32\...\Run: [CommonToolkitTray] => C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1497120 2013-04-29] (SPAMfighter ApS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [sfagent] => C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe [1065504 2013-06-14] (SPAMfighter ApS)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38840 2009-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640440 2009-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [A1Diagnose] => C:\Program Files (x86)\A1 Servicecenter\A1 Diagnose\A1Diagnose.exe [31581288 2014-05-19] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software)
HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165104 2009-09-17] (Softthinks)
HKLM-x32\...\RunOnce: [STToasterLauncher] => C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [120048 2009-09-17] ()
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [gStart] => C:\Garmin\gStart.exe [1891416 2008-08-13] (GARMIN Corp.)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [Nokia.PCSync] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exe [753664 2009-10-26] (Nokia)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1451520 2009-11-11] (Nokia)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-22] (Google Inc.)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [SkyDrive] => C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [acSecurityLayer] => C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\acSecurityLayer.exe [3630976 2013-10-14] (A-Trust Gesellschaft für Sicherheitssysteme im elektronischen Datenverkehr GmbH)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [InetStat] => C:\Users\Mösslacher\AppData\Roaming\InetStat\inetstat.exe [705038 2014-12-03] ()
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit)
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {0fd28092-1d58-11e0-9096-0026b90b07f3} - E:\Autorun.exe
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {4193886c-1757-11e0-96fe-0026b90b07f3} - E:\EasySuite.exe
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {870ba202-03b1-11e0-aeb8-0026b90b07f3} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {8b8ed464-88c0-11df-8f26-0026b90b07f3} - E:\EasySuite.exe
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {a930bbff-59d7-11e2-a34b-ea29a0656500} - E:\Autorun.exe
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {eae399ea-03b4-11e0-9434-0026b90b07f3} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {f8249977-59de-11e2-bcb9-fee64fd84d01} - E:\Autorun.exe
Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\a.sign Client.lnk
ShortcutTarget: a.sign Client.lnk -> C:\Program Files (x86)\A-Trust GmbH\a.sign Client\ASignLauncher.exe (A-Trust GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk
ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
ShortcutTarget: Device Detector 3.lnk -> C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe ()
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
CHR HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aau.at/
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.google.at/
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
URLSearchHook: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=118666&babsrc=SP_ss&mntrId=defc9845000000000000904ce590adac
SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> {D402AC41-ECB2-41A2-837B-808475A3F518} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=BLPV5&o=13157&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=S3&apn_dtid=YYYYYYYYAT&apn_uid=421D6A7A-498C-4447-B563-E07E4EB07855&apn_sauid=FDF616A8-C96F-45BC-8FD2-5925860EBF2B
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {000F18F2-09EB-4A59-82B2-5AE4184C39C3} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> No Name - {3BE093E7-4650-438B-AC6F-C944C30F81AD} - No File
Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Mösslacher\AppData\Roaming\Mozilla\Firefox\Profiles\xb5lnfgc.default-1418385389766
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google (avast)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin -> C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Mösslacher\AppData\Roaming\Mozilla\Firefox\Profiles\xb5lnfgc.default-1418385389766\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Mösslacher\AppData\Roaming\Mozilla\Firefox\Profiles\xb5lnfgc.default-1418385389766\searchplugins\google-avast.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-17]
FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync
FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2009-12-31]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-04-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-31]
FF HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSearchURL: Default -> https://www.bing.com/search?setmkt=de-AT&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab?setmkt=de-AT
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}&language={language}
CHR Profile: C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-07]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-04-18]
CHR Extension: (Skype Click to Call) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-01]
CHR Extension: (Google Wallet) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07]
CHR HKLM-x32\...\Chrome\Extension: [dcillohgikpecbmgioknapdpcjofaafl] - C:\Users\Mösslacher\AppData\Roaming\Claro\claro.crx [2012-11-01]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2014-12-31]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-31]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-04-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [Not Found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-31] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-31] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-31] (Avast Software)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-03-20] (Macrovision Europe Ltd.) [File not signed]
S2 gupdate1cad8e2ad515feb; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-30] (Google Inc.)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2009-10-01] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [616448 2010-09-29] (Nokia) [File not signed]
R2 SPAMfighter Update Service; C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe [216608 2013-06-14] (SPAMfighter ApS)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.)
R2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [1281568 2013-05-29] (SPAMfighter ApS)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]
R2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [55016 2009-12-08] (Xobni Corporation)
S2 Wajam Web Enhancer; No ImagePath <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 ASAPIW2k; C:\Windows\SysWOW64\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-31] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-31] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-31] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-31] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-31] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-31] ()
R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-19] (Disc Soft Ltd)
S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [129792 2013-04-24] (Gemalto)
S3 hwusbdev; C:\Windows\System32\DRIVERS\ewusbdev.sys [114560 2009-07-24] (Huawei Technologies Co., Ltd.)
S1 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
S3 PolarUSB; C:\Windows\SysWOW64\DRIVERS\PolarUSB.sys [17343 2001-07-12] (Polar Electro) [File not signed]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-31] (Avast Software)
S3 VNUSB; C:\Windows\System32\Drivers\VNUSB.sys [22528 2009-09-29] (OLYMPUS IMAGING CORP.)
S3 VNUSB; C:\Windows\SysWOW64\Drivers\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 01:43 - 2015-01-24 01:44 - 00043637 _____ () C:\Users\Mösslacher\Downloads\FRST.txt
2015-01-24 01:43 - 2015-01-24 01:43 - 00000000 ____D () C:\FRST
2015-01-24 01:41 - 2015-01-24 01:41 - 02126848 _____ (Farbar) C:\Users\Mösslacher\Downloads\FRST64.exe
2015-01-24 01:39 - 2015-01-24 01:39 - 00000552 _____ () C:\Users\Mösslacher\Downloads\defogger_disable.log
2015-01-24 01:39 - 2015-01-24 01:39 - 00000168 _____ () C:\Users\Mösslacher\defogger_reenable
2015-01-24 01:31 - 2015-01-24 01:31 - 00050477 _____ () C:\Users\Mösslacher\Downloads\Defogger.exe
2015-01-23 23:07 - 2015-01-23 23:07 - 00000056 _____ () C:\Windows\setupact.log
2015-01-23 23:07 - 2015-01-23 23:07 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-23 23:06 - 2015-01-23 23:06 - 00000832 _____ () C:\Windows\PFRO.log
2015-01-19 10:25 - 2015-01-19 10:25 - 00000000 ____D () C:\Users\Mösslacher\Documents\Bluetooth-Exchange-Ordner
2015-01-19 09:43 - 2015-01-19 09:43 - 00000000 ____D () C:\Users\Mösslacher\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-17 12:54 - 2015-01-17 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-14 22:13 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 22:13 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 22:13 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 22:13 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 22:13 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 22:13 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 22:13 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 22:13 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 22:13 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 22:13 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 22:13 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 22:13 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 22:13 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-09 23:52 - 2015-01-09 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-01-08 10:18 - 2015-01-08 10:18 - 00003264 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1416178087-3609379480-1209820842-1000
2015-01-08 08:02 - 2015-01-21 11:13 - 113262592 _____ () C:\Windows\system32\config\software.iodefrag.bak
2015-01-08 08:02 - 2015-01-21 11:13 - 113262592 _____ () C:\Windows\system32\config\software.iodefrag
2015-01-08 08:02 - 2015-01-21 11:13 - 00733184 _____ () C:\Windows\system32\config\default.iodefrag.bak
2015-01-08 08:02 - 2015-01-21 11:13 - 00733184 _____ () C:\Windows\system32\config\default.iodefrag
2015-01-08 08:02 - 2015-01-21 11:13 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag.bak
2015-01-08 08:02 - 2015-01-21 11:13 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag
2015-01-08 08:02 - 2015-01-21 11:13 - 00028672 _____ () C:\Windows\system32\config\security.iodefrag.bak
2015-01-08 08:02 - 2015-01-21 11:13 - 00028672 _____ () C:\Windows\system32\config\security.iodefrag
2015-01-08 01:30 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe
2015-01-07 19:16 - 2015-01-23 23:36 - 00005142 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MEINZ-Mösslacher Meinz
2015-01-07 17:21 - 2015-01-07 17:21 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-07 16:56 - 2015-01-07 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-07 16:40 - 2015-01-07 16:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-07 16:39 - 2015-01-07 16:39 - 01064632 _____ (Microsoft Corporation) C:\Users\Mösslacher\Downloads\Setup.X86.de-DE_O365ProPlusRetail_137ad0f5-603b-4f90-8fb1-73497a2655e0_TX_PR_.exe
2015-01-06 10:17 - 2015-01-06 10:17 - 00000000 ____D () C:\Users\Mösslacher\Mein Backup Datei
2015-01-04 21:21 - 2015-01-04 21:21 - 00000104 _____ () C:\Users\Mösslacher\Desktop\Systemsteuerung - Verknüpfung.lnk
2014-12-31 11:51 - 2014-12-31 11:51 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\AVAST Software
2014-12-31 11:41 - 2014-12-31 11:41 - 00001972 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-12-31 11:41 - 2014-12-31 11:41 - 00001912 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-12-31 11:41 - 2014-12-31 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-12-31 11:40 - 2015-01-23 23:13 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-31 11:39 - 2014-12-31 11:40 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-12-31 11:39 - 2014-12-31 11:39 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-12-31 11:39 - 2014-12-31 11:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-12-31 11:39 - 2014-12-31 11:39 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-12-31 11:37 - 2014-12-31 11:37 - 00000000 ____D () C:\Program Files\AVAST Software
2014-12-31 10:59 - 2014-12-31 11:14 - 186654544 _____ (AVAST Software) C:\Users\Mösslacher\Downloads\avast_premier_antivirus_setup.exe
2014-12-28 09:16 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-28 09:16 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-28 09:16 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-12-28 09:16 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-28 09:16 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-28 09:16 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-28 09:16 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-28 09:16 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-12-28 09:16 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-28 09:16 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-12-27 21:52 - 2014-12-27 21:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-12-27 21:52 - 2014-12-27 21:52 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-27 21:52 - 2014-12-27 21:52 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-27 21:52 - 2014-12-27 21:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-27 21:42 - 2014-12-27 21:42 - 99778560 _____ () C:\Windows\system32\config\software.iobit
2014-12-27 21:42 - 2014-12-27 21:42 - 57733120 _____ () C:\Windows\system32\config\components.iobit
2014-12-27 21:42 - 2014-12-27 21:42 - 00667648 _____ () C:\Windows\system32\config\default.iobit
2014-12-27 21:42 - 2014-12-27 21:42 - 00065536 _____ () C:\Windows\system32\config\sam.iobit
2014-12-27 21:42 - 2014-12-27 21:42 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-12-27 21:34 - 2015-01-11 15:08 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\ProductData
2014-12-27 21:34 - 2014-12-27 21:35 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mösslacher)
2014-12-27 21:34 - 2014-12-27 21:34 - 00003176 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2014-12-27 21:33 - 2015-01-19 14:18 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-27 21:33 - 2015-01-15 16:07 - 00002147 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-27 21:33 - 2014-12-27 22:10 - 00000000 ____D () C:\ProgramData\IObit
2014-12-27 21:33 - 2014-12-27 21:33 - 00002896 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Mösslacher
2014-12-27 21:33 - 2014-12-27 21:33 - 00002864 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_Mösslacher
2014-12-27 21:33 - 2014-12-27 21:33 - 00001194 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-12-27 21:33 - 2014-12-27 21:33 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-27 21:33 - 2014-12-27 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-27 21:33 - 2014-12-27 21:33 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-12-27 21:32 - 2014-12-27 22:14 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\IObit
2014-12-27 21:32 - 2014-12-27 22:11 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-12-27 21:26 - 2014-12-27 21:29 - 44929568 _____ (IObit ) C:\Users\Mösslacher\Downloads\advanced-systemcare-setup.exe
2014-12-26 13:35 - 2014-12-26 13:35 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Systweak
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-24 01:39 - 2009-12-30 22:58 - 00000000 ____D () C:\Users\Mösslacher
2015-01-24 01:37 - 2010-04-10 20:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-24 01:02 - 2009-07-14 06:10 - 01911014 _____ () C:\Windows\WindowsUpdate.log
2015-01-24 00:56 - 2012-06-23 07:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-23 23:16 - 2012-10-12 17:23 - 00000000 ___RD () C:\Users\Mösslacher\SkyDrive
2015-01-23 23:16 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-23 23:16 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-23 23:14 - 2012-07-13 13:07 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Dropbox
2015-01-23 23:12 - 2009-12-21 15:25 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-01-23 23:11 - 2011-04-25 15:13 - 00000071 _____ () C:\Windows\SysWOW64\ToasterLauncherLog.log
