| |  Popup bei Start von Anwendungen: "(Anwendungsname) - Ungültiges Bild" Win 7
 Liebes Forum,
Seit heute wird meine Arbeit am PC durch Popups mit vermeintlichen Fehlermeldungen gestört. Diese öffnen sich immer wenn ich eine Anwendung öffne.
Im Titel steht immer "(Anwendungsname) - Ungültiges Bild".
Dann z.B.: C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL ist entweder nicht für die Ausführung unter Windows vorgesehen oder enthält einen Fehler. Installieren Sie das Programm mit den Originalinstallationsmedien erneut, oder wenden Sie sich an den Systemadministrator oder Softwarelieferanten, um Unterstützung zu erhalten."
AVIRA hat kein Problem gefunden.
Über Lösungshinweise würde ich mich sehr freuen. Ich bin mit meinem Latein am Ende.
Hier ist die GMER.txt. Zitat:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-24 22:10:31
Windows 6.1.7600 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.11.0 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Laura\AppData\Local\Temp\ugloapob.sys
---- System - GMER 2.1 ----
SSDT 8F0DBE56 ZwCreateSection
SSDT 8F0DBE2E ZwCreateSymbolicLinkObject
SSDT 8F0DBE33 ZwLoadDriver
SSDT 8F0DBE29 ZwOpenSection
SSDT 8F0DBE60 ZwRequestWaitReplyPort
SSDT 8F0DBE5B ZwSetContextThread
SSDT 8F0DBE65 ZwSetSecurityObject
SSDT 8F0DBE38 ZwSetSystemInformation
SSDT 8F0DBE6A ZwSystemDebugControl
SSDT 8F0DBDF7 ZwTerminateProcess
---- Kernel code sections - GMER 2.1 ----
.text ntoskrnl.exe!ZwRollbackTransaction + 13F5 834868A9 1 Byte [06]
.text ntoskrnl.exe!KiDispatchInterrupt + 5A2 834A6302 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntoskrnl.exe!KeRemoveQueueEx + 14B7 834AD684 4 Bytes [56, BE, 0D, 8F]
.text ntoskrnl.exe!KeRemoveQueueEx + 14BF 834AD68C 4 Bytes [2E, BE, 0D, 8F]
.text ntoskrnl.exe!KeRemoveQueueEx + 15D3 834AD7A0 4 Bytes [33, BE, 0D, 8F]
.text ntoskrnl.exe!KeRemoveQueueEx + 166F 834AD83C 4 Bytes [29, BE, 0D, 8F]
.text ntoskrnl.exe!KeRemoveQueueEx + 1813 834AD9E0 1 Byte [60]
.text ...
? C:\windows\system32\drivers\SPPD.sys Das System kann die angegebene Datei nicht finden. !
---- User code sections - GMER 2.1 ----
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtCreateFile + 6 77D146B6 4 Bytes [28, 18, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtCreateFile + B 77D146BB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtMapViewOfSection + 6 77D14D16 4 Bytes [28, 1B, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtMapViewOfSection + B 77D14D1B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenFile + 6 77D14DC6 4 Bytes [68, 18, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenFile + B 77D14DCB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenProcess + 6 77D14E76 4 Bytes [A8, 19, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenProcess + B 77D14E7B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenProcessToken + 6 77D14E86 4 Bytes CALL 76D253A4 C:\windows\system32\SHELL32.dll
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenProcessToken + B 77D14E8B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenProcessTokenEx + 6 77D14E96 4 Bytes [A8, 1A, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenProcessTokenEx + B 77D14E9B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenThread + 6 77D14EF6 4 Bytes [68, 19, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenThread + B 77D14EFB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenThreadToken + 6 77D14F06 4 Bytes [68, 1A, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenThreadToken + B 77D14F0B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenThreadTokenEx + 6 77D14F16 4 Bytes CALL 76D25435 C:\windows\system32\SHELL32.dll
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtOpenThreadTokenEx + B 77D14F1B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtQueryAttributesFile + 6 77D15026 4 Bytes [A8, 18, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtQueryAttributesFile + B 77D1502B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtQueryFullAttributesFile + 6 77D150D6 4 Bytes CALL 76D255F3 C:\windows\system32\SHELL32.dll
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtQueryFullAttributesFile + B 77D150DB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtSetInformationFile + 6 77D15726 4 Bytes [28, 19, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtSetInformationFile + B 77D1572B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtSetInformationThread + 6 77D15786 4 Bytes [28, 1A, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtSetInformationThread + B 77D1578B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtUnmapViewOfSection + 6 77D15AA6 4 Bytes [68, 1B, 05, 01]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4220] ntdll.dll!NtUnmapViewOfSection + B 77D15AAB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtCreateFile + 6 77D146B6 4 Bytes [28, 68, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtCreateFile + B 77D146BB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtMapViewOfSection + 6 77D14D16 4 Bytes [28, 6B, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtMapViewOfSection + B 77D14D1B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenFile + 6 77D14DC6 4 Bytes [68, 68, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenFile + B 77D14DCB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenProcess + 6 77D14E76 4 Bytes [A8, 69, 73, 00] {TEST AL, 0x69; JAE 0x4}
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenProcess + B 77D14E7B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenProcessToken + 6 77D14E86 4 Bytes CALL 76D1C1F4 C:\windows\system32\SHELL32.dll