2015-01-23 23:11 - 2009-12-30 22:58 - 00000000 ____D () C:\Users\Mösslacher\AppData\Local\SoftThinks
2015-01-23 23:10 - 2010-04-10 20:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-23 23:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-23 14:56 - 2012-06-23 07:49 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 14:56 - 2012-06-23 07:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 14:56 - 2011-06-26 14:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 18:33 - 2009-07-14 18:58 - 00703182 _____ () C:\Windows\system32\perfh007.dat
2015-01-22 18:33 - 2009-07-14 18:58 - 00150808 _____ () C:\Windows\system32\perfc007.dat
2015-01-22 18:33 - 2009-07-14 06:13 - 01629346 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-21 00:30 - 2014-12-03 14:35 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\MyPhoneExplorer
2015-01-20 11:36 - 2010-04-11 19:16 - 00039424 ___SH () C:\Users\Mösslacher\Documents\Thumbs.db
2015-01-20 07:46 - 2009-07-14 03:34 - 00000534 _____ () C:\Windows\win.ini
2015-01-19 19:50 - 2012-01-13 09:45 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Nitro PDF
2015-01-19 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-19 09:56 - 2010-02-05 23:37 - 00204321 _____ () C:\Windows\hpoins40.dat
2015-01-19 09:56 - 2010-02-05 23:37 - 00002390 _____ () C:\ProgramData\hpzinstall.log
2015-01-19 08:40 - 2014-12-02 18:08 - 00000000 ____D () C:\Users\Mösslacher\Documents\Hermine
2015-01-17 18:00 - 2014-11-24 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-17 13:20 - 2009-12-31 00:13 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Skype
2015-01-16 11:27 - 2014-12-03 14:34 - 00000000 ____D () C:\Program Files\WWE
2015-01-15 03:08 - 2013-09-15 17:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 03:01 - 2010-01-25 23:38 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-09 23:52 - 2009-12-31 00:12 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-09 23:52 - 2009-12-31 00:12 - 00000000 ____D () C:\ProgramData\Skype
2015-01-08 10:18 - 2014-11-24 21:32 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-08 00:57 - 2009-07-14 05:45 - 00499064 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-07 21:31 - 2009-12-30 22:58 - 00140264 _____ () C:\Users\Mösslacher\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 17:21 - 2009-12-21 15:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-01-07 17:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-07 15:41 - 2014-12-02 18:14 - 00000000 ____D () C:\Users\Mösslacher\Documents\Peter
2015-01-06 04:36 - 2010-01-17 00:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-01-01 13:09 - 2014-08-26 09:40 - 00000000 ____D () C:\Users\Mösslacher\AppData\Local\Adobe
2014-12-31 11:43 - 2014-11-25 05:51 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-12-31 11:43 - 2014-11-25 05:51 - 00000000 ____D () C:\Windows\system32\vbox
2014-12-29 12:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-29 10:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-28 14:15 - 2011-11-11 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
2014-12-27 22:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-27 21:48 - 2013-01-25 14:05 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
2014-12-27 21:48 - 2011-11-11 19:12 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FoxTab PDF Converter
2014-12-27 21:48 - 2009-12-31 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2014-12-27 21:48 - 2009-12-21 16:42 - 00000000 ____D () C:\Windows\Panther
2014-12-27 21:33 - 2010-02-07 21:47 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Apple Computer
2014-12-26 13:35 - 2014-03-20 11:15 - 00107560 _____ () C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-26 13:35 - 2014-03-20 11:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\SoftThinks
2014-12-25 21:50 - 2010-08-08 10:55 - 00000000 ____D () C:\Program Files (x86)\SPSSEV-DE
==================== Files in the root of some directories =======
2014-03-15 10:30 - 2014-03-15 10:30 - 49940480 _____ () C:\Program Files (x86)\GUT513C.tmp
2010-01-05 17:55 - 2010-04-27 20:21 - 8656832 _____ (Dell, Inc. ) C:\Users\Mösslacher\AppData\Roaming\DataSafeDotNet.exe
2012-10-15 09:41 - 2012-10-15 09:41 - 0012965 _____ () C:\Users\Mösslacher\AppData\Roaming\Kommagetrennte Werte (DOS).CAL
2010-02-06 22:13 - 2013-12-21 15:59 - 0009216 _____ () C:\Users\Mösslacher\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-02-28 09:39 - 2010-02-28 09:39 - 0000032 _____ () C:\Users\Mösslacher\AppData\Local\xobni_installer_updater.log
2009-12-31 00:14 - 2009-12-31 00:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-02-05 23:37 - 2015-01-19 09:56 - 0002390 _____ () C:\ProgramData\hpzinstall.log
Some content of TEMP:
====================
C:\Users\Mösslacher\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0hq3uu.dll
Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\nsprs.dll
C:\Windows\SysWOW64\serauth1.dll
C:\Windows\SysWOW64\serauth2.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-14 23:41
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2015
Ran by Mösslacher at 2015-01-24 01:45:09
Running from C:\Users\Mösslacher\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Amazon Kindle (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Driver Download Manager (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
FoxTab PDF Converter (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\FoxTab PDF Converter) (Version: - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
InetStat (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\InetStat) (Version: 0.5b - InetStat) <==== ATTENTION!
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
SAP GUI for Windows 7.30 (HKLM-x32\...\SAPGUI710) (Version: 7.30 Compilation 2 - SAP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPAMfighter (HKLM-x32\...\{F4714DAA-07DF-4041-97AA-A65E9E918641}) (Version: - )
SPAMfighter (HKLM-x32\...\SPAMfighter) (Version: 7.6.50 - Spamfighter ApS)
Support.com Toolbar Updater (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.2.36670 - Ask.com) <==== ATTENTION
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0) (HKLM\...\75BD84FDFF77342C2A347F729669CBD84CE11B04) (Version: 09/29/2009 2.0.0.0 - OLYMPUS IMAGING CORP.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-01-2015 07:59:54 Windows Update
07-01-2015 14:49:09 Windows Update
08-01-2015 08:17:38 IObit Uninstaller restore point
08-01-2015 08:27:28 IObit Uninstaller restore point
08-01-2015 08:30:38 IObit Uninstaller restore point
08-01-2015 08:32:48 IObit Uninstaller restore point
14-01-2015 22:12:33 Windows Update
15-01-2015 03:00:13 Windows Update
16-01-2015 10:20:26 IObit Uninstaller restore point
20-01-2015 12:47:38 Windows Update
23-01-2015 22:01:18 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-03-20 11:18 - 00000884 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {048D27BF-4903-4769-9504-B139FCE4F9A6} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {087B6FDF-F92D-47D1-952D-D90B790450AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {132A97B6-C13A-4112-B160-20BF75275FB9} - System32\Tasks\Driver Booster SkipUAC (Mösslacher) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {148D5A2D-473F-46F6-B696-9CD89EC54A92} - System32\Tasks\{25F88289-3399-4A15-BF25-062FE57BBBF5} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {1E00D63F-743A-4382-957E-E65EB064A8EE} - System32\Tasks\{E4C2D32B-FF54-4B83-8418-8F450EFBFAA4} => pcalua.exe -a E:\SAP720\vpnclient-win-msi-5.0.06.0160-k9.exe -d E:\SAP720
Task: {272A298E-F46F-48D3-BBEF-16E771F81238} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {2F311EC8-BD13-40A4-91A3-C212EB3D69C6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1416178087-3609379480-1209820842-500 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {3706FC18-435F-4458-98E7-037F59EE8901} - System32\Tasks\{74D53024-F1F7-48EE-AFD5-57DE14DCB401} => C:\Program Files (x86)\Pinnacle\Studio 9\programs\studio.exe [2004-06-08] (Pinnacle Systems)
Task: {378C48CA-1F88-4850-BDDC-043D1CA73898} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MEINZ-Mösslacher Meinz => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-01-07] (Microsoft Corporation)
Task: {3917EDF7-CAAC-4EB8-88FF-407AF2B5AB47} - System32\Tasks\D9ZP9YK1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)
Task: {393528A0-0FCA-4367-92A1-5C61D5E7C630} - System32\Tasks\avastBCLRestartS-1-5-21-1416178087-3609379480-1209820842-1000 => Firefox.exe
Task: {39A1D91C-3699-4F10-957E-FDE57548F514} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-07] (Microsoft Corporation)
Task: {39D63CE7-E1C0-432A-8433-7607CC71A551} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe
Task: {4698FDF3-C6EF-43F3-A0A9-638CED7372D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-07] (Microsoft Corporation)
Task: {4E56FF99-22C3-4BC6-8CE3-A16B41BAF1B3} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe [2014-12-10] (IObit)
Task: {53DD2630-6BA9-4053-86BF-269836E379CE} - System32\Tasks\NCH Swift Sound\scribeShakeIcon => C:\Program Files (x86)\NCH Swift Sound\Scribe\Scribe.exe [2010-07-28] (NCH Software)
Task: {55FFD6F8-73EB-465C-AAA2-B693F2D99C31} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {566C0FA6-33E7-4B5E-BE97-073C42B6F8FC} - System32\Tasks\Uninstaller_SkipUac_Mösslacher => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)
Task: {5FAF418C-DF08-4E28-88C0-23C7103C1A23} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1416178087-3609379480-1209820842-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {6CFB1886-A615-4A04-AADE-1D36266126C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1416178087-3609379480-1209820842-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {71E760C8-53B0-4719-B81F-F42CC2F6D187} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7CA98AB1-5B2F-419A-B6C6-6DEB4A0B7D34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-31] (AVAST Software)
Task: {8694EC41-F1B3-4103-865F-263E37FCF982} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {86F334EC-0421-4474-8E2C-49FB4D2F75D1} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-02-02] () <==== ATTENTION
Task: {8E6518DE-A1EE-495E-B24B-203774EFF856} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {91B9CFE7-83DF-46C6-A8F7-B8A93FEF2748} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-07] (Microsoft Corporation)
Task: {A28BEC82-E093-41DA-A376-D6858D600DE8} - System32\Tasks\ASC8_SkipUac_Mösslacher => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-19] (IObit)
Task: {D474BC52-E695-4240-AF78-0E8D787D458A} - System32\Tasks\{82296BB4-5873-44BC-BA56-1899F6363C33} => pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Windows\system32 -c "C:\Users\MSSLAC~1\AppData\Local\Temp\maps_installer_3.04_10wk17_b07_s60_5.0.Nocs.sis"
Task: {E3D2364D-935D-47CE-ABC4-2F1D9647C810} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E5CC7266-A689-4FDD-894D-5CD3890968DA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1416178087-3609379480-1209820842-500 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {F0EC0855-3AFD-4B05-A01C-DEC00BD7C174} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-12-21 15:16 - 2009-07-17 02:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2009-12-21 15:17 - 2009-07-17 02:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2013-09-16 15:44 - 2012-09-18 14:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2010-02-28 09:38 - 2009-07-31 02:58 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2013-09-16 15:45 - 2012-09-18 14:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2015-01-07 16:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2009-12-21 15:25 - 2009-09-17 20:06 - 00410864 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2014-12-03 14:33 - 2014-12-03 14:33 - 00705038 _____ () C:\Users\Mösslacher\AppData\Roaming\InetStat\inetstat.exe
2013-10-14 09:17 - 2013-10-14 09:17 - 00522624 _____ () C:\Program Files (x86)\A-Trust GmbH\a.sign Client\plug_acSecurityLayer_x64.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-10-21 02:36 - 2014-10-21 02:36 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\27062a1bd5e07ac476c1ef919d9abff5\VistaBridgeLibrary.ni.dll
2009-05-05 19:56 - 2009-05-05 19:56 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-12-21 15:20 - 2009-12-21 15:20 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-27 21:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-01-22 10:23 - 2015-01-22 10:23 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012201\algo.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2009-12-21 15:25 - 2009-09-17 20:04 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2014-12-27 21:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-12-27 21:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-12-27 21:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2014-12-27 21:33 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-12-27 21:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-12-27 21:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-12-27 21:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2009-12-21 15:25 - 2009-09-17 20:04 - 01123568 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00079088 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00234736 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00074992 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00111856 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00121072 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00025840 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00025840 ____N () C:\program files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00025840 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
2008-08-12 10:16 - 2008-08-12 10:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 13:01 - 2008-07-29 13:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 12:50 - 2008-07-29 12:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 13:47 - 2008-07-29 13:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 13:47 - 2008-07-29 13:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 13:11 - 2008-07-29 13:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2014-10-09 15:54 - 2014-10-09 15:54 - 00081056 _____ () C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2013-10-14 09:17 - 2013-10-14 09:17 - 02393984 _____ () C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\Xalan-C_1_10.dll
2013-10-14 09:17 - 2013-10-14 09:17 - 00008064 _____ () C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\XalanMessages_1_10.dll
2014-12-27 21:33 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-09-11 19:05 - 2009-09-11 19:05 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2013-06-14 15:20 - 2013-06-14 15:20 - 00541216 _____ () C:\Program Files (x86)\Fighters\SPAMfighter\sfsg.dll
2013-06-14 15:19 - 2013-06-14 15:19 - 00966688 _____ () C:\Program Files (x86)\Fighters\SPAMfighter\sfse.dll
2014-03-20 11:28 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2014-12-31 11:39 - 2014-12-31 11:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-23 23:13 - 2015-01-23 23:13 - 00043008 _____ () c:\Users\Mösslacher\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0hq3uu.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-07 17:43 - 2015-01-07 17:43 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2015-01-17 12:54 - 2015-01-17 12:55 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-09 15:54 - 2014-10-09 15:54 - 00081056 _____ () C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.DLL
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: PinnacleDriverCheck => C:\Windows\system32\PSDrvCheck.exe -CheckReg
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
========================= Accounts: ==========================
Administrator (S-1-5-21-1416178087-3609379480-1209820842-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1416178087-3609379480-1209820842-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1416178087-3609379480-1209820842-1002 - Limited - Enabled)
Mösslacher (S-1-5-21-1416178087-3609379480-1209820842-1000 - Administrator - Enabled) => C:\Users\Mösslacher
==================== Faulty Device Manager Devices =============
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/23/2015 11:08:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -550.
Error: (01/23/2015 07:57:11 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.
Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Outlook.
Error: (01/23/2015 07:57:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 15.0.4675.1003 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1d5c
Startzeit: 01d0373debf85774
Endzeit: 0
Anwendungspfad: C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
Berichts-ID: 92e61159-a331-11e4-addd-0026b90f0ba8
Error: (01/23/2015 07:53:56 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft Outlook: Rejected Safe Mode action : Outlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.
Möchten Sie im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Outlook.
Error: (01/23/2015 07:53:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 15.0.4675.1003 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 93c
Startzeit: 01d0373aa6e4dcd9
Endzeit: 0
Anwendungspfad: C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
Berichts-ID: 1cafd4b6-a331-11e4-addd-0026b90f0ba8
Error: (01/23/2015 07:46:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 35.0.0.5486, Zeitstempel: 0x54af7153
Name des fehlerhaften Moduls: mozalloc.dll, Version: 35.0.0.5486, Zeitstempel: 0x54af69d4
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x2fdc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (01/23/2015 02:35:27 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (01/23/2015 02:35:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/22/2015 05:21:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/22/2015 05:21:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
System errors:
=============
Error: (01/23/2015 11:16:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/23/2015 11:14:23 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (01/23/2015 11:08:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/23/2015 11:08:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
PCLEPCI
Error: (01/23/2015 11:07:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wajam Web Enhancer" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (01/23/2015 11:06:51 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/23/2015 11:06:51 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/23/2015 11:06:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\ASAPIW2k.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (01/23/2015 11:07:03 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 23.01.2015 um 23:05:29 unerwartet heruntergefahren.
Error: (01/23/2015 11:06:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\ASAPIW2k.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (01/23/2015 11:08:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -550
Error: (01/23/2015 07:57:11 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.
Möchten Sie im abgesicherten Modus starten?
Error: (01/23/2015 07:57:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE15.0.4675.10031d5c01d0373debf857740C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE92e61159-a331-11e4-addd-0026b90f0ba8
Error: (01/23/2015 07:53:56 PM) (Source: Microsoft Office 15) (EventID: 2001) (User: )
Description: Microsoft OutlookOutlook konnte beim letzten Mal nicht gestartet werden. Der abgesicherte Modus kann Ihnen bei der Problembehandlung behilflich sein. Einige Features sind aber in diesem Modus möglicherweise nicht verfügbar.
Möchten Sie im abgesicherten Modus starten?
Error: (01/23/2015 07:53:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE15.0.4675.100393c01d0373aa6e4dcd90C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE1cafd4b6-a331-11e4-addd-0026b90f0ba8
Error: (01/23/2015 07:46:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe35.0.0.548654af7153mozalloc.dll35.0.0.548654af69d480000003000014252fdc01d0373cbab8b658C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll317eb2da-a330-11e4-addd-0026b90f0ba8
Error: (01/23/2015 02:35:27 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (01/23/2015 02:35:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (01/22/2015 05:21:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (01/22/2015 05:21:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 4084.5 MB
Available physical RAM: 1255.02 MB
Total Pagefile: 6551.88 MB
Available Pagefile: 3044.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:0.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F20113C6)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
24.01.2015, 06:08
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | firefox: Stimmen (Werbung) im Hintergrund Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
 Schritt 1 Bitte deinstalliere folgende Programme: FoxTab PDF Converter InetStat Support.com Toolbar Updater Versuche es bei Windows 7  zunächst über Systemsteuerung/Programme deinstallieren. Sollte das nicht gehen, lade Dir bitte Revo Uninstaller  hier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter. Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus: Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3  
Schritt 4   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Geändert von deeprybka (24.01.2015 um 06:14 Uhr) |
|
26.01.2015, 01:32
| #3 |
| | firefox: Stimmen (Werbung) im Hintergrund Hallo Jürgen!
__________________Danke für Deine Hilfe! Ich habe alle vier Punkte befolgt und hoffe, dass ich nun auch die files noch richtig einfügen kann. Einen Erfolg glaube ich schon verbuchen zu können: Nachdem im Zuge Deiner vier Punkte der Rechner doch mehrmals neu gestartet werden musste, fuhr er immer klaglos herunter, ohne am "sidbar.exe" hängenzubleiben. 1) Die drei Programme sind samt ihren Überresten deinstalliert. 2) Logdatei vom AdwCleaner: Code:
ATTFilter # AdwCleaner v4.109 - Bericht erstellt am 25/01/2015 um 23:42:32
# Aktualisiert 24/01/2015 von Xplode
# Database : 2015-01-25.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Mösslacher - MEINZ
# Gestartet von : C:\Users\Mösslacher\Desktop\AdwCleaner_4.109.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : Wajam Web Enhancer
Dienst Gelöscht : Skype C2C Service
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Fighters
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters
Ordner Gelöscht : C:\Program Files (x86)\Ask.com
Ordner Gelöscht : C:\Program Files (x86)\Claro LTD
Ordner Gelöscht : C:\Program Files (x86)\DAEMON Tools Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Fighters
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Fighters
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Administrator\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Administrator\AppData\Roaming\Fighters
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Mösslacher\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Mösslacher\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Mösslacher\AppData\LocalLow\Claro LTD
Ordner Gelöscht : C:\Users\Mösslacher\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Claro LTD
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Claro
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Fighters
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Ordner Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Mösslacher\uninstaller.exe
Datei Gelöscht : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ut02n7l5.default\user.js
Datei Gelöscht : C:\Users\Mösslacher\AppData\Roaming\Mozilla\Firefox\Profiles\xb5lnfgc.default-1418385389766\user.js
Datei Gelöscht : C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
***** [ Tasks ] *****
Task Gelöscht : ASP
Task Gelöscht : Scheduled Update for Ask Toolbar
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\claro.claroappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.claroESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CommonToolkitTray]
Schlüssel Gelöscht : HKCU\Software\f53888abd34e844
Schlüssel Gelöscht : HKLM\SOFTWARE\f53888abd34e844
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{05340575-7D2A-4266-9A84-7EEBDC476884}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97C47A30-3CFB-474B-94E3-6019A7EE0610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE4FC43F-84CE-4E20-88C2-2188525B47FB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F398D871-ED00-42A8-BEAA-0209E9E59FCC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00100000-2001-0051-B4B6-006094B9D64F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00100000-2001-0054-B4B6-006094B9D64F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00100000-2001-0057-B4B6-006094B9D64F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B90F32AD-859E-4EDD-BFAE-C9216849520C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C08AB035-3820-4FA7-9420-B0259A4DA2B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DAADF07B-7D06-4AF4-B3CA-6144830077EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A903AC15-686E-4D67-A355-86FCBE9F60DA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{CCC3E766-7BA9-4629-AC1A-7F4B7F362E65}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{000F18F2-09EB-4A59-82B2-5AE4184C39C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{60295942-9E5F-4EE8-B785-3A655904D24F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D402AC41-ECB2-41A2-837B-808475A3F518}
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Claro LTD
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\ClaroDirectory
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\Fighters
Schlüssel Gelöscht : HKCU\Software\AppDataLow\AskToolbarInfo
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\APN
Schlüssel Gelöscht : HKLM\SOFTWARE\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Claro LTD
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Wajam Web Enhancer
Schlüssel Gelöscht : HKLM\SOFTWARE\Fighters
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Wajam Web Enhancer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\F092B960893592640A90584BCB4B1B9B
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\F092B960893592640A90584BCB4B1B9B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F092B960893592640A90584BCB4B1B9B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v35.0 (x86 de)
[ut02n7l5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[ut02n7l5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
[ut02n7l5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
[ut02n7l5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
[ut02n7l5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
[xb5lnfgc.default-1418385389766\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[xb5lnfgc.default-1418385389766\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
[xb5lnfgc.default-1418385389766\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
[xb5lnfgc.default-1418385389766\prefs.js] - Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v40.0.2214.91
[C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : dcillohgikpecbmgioknapdpcjofaafl
[C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\preferences] - Gelöscht [Extension] : gaiilaahiahdejapggenmdmafpmbipje
*************************
AdwCleaner[R0].txt - [20586 octets] - [25/01/2015 23:40:10]
AdwCleaner[S0].txt - [19221 octets] - [25/01/2015 23:42:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19282 octets] ##########
__________________ |
|
26.01.2015, 01:34
| #4 |
| | firefox: Stimmen (Werbung) im Hintergrund 3) Suchlaufprotokoll von MBAM Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 26.01.2015 Suchlauf-Zeit: 00:02:40 Logdatei: Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.01.25.11 Rootkit Datenbank: v2015.01.14.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Mösslacher Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 416322 Verstrichene Zeit: 22 Min, 10 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 3 PUP.Optional.Babylon.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [5ff2bb3c18710b2b4621ae4525dd54ac], PUP.Optional.DealPly.A, HKU\S-1-5-21-1416178087-3609379480-1209820842-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\gaiilaahiahdejapggenmdmafpmbipje, In Quarantäne, [480925d25732fd39543b7b2b17ec48b8], PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-1416178087-3609379480-1209820842-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced-System Protector, In Quarantäne, [fa57609786037eb8df7ab0e13fc4e020], Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 2 PUP.Optional.Wajam.A, C:\Program Files\WWE\wajam_64_IObitDel.exe, In Quarantäne, [c38e7681d1b89e984a08a25be021b24e], PUP.Optional.Wajam.A, C:\Program Files\WWE\wajam_IObitDel.exe, In Quarantäne, [dc754bac40494aec91c1629b3fc229d7], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01 Ran by Mösslacher (administrator) on MEINZ on 26-01-2015 00:54:44 Running from C:\Users\Mösslacher\Downloads Loaded Profiles: Mösslacher (Available profiles: Mösslacher & Administrator) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe () C:\Users\Mösslacher\A1Dashboard_Service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Xobni Corporation) C:\Program Files (x86)\Xobni\XobniService.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe (GARMIN Corp.) C:\Garmin\gStart.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (A-Trust Gesellschaft für Sicherheitssysteme im elektronischen Datenverkehr GmbH) C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\acSecurityLayer.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe (A-Trust GmbH) C:\Program Files (x86)\A-Trust GmbH\a.sign Client\ASignLauncher.exe (Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (OLYMPUS IMAGING CORP.) C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) C:\Program Files (x86)\A1 Servicecenter\A1 Diagnose\A1Diagnose.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Users\Mösslacher\A1Dashboard_Launcher.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Nokia Corporation) C:\Program Files (x86)\Common Files\Nokia\MPAPI\MPAPI3s.exe (Dropbox, Inc.) C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclRSSrv.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation) C:\Windows\System32\rundll32.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1812776 2009-06-26] (Synaptics Incorporated) HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [444416 2009-06-29] (IDT, Inc.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.) HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3180624 2009-07-02] (Dell Inc.) HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680 2010-02-09] () HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-06-25] (CyberLink Corp.) HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744 2009-06-24] (Creative Technology Ltd) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.) HKLM-x32\...\Run: [sfagent] => C:\Program Files (x86)\Fighters\SPAMfighter\sfagent.exe HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [38840 2009-12-22] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640440 2009-12-21] (Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [A1Diagnose] => C:\Program Files (x86)\A1 Servicecenter\A1 Diagnose\A1Diagnose.exe [31581288 2014-05-19] (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-09] (AVAST Software) HKLM-x32\...\Run: [TAG_A1Dashboard_Launcher.exe] => C:\Users\Mösslacher\A1Dashboard_Launcher.exe [518712 2013-02-04] () HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165104 2009-09-17] (Softthinks) HKLM-x32\...\RunOnce: [STToasterLauncher] => C:\program files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe [120048 2009-09-17] () HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [gStart] => C:\Garmin\gStart.exe [1891416 2008-08-13] (GARMIN Corp.) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [Nokia.PCSync] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PcSync2.exe [753664 2009-10-26] (Nokia) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1451520 2009-11-11] (Nokia) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-09-22] (Google Inc.) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [SkyDrive] => C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-09] (Microsoft Corporation) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [acSecurityLayer] => C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\acSecurityLayer.exe [3630976 2013-10-14] (A-Trust Gesellschaft für Sicherheitssysteme im elektronischen Datenverkehr GmbH) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2427680 2014-12-10] (IObit) HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2011.0627\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\RunOnce: [Uninstall C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64" HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {0fd28092-1d58-11e0-9096-0026b90b07f3} - E:\Autorun.exe HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {4193886c-1757-11e0-96fe-0026b90b07f3} - E:\EasySuite.exe HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {780f37eb-a3b3-11e4-9f9c-ee9df6362203} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {780f38c3-a3b3-11e4-9f9c-ee9df6362203} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {780f3ad4-a3b3-11e4-9f9c-ee9df6362203} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {870ba202-03b1-11e0-aeb8-0026b90b07f3} - E:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {8b8ed464-88c0-11df-8f26-0026b90b07f3} - E:\EasySuite.exe HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {a930bbff-59d7-11e2-a34b-ea29a0656500} - E:\Autorun.exe HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {eae399ea-03b4-11e0-9434-0026b90b07f3} - E:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\MountPoints2: {f8249977-59de-11e2-bcb9-fee64fd84d01} - E:\Autorun.exe Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\a.sign Client.lnk ShortcutTarget: a.sign Client.lnk -> C:\Program Files (x86)\A-Trust GmbH\a.sign Client\ASignLauncher.exe (A-Trust GmbH) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Audible Download Manager.lnk ShortcutTarget: Audible Download Manager.lnk -> C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe (Audible, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk ShortcutTarget: Device Detector 3.lnk -> C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Mösslacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) CHR HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aau.at/ HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01 SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 SearchScopes: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01 BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> No Name - {3BE093E7-4650-438B-AC6F-C944C30F81AD} - No File Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: saphtmlp - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf) Handler-x32: sapr3 - {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll (SAP, Walldorf) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 FireFox: ======== FF ProfilePath: C:\Users\Mösslacher\AppData\Roaming\Mozilla\Firefox\Profiles\xb5lnfgc.default-1418385389766 FF DefaultSearchEngine: Google (avast) FF DefaultSearchUrl: https://www.google.com/search/?trackid=sp-006 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin -> C:\Program Files (x86)\Java\jre6\bin\npDeployJava1.dll (Sun Microsystems, Inc.) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF) FF Plugin-x32: @real.com/nppl3260;version=6.0.12.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprjplug;version=1.0.3.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprphtml5videoshim;version=1.0.0.0 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.732 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np32dsw.dll (Macromedia, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\confmgr.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\ctxlogging.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\npicaN.dll () FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Mösslacher\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.) FF SearchPlugin: C:\Users\Mösslacher\AppData\Roaming\Mozilla\Firefox\Profiles\xb5lnfgc.default-1418385389766\searchplugins\google-avast.xml FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-01-17] FF HKLM-x32\...\Firefox\Extensions: [bkmrksync@nokia.com] - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync FF Extension: PC Sync 2 Synchronisation Extension - C:\Program Files (x86)\Nokia\Nokia PC Suite 7\bkmrksync [2009-12-31] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-02-05] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010-04-10] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-31] FF HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchKeyword: Default -> bing.com CHR DefaultSearchURL: Default -> https://www.bing.com/search?setmkt=de-AT&q={searchTerms} CHR DefaultNewTabURL: Default -> https://www.bing.com/chrome/newtab?setmkt=de-AT CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}&language={language} CHR Profile: C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-07] CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2010-04-18] CHR Extension: (Skype Click to Call) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-01] CHR Extension: (Google Wallet) - C:\Users\Mösslacher\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-07] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-31] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2010-04-10] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-31] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-12-31] (AVAST Software) S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-31] (Avast Software) R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation) R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-03-20] (Macrovision Europe Ltd.) [File not signed] S2 gupdate1cad8e2ad515feb; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [107912 2014-10-30] (Google Inc.) R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-12-10] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software) S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [36352 2009-10-01] () [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [616448 2010-09-29] (Nokia) [File not signed] R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [240128 2009-06-29] (IDT, Inc.) R2 TAG_Service; C:\Users\Mösslacher\A1Dashboard_Service.exe [500792 2013-02-04] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed] R2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [55016 2009-12-08] (Xobni Corporation) S2 SPAMfighter Update Service; "C:\Program Files (x86)\Fighters\SPAMfighter\sfus.exe" [X] S2 Suite Service; C:\Program Files (x86)\Fighters\FighterSuiteService.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation) S3 ASAPIW2k; C:\Windows\SysWOW64\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH) [File not signed] R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-31] () R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-12-31] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-31] (AVAST Software) R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-12-31] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-31] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-31] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-31] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-31] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-31] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-31] () R3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] () R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-08-19] (Disc Soft Ltd) S3 GemCCID; C:\Windows\System32\Drivers\GemCCID.sys [129792 2013-04-24] (Gemalto) S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [218624 2011-09-09] (Huawei Technologies Co., Ltd.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-26] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) S1 PCLEPCI; C:\Windows\SysWOW64\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed] S3 PolarUSB; C:\Windows\SysWOW64\DRIVERS\PolarUSB.sys [17343 2001-07-12] (Polar Electro) [File not signed] R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-31] (Avast Software) S3 VNUSB; C:\Windows\System32\Drivers\VNUSB.sys [22528 2009-09-29] (OLYMPUS IMAGING CORP.) S3 VNUSB; C:\Windows\SysWOW64\Drivers\VNUSB.sys [38496 2006-04-07] (OLYMPUS IMAGING CORP.) [File not signed] S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-26 00:54 - 2015-01-26 00:54 - 00000000 ____D () C:\Users\Mösslacher\Downloads\FRST-OlderVersion 2015-01-25 23:58 - 2015-01-26 00:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-01-25 23:58 - 2015-01-25 23:58 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-01-25 23:58 - 2015-01-25 23:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-01-25 23:58 - 2015-01-25 23:58 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-01-25 23:58 - 2015-01-25 23:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-01-25 23:58 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-01-25 23:58 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-01-25 23:58 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-01-25 23:54 - 2015-01-25 23:56 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Mösslacher\Downloads\mbam-setup-2.0.4.1028.exe 2015-01-25 23:49 - 2015-01-25 23:49 - 00019539 _____ () C:\Users\Mösslacher\Desktop\AdwCleaner[S0].txt 2015-01-25 23:40 - 2015-01-25 23:42 - 00000000 ____D () C:\AdwCleaner 2015-01-25 23:38 - 2015-01-25 23:38 - 02194432 _____ () C:\Users\Mösslacher\Desktop\AdwCleaner_4.109.exe 2015-01-24 11:59 - 2015-01-24 11:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf 2015-01-24 11:59 - 2015-01-24 11:59 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf 2015-01-24 11:58 - 2015-01-24 13:10 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\TAG 2015-01-24 11:58 - 2015-01-24 11:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jubusenum_01007.Wdf 2015-01-24 11:58 - 2015-01-24 11:58 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Sierra Wireless 2015-01-24 11:58 - 2011-10-24 15:36 - 00422400 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2015-01-24 11:58 - 2011-09-09 10:51 - 00218624 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2015-01-24 11:58 - 2011-09-09 10:51 - 00098304 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2015-01-24 11:58 - 2011-09-09 10:51 - 00087040 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2015-01-24 11:58 - 2011-09-09 10:51 - 00072192 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2015-01-24 11:58 - 2011-09-09 10:51 - 00028672 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2015-01-24 11:58 - 2011-08-16 16:17 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2015-01-24 11:58 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll 2015-01-24 11:58 - 2011-08-16 15:40 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll 2015-01-24 11:58 - 2010-10-08 15:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2015-01-24 11:58 - 2010-09-26 17:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2015-01-24 11:58 - 2010-08-06 06:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys 2015-01-24 11:58 - 2010-07-27 08:52 - 00117248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2015-01-24 11:58 - 2010-03-20 11:06 - 00013952 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2015-01-24 11:57 - 2015-01-24 11:57 - 00001642 _____ () C:\Users\Public\Desktop\A1 Dashboard.lnk 2015-01-24 11:57 - 2015-01-24 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1 Dashboard 2015-01-24 11:56 - 2015-01-24 11:56 - 00000000 ____D () C:\Users\Mösslacher\Images_bobInternetsoftware 2015-01-24 11:56 - 2015-01-24 11:56 - 00000000 ____D () C:\Users\Mösslacher\Images 2015-01-24 11:56 - 2015-01-24 11:56 - 00000000 ____D () C:\Users\Mösslacher\bobInternetsoftware 2015-01-24 11:56 - 2013-02-04 12:59 - 01781986 _____ () C:\Users\Mösslacher\Help_TAG_0007.chm 2015-01-24 11:56 - 2013-02-04 12:59 - 01146535 _____ () C:\Users\Mösslacher\Help_TAG_0009.chm 2015-01-24 11:56 - 2013-02-04 12:59 - 00109932 _____ () C:\Users\Mösslacher\DeviceDetails.xml 2015-01-24 11:56 - 2013-02-04 12:59 - 00099816 _____ () C:\Users\Mösslacher\Networks.xml 2015-01-24 11:56 - 2013-02-04 12:59 - 00001580 _____ () C:\Users\Mösslacher\config.xml 2015-01-24 11:56 - 2013-02-04 12:58 - 04254264 _____ (WebToGo Gmbh) C:\Users\Mösslacher\A1Dashboard.exe 2015-01-24 11:56 - 2013-02-04 12:58 - 00518712 _____ () C:\Users\Mösslacher\A1Dashboard_Launcher.exe 2015-01-24 11:56 - 2013-02-04 12:58 - 00500792 _____ () C:\Users\Mösslacher\A1Dashboard_Service.exe 2015-01-24 11:56 - 2013-02-04 12:57 - 00952888 _____ () C:\Users\Mösslacher\A1Dashboard_Upgrader.exe 2015-01-24 11:56 - 2013-02-04 12:57 - 00208896 _____ (TODO: <Company name>) C:\Users\Mösslacher\WTGHuaweiNDISUtil.dll 2015-01-24 11:56 - 2013-02-04 12:56 - 00565248 _____ (WebToGo Mobiles Internet GmbH) C:\Users\Mösslacher\WTGAlertsEx.dll 2015-01-24 11:56 - 2013-02-04 12:56 - 00318976 _____ () C:\Users\Mösslacher\WtgMobileBroadband764.dll 2015-01-24 11:56 - 2013-02-04 12:56 - 00256512 _____ () C:\Users\Mösslacher\WtgMobileBroadband7.dll 2015-01-24 11:56 - 2013-02-04 12:42 - 00045215 _____ () C:\Users\Mösslacher\Strings_TAG_CM_0009.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00004108 _____ () C:\Users\Mösslacher\Images_TAG_Installer_0009.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00004108 _____ () C:\Users\Mösslacher\Images_TAG_Installer_0007.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00003919 _____ () C:\Users\Mösslacher\Images_TAG_Uninstaller_0009.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00003919 _____ () C:\Users\Mösslacher\Images_TAG_Uninstaller_0007.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00001933 _____ () C:\Users\Mösslacher\Strings_TAG_Uninstaller_0007.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00001842 _____ () C:\Users\Mösslacher\Strings_TAG_Uninstaller_0009.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00001732 _____ () C:\Users\Mösslacher\Images_TAG_Upgrader_0009.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00001732 _____ () C:\Users\Mösslacher\Images_TAG_Upgrader_0007.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00001233 _____ () C:\Users\Mösslacher\Strings_TAG_Upgrader_0007.xml 2015-01-24 11:56 - 2013-02-04 12:42 - 00001164 _____ () C:\Users\Mösslacher\Strings_TAG_Upgrader_0009.xml 2015-01-24 11:56 - 2013-02-04 12:41 - 00047998 _____ () C:\Users\Mösslacher\Strings_TAG_CM_0007.xml 2015-01-24 11:56 - 2013-02-04 12:41 - 00032245 _____ () C:\Users\Mösslacher\Images_TAG_CM_0009.xml 2015-01-24 11:56 - 2013-02-04 12:41 - 00032245 _____ () C:\Users\Mösslacher\Images_TAG_CM_0007.xml 2015-01-24 11:56 - 2013-02-04 12:41 - 00001864 _____ () C:\Users\Mösslacher\Profiles.xml 2015-01-24 11:56 - 2013-01-31 04:50 - 00011370 _____ () C:\Users\Mösslacher\KD.xml 2015-01-24 11:56 - 2013-01-07 05:46 - 00036118 _____ () C:\Users\Mösslacher\Controls_TAG_CM_0007.xml 2015-01-24 11:56 - 2013-01-07 05:41 - 00036043 _____ () C:\Users\Mösslacher\Controls_TAG_CM_0009.xml 2015-01-24 11:56 - 2012-11-06 13:22 - 01509888 _____ () C:\Users\Mösslacher\QMI_Server.dll 2015-01-24 11:56 - 2012-11-06 13:22 - 00086070 _____ (Open Source Software community project) C:\Users\Mösslacher\pthreadVC2.dll 2015-01-24 11:56 - 2012-11-06 13:22 - 00055296 _____ () C:\Users\Mösslacher\ObtainNetData.dll 2015-01-24 11:56 - 2012-10-02 08:47 - 00002049 _____ () C:\Users\Mösslacher\Controls_TAG_Installer_0009.xml 2015-01-24 11:56 - 2012-10-02 08:46 - 00002051 _____ () C:\Users\Mösslacher\Controls_TAG_Installer_0007.xml 2015-01-24 11:56 - 2012-10-02 08:45 - 00001500 _____ () C:\Users\Mösslacher\Controls_TAG_Uninstaller_0009.xml 2015-01-24 11:56 - 2012-10-02 08:45 - 00001500 _____ () C:\Users\Mösslacher\Controls_TAG_Uninstaller_0007.xml 2015-01-24 11:56 - 2012-10-01 16:23 - 00000865 _____ () C:\Users\Mösslacher\Fonts_TAG_Uninstaller_0007.xml 2015-01-24 11:56 - 2012-10-01 16:22 - 00000865 _____ () C:\Users\Mösslacher\Fonts_TAG_Uninstaller_0009.xml 2015-01-24 11:56 - 2012-09-27 13:48 - 00000703 _____ () C:\Users\Mösslacher\Controls_TAG_Upgrader_0007.xml 2015-01-24 11:56 - 2012-08-31 11:54 - 00000364 _____ () C:\Users\Mösslacher\Skins.xml 2015-01-24 11:56 - 2012-08-24 17:12 - 00001062 _____ () C:\Users\Mösslacher\Fonts_TAG_Installer_0007.xml 2015-01-24 11:56 - 2012-08-24 17:12 - 00000959 _____ () C:\Users\Mösslacher\Fonts_TAG_Installer_0009.xml 2015-01-24 11:56 - 2012-08-16 13:44 - 00001975 _____ () C:\Users\Mösslacher\threshold_cut.html 2015-01-24 11:56 - 2012-08-16 13:43 - 00001131 _____ () C:\Users\Mösslacher\threshold.html 2015-01-24 11:56 - 2012-08-16 13:42 - 00002990 _____ () C:\Users\Mösslacher\network_wifi_disconnect.html 2015-01-24 11:56 - 2012-08-16 13:42 - 00002121 _____ () C:\Users\Mösslacher\network_available.html 2015-01-24 11:56 - 2012-08-16 13:40 - 00002918 _____ () C:\Users\Mösslacher\network.html 2015-01-24 11:56 - 2012-08-16 13:38 - 00001212 _____ () C:\Users\Mösslacher\info.html 2015-01-24 11:56 - 2012-08-16 13:37 - 00001123 _____ () C:\Users\Mösslacher\deliveryreport_sms.html 2015-01-24 11:56 - 2012-08-16 13:37 - 00001119 _____ () C:\Users\Mösslacher\general_sms.html 2015-01-24 11:56 - 2012-08-16 11:11 - 00001125 _____ () C:\Users\Mösslacher\billing_sms.html 2015-01-24 11:56 - 2012-07-26 13:55 - 00001061 _____ () C:\Users\Mösslacher\Help_TAG_CM_0009.xml 2015-01-24 11:56 - 2012-07-26 13:55 - 00001061 _____ () C:\Users\Mösslacher\Help_TAG_CM_0007.xml 2015-01-24 11:56 - 2012-06-28 15:47 - 00000703 _____ () C:\Users\Mösslacher\Controls_TAG_Upgrader_0009.xml 2015-01-24 11:56 - 2012-06-27 18:26 - 00004081 _____ () C:\Users\Mösslacher\Fonts_TAG_CM_0009.xml 2015-01-24 11:56 - 2012-06-27 18:26 - 00004081 _____ () C:\Users\Mösslacher\Fonts_TAG_CM_0007.xml 2015-01-24 11:56 - 2012-06-27 10:40 - 00000577 _____ () C:\Users\Mösslacher\Fonts_TAG_Upgrader_0007.xml 2015-01-24 11:56 - 2012-06-27 10:39 - 00000577 _____ () C:\Users\Mösslacher\Fonts_TAG_Upgrader_0009.xml 2015-01-24 11:56 - 2012-06-26 17:45 - 00010182 _____ () C:\Users\Mösslacher\Colors_TAG_CM_0009.xml 2015-01-24 11:56 - 2012-06-26 17:45 - 00010181 _____ () C:\Users\Mösslacher\Colors_TAG_CM_0007.xml 2015-01-24 11:56 - 2012-05-28 11:38 - 00007935 _____ () C:\Users\Mösslacher\HR.xml 2015-01-24 11:56 - 2012-04-24 16:02 - 01615736 _____ (mquadr.at software engineering and consulting GmbH) C:\Users\Mösslacher\m2Recoverykit.dll 2015-01-24 11:56 - 2012-04-04 13:16 - 00000268 _____ () C:\Users\Mösslacher\ConnectionPriorities.xml 2015-01-24 11:56 - 2012-03-13 09:47 - 00648014 _____ (PDFlib GmbH) C:\Users\Mösslacher\pdflib.dll 2015-01-24 11:56 - 2012-01-25 10:38 - 01230336 _____ (Microsoft Corporation) C:\Users\Mösslacher\msxml4.dll 2015-01-24 11:56 - 2012-01-25 10:38 - 01097728 _____ () C:\Users\Mösslacher\NDISAPI.dll 2015-01-24 11:56 - 2012-01-25 10:38 - 00289616 _____ () C:\Users\Mösslacher\ejectdisk.exe 2015-01-24 11:56 - 2012-01-25 10:38 - 00206848 _____ (Huawei Technologies Co., Ltd.) C:\Users\Mösslacher\Del_CD_ROM64.exe 2015-01-24 11:56 - 2012-01-25 10:38 - 00082432 _____ (Microsoft Corporation) C:\Users\Mösslacher\msxml4r.dll 2015-01-24 11:56 - 2012-01-25 10:38 - 00001218 _____ () C:\Users\Mösslacher\error.html 2015-01-24 11:56 - 2012-01-25 10:38 - 00001153 _____ () C:\Users\Mösslacher\ads.html 2015-01-24 11:56 - 2012-01-25 10:38 - 00001086 _____ () C:\Users\Mösslacher\plain.html 2015-01-24 11:56 - 2012-01-25 10:38 - 00001074 _____ () C:\Users\Mösslacher\sms.html 2015-01-24 11:56 - 2012-01-25 10:38 - 00000949 _____ () C:\Users\Mösslacher\img_ads.html 2015-01-24 11:56 - 2011-09-22 09:36 - 00788728 _____ (QUALCOMM, Inc.) C:\Users\Mösslacher\QCWWAN2k.dll 2015-01-24 11:56 - 2011-09-22 09:36 - 00644344 _____ (QUALCOMM, Inc.) C:\Users\Mösslacher\QCWWAN.dll 2015-01-24 11:56 - 2011-09-22 09:36 - 00542064 _____ () C:\Users\Mösslacher\SierraLTEGobiApi.dll 2015-01-24 11:56 - 2011-04-15 09:49 - 00881664 _____ (QUALCOMM, Inc.) C:\Users\Mösslacher\OptionGobiConnectionMgmt.dll 2015-01-24 11:56 - 2011-04-15 09:49 - 00881664 _____ (QUALCOMM, Inc.) C:\Users\Mösslacher\GobiConnectionMgmt.dll 2015-01-24 11:56 - 2011-04-15 09:49 - 00881152 _____ (HUAWEI Technologies Co., Ltd.) C:\Users\Mösslacher\HuaweiGobiConnectionMgmt.dll 2015-01-24 11:56 - 2011-04-15 09:49 - 00841072 _____ (Sierra Wireless, Inc.) C:\Users\Mösslacher\SierraGobiConnectionMgmt.dll 2015-01-24 10:58 - 2015-01-26 00:35 - 00015029 _____ () C:\Windows\setupact.log 2015-01-24 10:58 - 2015-01-26 00:34 - 00009514 _____ () C:\Windows\PFRO.log 2015-01-24 10:58 - 2015-01-24 10:58 - 00000000 _____ () C:\Windows\setuperr.log 2015-01-24 10:57 - 2015-01-24 10:57 - 00000000 ____H () C:\asc_rdflag 2015-01-24 01:52 - 2015-01-24 01:52 - 00380416 _____ () C:\Users\Mösslacher\Downloads\Gmer-19357.exe 2015-01-24 01:45 - 2015-01-24 01:46 - 00048601 _____ () C:\Users\Mösslacher\Downloads\Addition.txt 2015-01-24 01:43 - 2015-01-26 00:55 - 00041394 _____ () C:\Users\Mösslacher\Downloads\FRST.txt 2015-01-24 01:43 - 2015-01-26 00:54 - 00000000 ____D () C:\FRST 2015-01-24 01:41 - 2015-01-26 00:54 - 02129920 _____ (Farbar) C:\Users\Mösslacher\Downloads\FRST64.exe 2015-01-24 01:39 - 2015-01-24 01:39 - 00000552 _____ () C:\Users\Mösslacher\Downloads\defogger_disable.log 2015-01-24 01:39 - 2015-01-24 01:39 - 00000168 _____ () C:\Users\Mösslacher\defogger_reenable 2015-01-24 01:31 - 2015-01-24 01:31 - 00050477 _____ () C:\Users\Mösslacher\Downloads\Defogger.exe 2015-01-19 10:25 - 2015-01-19 10:25 - 00000000 ____D () C:\Users\Mösslacher\Documents\Bluetooth-Exchange-Ordner 2015-01-19 09:43 - 2015-01-19 09:43 - 00000000 ____D () C:\Users\Mösslacher\Documents\Benutzerdefinierte Office-Vorlagen 2015-01-17 12:54 - 2015-01-17 12:55 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-01-14 22:13 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2015-01-14 22:13 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2015-01-14 22:13 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-01-14 22:13 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-01-14 22:13 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-01-14 22:13 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-01-14 22:13 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-01-14 22:13 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-01-14 22:13 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-01-14 22:13 - 2014-12-11 18:47 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2015-01-14 22:13 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2015-01-14 22:13 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2015-01-14 22:13 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2015-01-09 23:52 - 2015-01-09 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-01-08 10:18 - 2015-01-08 10:18 - 00003264 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-1416178087-3609379480-1209820842-1000 2015-01-08 08:02 - 2015-01-24 10:57 - 113262592 _____ () C:\Windows\system32\config\software.iodefrag.bak 2015-01-08 08:02 - 2015-01-24 10:57 - 113262592 _____ () C:\Windows\system32\config\software.iodefrag 2015-01-08 08:02 - 2015-01-24 10:57 - 00733184 _____ () C:\Windows\system32\config\default.iodefrag.bak 2015-01-08 08:02 - 2015-01-24 10:57 - 00733184 _____ () C:\Windows\system32\config\default.iodefrag 2015-01-08 08:02 - 2015-01-24 10:57 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag.bak 2015-01-08 08:02 - 2015-01-24 10:57 - 00065536 _____ () C:\Windows\system32\config\sam.iodefrag 2015-01-08 08:02 - 2015-01-24 10:57 - 00028672 _____ () C:\Windows\system32\config\security.iodefrag.bak 2015-01-08 08:02 - 2015-01-24 10:57 - 00028672 _____ () C:\Windows\system32\config\security.iodefrag 2015-01-08 01:30 - 2014-10-16 10:27 - 00027424 _____ (IObit) C:\Windows\system32\RegistryDefragBootTime.exe 2015-01-07 19:16 - 2015-01-26 00:50 - 00005144 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MEINZ-Mösslacher Meinz 2015-01-07 17:21 - 2015-01-07 17:21 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2015-01-07 16:56 - 2015-01-07 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-01-07 16:40 - 2015-01-07 16:42 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-01-07 16:39 - 2015-01-07 16:39 - 01064632 _____ (Microsoft Corporation) C:\Users\Mösslacher\Downloads\Setup.X86.de-DE_O365ProPlusRetail_137ad0f5-603b-4f90-8fb1-73497a2655e0_TX_PR_.exe 2015-01-06 10:17 - 2015-01-06 10:17 - 00000000 ____D () C:\Users\Mösslacher\Mein Backup Datei 2015-01-04 21:21 - 2015-01-04 21:21 - 00000104 _____ () C:\Users\Mösslacher\Desktop\Systemsteuerung - Verknüpfung.lnk 2014-12-31 11:51 - 2014-12-31 11:51 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\AVAST Software 2014-12-31 11:41 - 2014-12-31 11:41 - 00001972 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk 2014-12-31 11:41 - 2014-12-31 11:41 - 00001912 _____ () C:\Users\Public\Desktop\Avast Premier.lnk 2014-12-31 11:41 - 2014-12-31 11:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2014-12-31 11:40 - 2015-01-26 00:39 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-12-31 11:39 - 2014-12-31 11:40 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-12-31 11:39 - 2014-12-31 11:39 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-12-31 11:39 - 2014-12-31 11:39 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-12-31 11:39 - 2014-12-31 11:39 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2014-12-31 11:37 - 2014-12-31 11:37 - 00000000 ____D () C:\Program Files\AVAST Software 2014-12-31 10:59 - 2014-12-31 11:14 - 186654544 _____ (AVAST Software) C:\Users\Mösslacher\Downloads\avast_premier_antivirus_setup.exe 2014-12-28 09:16 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-12-28 09:16 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-12-28 09:16 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-12-28 09:16 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-12-28 09:16 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-12-28 09:16 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-12-28 09:16 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-12-28 09:16 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-12-28 09:16 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-12-28 09:16 - 2014-05-08 10:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00384000 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-12-27 21:52 - 2014-12-27 21:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-12-27 21:52 - 2014-12-27 21:52 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-12-27 21:52 - 2014-12-27 21:52 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-12-27 21:52 - 2014-12-27 21:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-12-27 21:42 - 2014-12-27 21:42 - 99778560 _____ () C:\Windows\system32\config\software.iobit 2014-12-27 21:42 - 2014-12-27 21:42 - 57733120 _____ () C:\Windows\system32\config\components.iobit 2014-12-27 21:42 - 2014-12-27 21:42 - 00667648 _____ () C:\Windows\system32\config\default.iobit 2014-12-27 21:42 - 2014-12-27 21:42 - 00065536 _____ () C:\Windows\system32\config\sam.iobit 2014-12-27 21:42 - 2014-12-27 21:42 - 00028672 _____ () C:\Windows\system32\config\security.iobit 2014-12-27 21:34 - 2015-01-11 15:08 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\ProductData 2014-12-27 21:34 - 2014-12-27 21:35 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Mösslacher) 2014-12-27 21:33 - 2015-01-19 14:18 - 00000000 ____D () C:\ProgramData\ProductData 2014-12-27 21:33 - 2015-01-15 16:07 - 00002147 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk 2014-12-27 21:33 - 2014-12-27 22:10 - 00000000 ____D () C:\ProgramData\IObit 2014-12-27 21:33 - 2014-12-27 21:33 - 00002896 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Mösslacher 2014-12-27 21:33 - 2014-12-27 21:33 - 00002864 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_Mösslacher 2014-12-27 21:33 - 2014-12-27 21:33 - 00001194 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk 2014-12-27 21:33 - 2014-12-27 21:33 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled 2014-12-27 21:33 - 2014-12-27 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8 2014-12-27 21:33 - 2014-12-27 21:33 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} 2014-12-27 21:32 - 2014-12-27 22:14 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\IObit 2014-12-27 21:32 - 2014-12-27 22:11 - 00000000 ____D () C:\Program Files (x86)\IObit 2014-12-27 21:26 - 2014-12-27 21:29 - 44929568 _____ (IObit ) C:\Users\Mösslacher\Downloads\advanced-systemcare-setup.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-01-26 00:56 - 2012-06-23 07:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-01-26 00:52 - 2009-07-14 06:10 - 02064245 _____ () C:\Windows\WindowsUpdate.log 2015-01-26 00:43 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-01-26 00:43 - 2009-07-14 05:45 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-01-26 00:40 - 2012-10-12 17:23 - 00000000 ___RD () C:\Users\Mösslacher\SkyDrive 2015-01-26 00:40 - 2012-07-13 13:07 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Dropbox 2015-01-26 00:38 - 2011-04-25 15:13 - 00000071 _____ () C:\Windows\SysWOW64\ToasterLauncherLog.log 2015-01-26 00:38 - 2009-12-30 22:58 - 00000000 ____D () C:\Users\Mösslacher\AppData\Local\SoftThinks 2015-01-26 00:38 - 2009-12-21 15:25 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup 2015-01-26 00:37 - 2010-04-10 20:26 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-26 00:37 - 2010-04-10 20:26 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-26 00:35 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-01-26 00:31 - 2014-12-03 14:34 - 00000000 ____D () C:\Program Files\WWE 2015-01-26 00:31 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources 2015-01-25 23:42 - 2010-08-15 15:36 - 00000000 ____D () C:\ProgramData\Fighters 2015-01-25 23:42 - 2009-12-30 22:58 - 00000000 ____D () C:\Users\Mösslacher 2015-01-25 23:31 - 2011-11-11 19:12 - 00000000 ____D () C:\Program Files (x86)\FoxTabPDFConverter 2015-01-25 22:08 - 2009-12-31 00:13 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Skype 2015-01-25 20:57 - 2012-06-23 07:49 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-01-25 20:57 - 2012-06-23 07:49 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-01-25 20:57 - 2011-06-26 14:37 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-01-24 12:31 - 2009-07-14 18:58 - 00703182 _____ () C:\Windows\system32\perfh007.dat 2015-01-24 12:31 - 2009-07-14 18:58 - 00150808 _____ () C:\Windows\system32\perfc007.dat 2015-01-24 12:31 - 2009-07-14 06:13 - 01629346 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-01-21 00:30 - 2014-12-03 14:35 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\MyPhoneExplorer 2015-01-20 11:36 - 2010-04-11 19:16 - 00039424 ___SH () C:\Users\Mösslacher\Documents\Thumbs.db 2015-01-20 07:46 - 2009-07-14 03:34 - 00000534 _____ () C:\Windows\win.ini 2015-01-19 19:50 - 2012-01-13 09:45 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Nitro PDF 2015-01-19 11:00 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-01-19 09:56 - 2010-02-05 23:37 - 00204321 _____ () C:\Windows\hpoins40.dat 2015-01-19 09:56 - 2010-02-05 23:37 - 00002390 _____ () C:\ProgramData\hpzinstall.log 2015-01-19 08:40 - 2014-12-02 18:08 - 00000000 ____D () C:\Users\Mösslacher\Documents\Hermine 2015-01-17 18:00 - 2014-11-24 21:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-01-15 03:08 - 2013-09-15 17:56 - 00000000 ____D () C:\Windows\system32\MRT 2015-01-15 03:01 - 2010-01-25 23:38 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-01-09 23:52 - 2009-12-31 00:12 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-01-09 23:52 - 2009-12-31 00:12 - 00000000 ____D () C:\ProgramData\Skype 2015-01-08 10:18 - 2014-11-24 21:32 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-01-08 00:57 - 2009-07-14 05:45 - 00499064 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-01-07 21:31 - 2009-12-30 22:58 - 00140264 _____ () C:\Users\Mösslacher\AppData\Local\GDIPFONTCACHEV1.DAT 2015-01-07 17:21 - 2009-12-21 15:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2015-01-07 17:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-01-07 15:41 - 2014-12-02 18:14 - 00000000 ____D () C:\Users\Mösslacher\Documents\Peter 2015-01-06 04:36 - 2010-01-17 00:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-01-01 13:09 - 2014-08-26 09:40 - 00000000 ____D () C:\Users\Mösslacher\AppData\Local\Adobe 2014-12-31 11:43 - 2014-11-25 05:51 - 00000000 ____D () C:\Windows\SysWOW64\vbox 2014-12-31 11:43 - 2014-11-25 05:51 - 00000000 ____D () C:\Windows\system32\vbox 2014-12-29 12:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2014-12-29 10:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-12-27 22:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-12-27 21:48 - 2009-12-31 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite 2014-12-27 21:48 - 2009-12-21 16:42 - 00000000 ____D () C:\Windows\Panther 2014-12-27 21:33 - 2010-02-07 21:47 - 00000000 ____D () C:\Users\Mösslacher\AppData\Roaming\Apple Computer ==================== Files in the root of some directories ======= 2014-03-15 10:30 - 2014-03-15 10:30 - 49940480 _____ () C:\Program Files (x86)\GUT513C.tmp 2010-01-05 17:55 - 2010-04-27 20:21 - 8656832 _____ (Dell, Inc. ) C:\Users\Mösslacher\AppData\Roaming\DataSafeDotNet.exe 2012-10-15 09:41 - 2012-10-15 09:41 - 0012965 _____ () C:\Users\Mösslacher\AppData\Roaming\Kommagetrennte Werte (DOS).CAL 2010-02-06 22:13 - 2013-12-21 15:59 - 0009216 _____ () C:\Users\Mösslacher\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-02-28 09:39 - 2010-02-28 09:39 - 0000032 _____ () C:\Users\Mösslacher\AppData\Local\xobni_installer_updater.log 2009-12-31 00:14 - 2009-12-31 00:14 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2010-02-05 23:37 - 2015-01-19 09:56 - 0002390 _____ () C:\ProgramData\hpzinstall.log Files to move or delete: ==================== C:\Users\Mösslacher\A1Dashboard.exe C:\Users\Mösslacher\A1Dashboard_Launcher.exe C:\Users\Mösslacher\A1Dashboard_Service.exe C:\Users\Mösslacher\A1Dashboard_Upgrader.exe C:\Users\Mösslacher\Del_CD_ROM64.exe C:\Users\Mösslacher\ejectdisk.exe C:\Users\Mösslacher\GobiConnectionMgmt.dll C:\Users\Mösslacher\HuaweiGobiConnectionMgmt.dll C:\Users\Mösslacher\m2Recoverykit.dll C:\Users\Mösslacher\msxml4.dll C:\Users\Mösslacher\msxml4r.dll C:\Users\Mösslacher\NDISAPI.dll C:\Users\Mösslacher\ObtainNetData.dll C:\Users\Mösslacher\OptionGobiConnectionMgmt.dll C:\Users\Mösslacher\pdflib.dll C:\Users\Mösslacher\pthreadVC2.dll C:\Users\Mösslacher\QCWWAN.dll C:\Users\Mösslacher\QCWWAN2k.dll C:\Users\Mösslacher\QMI_Server.dll C:\Users\Mösslacher\SierraGobiConnectionMgmt.dll C:\Users\Mösslacher\SierraLTEGobiApi.dll C:\Users\Mösslacher\WTGAlertsEx.dll C:\Users\Mösslacher\WTGHuaweiNDISUtil.dll C:\Users\Mösslacher\WtgMobileBroadband7.dll C:\Users\Mösslacher\WtgMobileBroadband764.dll Some content of TEMP: ==================== C:\Users\Mösslacher\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp76roid.dll C:\Users\Mösslacher\AppData\Local\Temp\Quarantine.exe C:\Users\Mösslacher\AppData\Local\Temp\sqlite3.dll Some zero byte size files/folders: ========================== C:\Windows\SysWOW64\nsprs.dll C:\Windows\SysWOW64\serauth1.dll C:\Windows\SysWOW64\serauth2.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-01-24 11:41 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Mösslacher at 2015-01-26 00:56:20
Running from C:\Users\Mösslacher\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
A1 Dashboard (HKLM-x32\...\TAG) (Version: 2.0.2 - A1 Telekom Austria AG)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Amazon Kindle (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Amazon Kindle) (Version: - Amazon)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Driver Download Manager (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dropbox (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.91 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.1.6.25 - IObit)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\...\OneDriveSetup.exe) (Version: 17.3.1229.0918 - Microsoft Corporation)
Microsoft redistributable runtime DLLs VS2008 SP1(x86) (HKLM-x32\...\{A47A9101-6EB5-4314-BDA1-297880FBB908}) (Version: 9.0 - SAP AG)
Microsoft redistributable runtime DLLs VS2010 SP1 (x86) (HKLM-x32\...\{2385C070-EC26-4AB9-8718-E605C977C0ED}) (Version: 10.0.40219.1 - SAP)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
SAP GUI for Windows 7.30 (HKLM-x32\...\SAPGUI710) (Version: 7.30 Compilation 2 - SAP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPAMfighter (HKLM-x32\...\{F4714DAA-07DF-4041-97AA-A65E9E918641}) (Version: - )
SPAMfighter (HKLM-x32\...\SPAMfighter) (Version: 7.6.50 - Spamfighter ApS)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0) (HKLM\...\75BD84FDFF77342C2A347F729669CBD84CE11B04) (Version: 09/29/2009 2.0.0.0 - OLYMPUS IMAGING CORP.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
02-01-2015 07:59:54 Windows Update
07-01-2015 14:49:09 Windows Update
08-01-2015 08:17:38 IObit Uninstaller restore point
08-01-2015 08:27:28 IObit Uninstaller restore point
08-01-2015 08:30:38 IObit Uninstaller restore point
08-01-2015 08:32:48 IObit Uninstaller restore point
14-01-2015 22:12:33 Windows Update
15-01-2015 03:00:13 Windows Update
16-01-2015 10:20:26 IObit Uninstaller restore point
20-01-2015 12:47:38 Windows Update
23-01-2015 22:01:18 Windows Update
25-01-2015 23:28:40 IObit Uninstaller restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-03-20 11:18 - 00000884 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {048D27BF-4903-4769-9504-B139FCE4F9A6} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {087B6FDF-F92D-47D1-952D-D90B790450AD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-25] (Adobe Systems Incorporated)
Task: {132A97B6-C13A-4112-B160-20BF75275FB9} - System32\Tasks\Driver Booster SkipUAC (Mösslacher) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {148D5A2D-473F-46F6-B696-9CD89EC54A92} - System32\Tasks\{25F88289-3399-4A15-BF25-062FE57BBBF5} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {1E00D63F-743A-4382-957E-E65EB064A8EE} - System32\Tasks\{E4C2D32B-FF54-4B83-8418-8F450EFBFAA4} => pcalua.exe -a E:\SAP720\vpnclient-win-msi-5.0.06.0160-k9.exe -d E:\SAP720
Task: {272A298E-F46F-48D3-BBEF-16E771F81238} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27] (ArcSoft Inc.)
Task: {2F311EC8-BD13-40A4-91A3-C212EB3D69C6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1416178087-3609379480-1209820842-500 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {3706FC18-435F-4458-98E7-037F59EE8901} - System32\Tasks\{74D53024-F1F7-48EE-AFD5-57DE14DCB401} => C:\Program Files (x86)\Pinnacle\Studio 9\programs\studio.exe [2004-06-08] (Pinnacle Systems)
Task: {378C48CA-1F88-4850-BDDC-043D1CA73898} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MEINZ-Mösslacher Meinz => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-01-07] (Microsoft Corporation)
Task: {3917EDF7-CAAC-4EB8-88FF-407AF2B5AB47} - System32\Tasks\D9ZP9YK1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)
Task: {393528A0-0FCA-4367-92A1-5C61D5E7C630} - System32\Tasks\avastBCLRestartS-1-5-21-1416178087-3609379480-1209820842-1000 => Firefox.exe
Task: {39A1D91C-3699-4F10-957E-FDE57548F514} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-07] (Microsoft Corporation)
Task: {4698FDF3-C6EF-43F3-A0A9-638CED7372D6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-01-07] (Microsoft Corporation)
Task: {53DD2630-6BA9-4053-86BF-269836E379CE} - System32\Tasks\NCH Swift Sound\scribeShakeIcon => C:\Program Files (x86)\NCH Swift Sound\Scribe\Scribe.exe [2010-07-28] (NCH Software)
Task: {55FFD6F8-73EB-465C-AAA2-B693F2D99C31} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {566C0FA6-33E7-4B5E-BE97-073C42B6F8FC} - System32\Tasks\Uninstaller_SkipUac_Mösslacher => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-12-09] (IObit)
Task: {5FAF418C-DF08-4E28-88C0-23C7103C1A23} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1416178087-3609379480-1209820842-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {6CFB1886-A615-4A04-AADE-1D36266126C7} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1416178087-3609379480-1209820842-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {71E760C8-53B0-4719-B81F-F42CC2F6D187} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7CA98AB1-5B2F-419A-B6C6-6DEB4A0B7D34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-31] (AVAST Software)
Task: {8694EC41-F1B3-4103-865F-263E37FCF982} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {8E6518DE-A1EE-495E-B24B-203774EFF856} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {91B9CFE7-83DF-46C6-A8F7-B8A93FEF2748} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-07] (Microsoft Corporation)
Task: {A28BEC82-E093-41DA-A376-D6858D600DE8} - System32\Tasks\ASC8_SkipUac_Mösslacher => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-19] (IObit)
Task: {D474BC52-E695-4240-AF78-0E8D787D458A} - System32\Tasks\{82296BB4-5873-44BC-BA56-1899F6363C33} => pcalua.exe -a "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\ApplicationInstaller.exe" -d C:\Windows\system32 -c "C:\Users\MSSLAC~1\AppData\Local\Temp\maps_installer_3.04_10wk17_b07_s60_5.0.Nocs.sis"
Task: {E3D2364D-935D-47CE-ABC4-2F1D9647C810} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E5CC7266-A689-4FDD-894D-5CD3890968DA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1416178087-3609379480-1209820842-500 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2010-02-24] (RealNetworks, Inc.)
Task: {F0EC0855-3AFD-4B05-A01C-DEC00BD7C174} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-12-21 15:16 - 2009-07-17 02:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2009-12-21 15:17 - 2009-07-17 02:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2013-09-16 15:44 - 2012-09-18 14:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2010-02-28 09:38 - 2009-07-31 02:58 - 00090624 _____ () C:\Windows\System32\Primomonnt.dll
2013-09-16 15:45 - 2012-09-18 14:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2015-01-07 16:40 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-24 11:56 - 2013-02-04 12:58 - 00500792 _____ () C:\Users\Mösslacher\A1Dashboard_Service.exe
2009-12-21 15:25 - 2009-09-17 20:06 - 00410864 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-10-14 09:17 - 2013-10-14 09:17 - 00522624 _____ () C:\Program Files (x86)\A-Trust GmbH\a.sign Client\plug_acSecurityLayer_x64.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 01807680 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2015-01-24 11:56 - 2013-02-04 12:58 - 00518712 _____ () C:\Users\Mösslacher\A1Dashboard_Launcher.exe
2014-10-21 02:36 - 2014-10-21 02:36 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\27062a1bd5e07ac476c1ef919d9abff5\VistaBridgeLibrary.ni.dll
2009-05-05 19:56 - 2009-05-05 19:56 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-12-21 15:20 - 2009-12-21 15:20 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-27 21:33 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-01-25 23:21 - 2015-01-25 23:21 - 02913280 _____ () C:\Program Files\AVAST Software\Avast\defs\15012501\algo.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-04 12:49 - 2011-03-04 12:49 - 00202752 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2009-12-21 15:25 - 2009-09-17 20:04 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2009-12-21 15:25 - 2009-09-17 20:04 - 01123568 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00079088 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00234736 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00074992 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00111856 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00121072 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2014-12-27 21:33 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2014-12-27 21:33 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2014-12-27 21:33 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2009-12-21 15:25 - 2009-09-17 20:05 - 00025840 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\SftBRCC.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00025840 ____N () C:\program files (x86)\Dell DataSafe Local Backup\SftBRCCPiped.dll
2009-12-21 15:25 - 2009-09-17 20:05 - 00025840 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STBRCCServCLR.dll
2008-08-12 10:16 - 2008-08-12 10:16 - 02023424 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtCore4.dll
2008-07-29 13:01 - 2008-07-29 13:01 - 07331840 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtGui4.dll
2008-07-29 12:50 - 2008-07-29 12:50 - 00364544 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtXml4.dll
2008-07-29 13:47 - 2008-07-29 13:47 - 00135168 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2008-07-29 13:47 - 2008-07-29 13:47 - 00016384 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2008-07-29 13:11 - 2008-07-29 13:11 - 00253952 _____ () C:\Program Files (x86)\Nokia\Nokia PC Suite 7\QtSvg4.dll
2014-10-09 15:54 - 2014-10-09 15:54 - 00081056 _____ () C:\Users\Mösslacher\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918\LoggingPlatform.dll
2013-10-14 09:17 - 2013-10-14 09:17 - 02393984 _____ () C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\Xalan-C_1_10.dll
2013-10-14 09:17 - 2013-10-14 09:17 - 00008064 _____ () C:\Program Files (x86)\A-Trust GmbH\Bürgerkartensoftware\XalanMessages_1_10.dll
2014-12-27 21:33 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00275776 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-09-11 19:05 - 2009-09-11 19:05 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00095552 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00046400 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00365888 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00152896 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2010-02-09 12:34 - 2010-02-09 12:34 - 00017728 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2014-03-20 11:28 - 2009-02-27 16:39 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2014-12-31 11:39 - 2014-12-31 11:39 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-24 11:56 - 2013-02-04 12:56 - 00256512 _____ () C:\Users\Mösslacher\WtgMobileBroadband7.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-26 00:39 - 2015-01-26 00:39 - 00043008 _____ () c:\Users\Mösslacher\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp76roid.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Mösslacher\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-01-07 17:43 - 2015-01-07 17:43 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: PinnacleDriverCheck => C:\Windows\system32\PSDrvCheck.exe -CheckReg
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot
========================= Accounts: ==========================
Administrator (S-1-5-21-1416178087-3609379480-1209820842-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-1416178087-3609379480-1209820842-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1416178087-3609379480-1209820842-1002 - Limited - Enabled)
Mösslacher (S-1-5-21-1416178087-3609379480-1209820842-1000 - Administrator - Enabled) => C:\Users\Mösslacher
==================== Faulty Device Manager Devices =============
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Plus B209a-m
Description: Photosmart Plus B209a-m
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/26/2015 00:53:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/26/2015 00:53:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (01/26/2015 00:34:02 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (01/26/2015 00:34:01 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (01/25/2015 10:05:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5273
Error: (01/25/2015 10:05:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5273
Error: (01/25/2015 10:05:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/25/2015 10:05:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4259
Error: (01/25/2015 10:05:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4259
Error: (01/25/2015 10:05:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (01/26/2015 00:44:27 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (01/26/2015 00:44:27 AM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.
Error: (01/26/2015 00:41:04 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.
Error: (01/26/2015 00:37:04 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (01/26/2015 00:36:19 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
PCLEPCI
Error: (01/26/2015 00:36:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Suite Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/26/2015 00:36:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SPAMfighter Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/26/2015 00:35:04 AM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active
Error: (01/26/2015 00:35:04 AM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter
Error: (01/26/2015 00:34:58 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\ASAPIW2k.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (01/26/2015 00:53:27 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (01/26/2015 00:53:26 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Adobe\Acrobat 9.0\Designer 8.2\FormDesigner.exe
Error: (01/26/2015 00:34:02 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (01/26/2015 00:34:01 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Error: (01/25/2015 10:05:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5273
Error: (01/25/2015 10:05:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5273
Error: (01/25/2015 10:05:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/25/2015 10:05:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4259
Error: (01/25/2015 10:05:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4259
Error: (01/25/2015 10:05:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 54%
Total physical RAM: 4084.5 MB
Available physical RAM: 1860.1 MB
Total Pagefile: 8167.18 MB
Available Pagefile: 5320.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:2.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: F20113C6)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Liebe Grüße, Peter
__________________ ________________________________ Mein Laptop - das unbekannte Wesen... |
|
26.01.2015, 01:39
| #5 | |
| /// TB-Ausbilder /// Anleitungs-Guru | firefox: Stimmen (Werbung) im HintergrundZitat:
Schritt 1 ESET Online Scanner
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
26.01.2015, 09:22
| #6 |
| | firefox: Stimmen (Werbung) im Hintergrund Sehe ich das richtig, dass ich ESET deinstallieren und den ESET-Ordner löschen soll, OHNE die gefundenen Bedrohungen zu entfernen? Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=52d48df6024790458e99ef5dab9fe0b6
# engine=22139
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-26 05:49:20
# local_time=2015-01-26 06:49:20 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 51496 173881210 0 0
# scanned=322787
# found=14
# cleaned=0
# scan_time=15716
sh=760334D088AC4565C8BD1D6A7EEE399B31515812 ft=1 fh=c71c00116dbeaec9 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\claroApp.dll.vir"
sh=140350AB20D0D98B027D12921FFA56E8F064E9FF ft=1 fh=c71c00110850c300 vn="Variante von Win32/Toolbar.Montiera.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\claroEng.dll.vir"
sh=AEB8081E0403614706346F3C8F8EAADEB81F7E18 ft=1 fh=c71c0011ffbcb579 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\clarosrv.exe.vir"
sh=A04E0DE9A3354BED554EE1869FC2418FD6719F17 ft=1 fh=c71c00112b833cbb vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\claroTlbr.dll.vir"
sh=3F42FBBC5635DF90203B38C787C17E9C6D8FC9F0 ft=1 fh=d91bac54a372c55f vn="Win32/Toolbar.Funmoods evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\escortShld.dll.vir"
sh=B4088715591A23BA5A7603134B087B28FCDF4999 ft=1 fh=7a3eaf0e0a0b8412 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\uninstall.exe.vir"
sh=4DC376B884B0430170A4F8AB73584B67222EA210 ft=1 fh=c71c0011b227245e vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Claro LTD\claro\1.8.8.5\bh\claro.dll.vir"
sh=A5AFD43F80036873D9CF6AEBD2F6A2EABBA072D6 ft=1 fh=9f46438dbe9f0851 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=982CBA880955552478FBC9A2E3743D7E44C053FC ft=1 fh=9dad3ccc7f2043ca vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mösslacher\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe"
sh=A1DE65A1659E188A55484F6D531F98964D5AB45F ft=1 fh=9be7048fa133ab79 vn="Variante von Win32/Foxferi.B Trojaner" ac=I fn="C:\Users\Mösslacher\Downloads\Route(2).exe"
sh=A1DE65A1659E188A55484F6D531F98964D5AB45F ft=1 fh=9be7048fa133ab79 vn="Variante von Win32/Foxferi.B Trojaner" ac=I fn="C:\Users\Mösslacher\Downloads\Route.exe"
sh=E69BCACB130F2390E51DD5171D7C671DCBC75F59 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mösslacher\Downloads\wz180gev-64.msi"
sh=E69BCACB130F2390E51DD5171D7C671DCBC75F59 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\7d8bc0.msi"
sh=483A33A8E46453C8E0E29712680759D0826CE340 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\avast_ash\WinZip (64 Bit)\winzip190de-64.msi"
__________________ --> firefox: Stimmen (Werbung) im Hintergrund |
|
26.01.2015, 18:44
| #7 | |
| /// TB-Ausbilder /// Anleitungs-Guru | firefox: Stimmen (Werbung) im HintergrundZitat:
Woher weiß ein Scanner denn, ob die Detektion auch zu 100% richtig ist. Nehmen wir mal an, "er" irrt sich und man läßt automatisch alle Funde entfernen. Wenn es ganz dumm läuft, sitzt man da dann vor nem schwarzen Bildschirm. Das ist bei ESET eher unwahrscheinlich, aber warum soll man es so machen, wenn auch ein Helfer drüber schauen kann und wirkliche Malware dann manuell entfernt? Schritt 1  Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter CloseProcesses:
Hosts:
HKLM-x32\...\Run: [] => [X]
CHR HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> No Name - {3BE093E7-4650-438B-AC6F-C944C30F81AD} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Mösslacher\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
C:\Users\Mösslacher\Downloads\Route(2).exe
C:\Users\Mösslacher\Downloads\Route.exe
C:\Users\Mösslacher\Downloads\wz180gev-64.msi
C:\Windows\Installer\7d8bc0.msi
EmptyTemp:
 Cleanup: Alle Logs gepostet? Ja! Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. >>clean<< Wir haben es geschafft! Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.  Wie kann ich mich in Zukunft besser schützen?Tipps, Dos & Don'ts  Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Firewall, Antivirus & Co.
 Cracks, Downloads & Co.Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten. Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten. Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Abschließend noch ein paar grundsätzliche Bemerkungen:
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
26.01.2015, 21:12
| #8 | |
| | firefox: Stimmen (Werbung) im HintergrundZitat:
Noch eine Frage habe ich: Wie anfangs angesprochen nutze ich Avast Premier als Virenprogramm und Advanced System Care 8. Spricht etwas gegen die weitere Verwendung dieser Programme? Wieso haben diese die Probleme nicht verhindern können? Danke! Nachfolgend findest Du die gewünschte fixlog.txt Datei: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-01-2015 01
Ran by Mösslacher at 2015-01-26 20:44:45 Run:1
Running from C:\Users\Mösslacher\Downloads
Loaded Profiles: Mösslacher (Available profiles: Mösslacher & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CloseProcesses:
Hosts:
HKLM-x32\...\Run: [] => [X]
CHR HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File
Toolbar: HKU\S-1-5-21-1416178087-3609379480-1209820842-1000 -> No Name - {3BE093E7-4650-438B-AC6F-C944C30F81AD} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
C:\Users\Mösslacher\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe
C:\Users\Mösslacher\Downloads\Route(2).exe
C:\Users\Mösslacher\Downloads\Route.exe
C:\Users\Mösslacher\Downloads\wz180gev-64.msi
C:\Windows\Installer\7d8bc0.msi
EmptyTemp:
*****************
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{3049C3E9-B461-4BC5-8870-4C09146192CA} => Key not found.
HKU\S-1-5-21-1416178087-3609379480-1209820842-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3BE093E7-4650-438B-AC6F-C944C30F81AD} => value deleted successfully.
HKCR\CLSID\{3BE093E7-4650-438B-AC6F-C944C30F81AD} => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
C:\Users\Mösslacher\Downloads\MyPhoneExplorer_Setup_v1.8.6.exe => Moved successfully.
C:\Users\Mösslacher\Downloads\Route(2).exe => Moved successfully.
C:\Users\Mösslacher\Downloads\Route.exe => Moved successfully.
C:\Users\Mösslacher\Downloads\wz180gev-64.msi => Moved successfully.
C:\Windows\Installer\7d8bc0.msi => Moved successfully.
EmptyTemp: => Removed 4.5 GB temporary data.
The system needed a reboot.
==== End of Fixlog 20:47:26 ====
__________________ ________________________________ Mein Laptop - das unbekannte Wesen... |
|
26.01.2015, 21:28
| #9 |
| /// TB-Ausbilder /// Anleitungs-Guru | firefox: Stimmen (Werbung) im Hintergrund Hi, also ich persönlich würde nur Avast verwenden. Ich kenne das andere auch nicht. https://forums.malwarebytes.org/inde...tual-property/ Aber allein schon deswegen ein Nogo. Kein Scanner erkennt alles. Für Adware hat sich v. a. ESET bewährt.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
26.01.2015, 21:46
| #10 |
| | firefox: Stimmen (Werbung) im Hintergrund Herzlichen Dank für die Tipps. Ich werde die IOBit Software deinstallieren. Darf ich davon ausgehen, dass ich die Datei, die DelFix hinterlassen hat, nun nicht mehr brauchen werde? Code:
ATTFilter # DelFix v10.8 - Datei am 26/01/2015 um 21:24:30 erstellt
# Aktualisiert am 29/07/2014 von Xplode
# Benutzer : Mösslacher - MEINZ
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Mösslacher\Desktop\AdwCleaner[S0].txt
Gelöscht : C:\Users\Mösslacher\Desktop\AdwCleaner_4.109.exe
Gelöscht : C:\Users\Mösslacher\Desktop\esetsmartinstaller_deu.exe
Gelöscht : C:\Users\Mösslacher\Downloads\Addition.txt
Gelöscht : C:\Users\Mösslacher\Downloads\Defogger.exe
Gelöscht : C:\Users\Mösslacher\Downloads\defogger_disable.log
Gelöscht : C:\Users\Mösslacher\Downloads\Fixlog.txt
Gelöscht : C:\Users\Mösslacher\Downloads\FRST.txt
Gelöscht : C:\Users\Mösslacher\Downloads\FRST64.exe
Gelöscht : C:\Users\Mösslacher\Downloads\setpoint600_x64(4).exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #657 [Windows Update | 01/02/2015 06:59:54]
Gelöscht : RP #658 [Windows Update | 01/07/2015 13:49:09]
Gelöscht : RP #659 [IObit Uninstaller restore point | 01/08/2015 07:17:38]
Gelöscht : RP #660 [IObit Uninstaller restore point | 01/08/2015 07:27:28]
Gelöscht : RP #661 [IObit Uninstaller restore point | 01/08/2015 07:30:38]
Gelöscht : RP #662 [IObit Uninstaller restore point | 01/08/2015 07:32:48]
Gelöscht : RP #663 [Windows Update | 01/14/2015 21:12:33]
Gelöscht : RP #664 [Windows Update | 01/15/2015 02:00:13]
Gelöscht : RP #665 [IObit Uninstaller restore point | 01/16/2015 09:20:26]
Gelöscht : RP #666 [Windows Update | 01/20/2015 11:47:38]
Gelöscht : RP #667 [Windows Update | 01/23/2015 21:01:18]
Gelöscht : RP #668 [IObit Uninstaller restore point | 01/25/2015 22:28:40]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
Beste Grüße vom Wörthersee germanenburi
__________________ ________________________________ Mein Laptop - das unbekannte Wesen... |
|
26.01.2015, 21:49
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | firefox: Stimmen (Werbung) im Hintergrund Genau. Datei kannst löschen. Alles Gute!
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu firefox: Stimmen (Werbung) im Hintergrund |
| adobe, adware, antivirus, bingbar, bonjour, branding, browser, chromium, cpu, defender, desktop, downloader, driver booster, firefox, flash player, google, hängen, mozilla, office 365, onedrive, popup, programm, registry, scan, services.exe, software, starten, system, trackid, werbung, windows, wlan |
dann auf 
und dann auf 
.
Windows die 
automatischen Updates
Firewall. Die in Windows integrierte genügt im Normalfall völlig.
ESET
NoScript
Linear-Darstellung