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenProcessToken + B 77D14E8B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenProcessTokenEx + 6 77D14E96 4 Bytes [A8, 6A, 73, 00] {TEST AL, 0x6a; JAE 0x4}
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenProcessTokenEx + B 77D14E9B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenThread + 6 77D14EF6 4 Bytes [68, 69, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenThread + B 77D14EFB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenThreadToken + 6 77D14F06 4 Bytes [68, 6A, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenThreadToken + B 77D14F0B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenThreadTokenEx + 6 77D14F16 4 Bytes CALL 76D1C285 C:\windows\system32\SHELL32.dll
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtOpenThreadTokenEx + B 77D14F1B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtQueryAttributesFile + 6 77D15026 4 Bytes [A8, 68, 73, 00] {TEST AL, 0x68; JAE 0x4}
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtQueryAttributesFile + B 77D1502B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtQueryFullAttributesFile + 6 77D150D6 4 Bytes CALL 76D1C443 C:\windows\system32\SHELL32.dll
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtQueryFullAttributesFile + B 77D150DB 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtSetInformationFile + 6 77D15726 4 Bytes [28, 69, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtSetInformationFile + B 77D1572B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtSetInformationThread + 6 77D15786 4 Bytes [28, 6A, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtSetInformationThread + B 77D1578B 1 Byte [E2]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtUnmapViewOfSection + 6 77D15AA6 4 Bytes [68, 6B, 73, 00]
.text C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe[4636] ntdll.dll!NtUnmapViewOfSection + B 77D15AAB 1 Byte [E2]
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows Search\Gather\Windows\SystemIndex@LazyCheckPointUpdateInterval 604800
Reg HKLM\SOFTWARE\Microsoft\Windows Search\UsnNotifier\Windows\Catalogs\SystemIndex@{D6C860ED-A7BC-11DE-8A4B-806E6F6E6963} 65542398528
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
| Hier ist die defogger_disable.log. Zitat:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 21:37 on 24/03/2015 (Laura)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
| Hier ist die FRST.txt. Zitat:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2015
Ran by Laura (administrator) on LAURA-PC on 24-03-2015 21:40:23
Running from C:\Users\Laura\Desktop
Loaded Profiles: Laura & UpdatusUser (Available profiles: Laura & fbwuser & UpdatusUser)
Platform: Windows 7 Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
() C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\Brother\BrStMonW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Google Inc.) C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe
(Dropbox, Inc.) C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Client Connect LTD) C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Client Connect LTD) C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
(Client Connect LTD) C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Google Inc.) C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7711264 2009-08-19] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [704512 2015-03-20] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [ControlCenter4] => C:\Program Files\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM\...\Run: [BrStsMon00] => C:\Program Files\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2015-02-13] (Apple Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05]
(Acresso Corporation)
HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\Run: [Google Update] => C:\Users\Laura\AppData\Local\Google\Update
\GoogleUpdate.exe [107912 2014-10-27] (Google Inc.)
HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\MountPoints2: {454b0474-5e7c-11df-a04c-00245423e6a5} - F:\AutoRun.exe
HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\MountPoints2: {454b0478-5e7c-11df-a04c-00245423e6a5} - F:\AutoRun.exe
AppInit_DLLs: C:\PROGRA~1\SEARCH~1\SEARCH~1\bin\VC32LO~1.DLL => C:\Program Files\SearchProtect\SearchProtect\bin\VC32Loader.dll [223504
2015-03-16] ()
Startup: C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Laura\AppData\Roaming\Dropbox\bin
\DropboxExt.25.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-771618654-3341757510-301361698-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?
p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6Xow1K8E36L0X66tJe34f_wLDqXECMlw83PgDXMzBv52BSYepNEAG7F-
pidWhMbeVkTgKR7ISM_ZKNu1ArT4mUdxdolO-R-Jm1R-0Z5xaVG45D-
3n2neoWRPwuj3Z2wFw7DzNc4KUqCHiaiRH72piML03ghEjwp7sDYEaotugYKwFqG7TU-BPbLpM,&q={searchTerms}
HKU\S-1-5-21-771618654-3341757510-301361698-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-771618654-3341757510-301361698-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?
p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6Xow1K8E36L0X66tJe34f_wLDqXECMlw83PgDXMzBv52BSYepNEAG7F-
pidWhMbeVkTgKR7ISM_ZKNu1ArT4mUdxdolO-R-Jm1R-0Z5xaVG45D-
3n2neoWRPwuj3Z2wFw7DzNc4KUqCHiaiRH72piML03ghEjwp7sDYEaotugYKwFqG7TU-BPbLpM,&q={searchTerms}
HKU\S-1-5-21-771618654-3341757510-301361698-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?
gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=M3183E1DA-6CAE-499E-8557-
90DB9063431E&SearchSource=55&CUI=&UM=5&UP=SPB490155D-825B-4335-A273-948A3CBDCFBE&SSPV=
SearchScopes: HKLM -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?
p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6Xow1K8E36L0X66tJe34f_wLDqXECMlw83PgDXMzBv52BSYepNEAG7F-
pidWhMbeVkTgKR7ISM_ZKNu1ArT4mUdxdolO-R-Jm1R-0Z5xaVG45D-3n2neoWRPwuj3Z2wFw7DzNc4KUqCHiaiRH72piML03ghEjwp7sDYEaotu-
NQ84W3lXQ1voOeXo,&q={searchTerms}
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?
p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6Xow1K8E36L0X66tJe34f_wLDqXECMlw83PgDXMzBv52BSYepNEAG7F-
pidWhMbeVkTgKR7ISM_ZKNu1ArT4mUdxdolO-R-Jm1R-0Z5xaVG45D-3n2neoWRPwuj3Z2wFw7DzNc4KUqCHiaiRH72piML03ghEjwp7sDYEaotu-
NQ84W3lXQ1voOeXo,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1001 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6Xow1K8E36L0X66tJe34f_wLDqXECMlw83PgDXMzBv52BSYepNEAG7F-
pidWhMbeVkTgKR7ISM_ZKNu1ArT4mUdxdolO-R-Jm1R-0Z5xaVG45D-
3n2neoWRPwuj3Z2wFw7DzNc4KUqCHiaiRH72piML03ghEjwp7sDYEaotugYKwFqG7TU-BPbLpM,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-771618654-3341757510-301361698-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StKZmhdFMQ5NhCfKoItf6Xow1K8E36L0X66tJe34f_wLDqXECMlw83PgDXMzBv52BSYepNEAG7F-
pidWhMbeVkTgKR7ISM_ZKNu1ArT4mUdxdolO-R-Jm1R-0Z5xaVG45D-
3n2neoWRPwuj3Z2wFw7DzNc4KUqCHiaiRH72piML03ghEjwp7sDYEaotugYKwFqG7TU-BPbLpM,&q={searchTerms}
BHO: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files\Nuance\PDF Viewer Plus\Bin
\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle
Corporation)
BHO: ZoneAlarm Security Engine Registrar -> {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} -> C:\Program Files\CheckPoint\ZAForceField
\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle
Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1001 -> ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:
\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1001 -> No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No File
Toolbar: HKU\S-1-5-21-771618654-3341757510-301361698-1001 -> No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26]
(Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26]
(Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Profiles\arrkp7xy.default-1427229206595
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-08-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft
Corporation)
FF Plugin: @nosltd.com/getPlus+(R),version=1.6.2.91 -> C:\Program Files\NOS\bin\np_gp.dll [2010-09-01] (NOS Microsystems Ltd.)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Sibelius Software\Scorch\npsibelius.dll [2013-03-11] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Laura\AppData\Roaming\Mozilla
\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1001: @talk.google.com/O1DPlugin -> C:\Users\Laura\AppData\Roaming\Mozilla
\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Laura\AppData\Local
\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin HKU\S-1-5-21-771618654-3341757510-301361698-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Laura\AppData\Local
\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-08-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-08-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-08-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-08-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-08-11] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPSibelius.dll [2013-03-11] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np_gp.dll [2010-09-01] (NOS Microsystems Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\PDFNetC.dll [2009-08-09] (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchAxPlugin.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\ScorchPDFWrapper.dll [2010-04-08] ()
FF Plugin ProgramFiles/Appdata: C:\Users\Laura\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Laura\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Users\Laura\AppData\Local\Google\Chrome\Application\11.0.696.68\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Laura\AppData\Local\Google\Chrome\Application\11.0.696.68\pdf.dll No File
CHR Plugin: (Chrome NaCl) - C:\Users\Laura\AppData\Local\Google\Chrome\Application\11.0.696.68\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Users\Laura\AppData\Local\Google\Chrome\Application\11.0.696.68\gears.dll No File
CHR Plugin: (ScorchPlugin) - C:\Program Files\Mozilla Firefox\plugins\NPSibelius.dll ()
CHR Plugin: (getPlusPlus for Adobe 16291) - C:\Program Files\Mozilla Firefox\plugins\np_gp.dll (NOS Microsystems Ltd.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Laura\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Laura\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions
\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Google Wallet) - C:\Users\Laura\AppData\Local\Google\Chrome\User Data\Default\Extensions
\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-07]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx
[Not Found]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\google_chrome\html5video
\html5video.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Laura\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-20] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [992504 2015-03-20] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R3 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 CltMngSvc; C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe [3251472 2015-03-16] (Client Connect LTD)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528624 2009-08-23] (Cisco Systems, Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not
signed]
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 OberonGameConsoleService; C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe [44312 2009-08-13] ()
R2 PDFProFiltSrvPP; C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-14] (Microsoft Corporation)
S2 RoxLiveShare9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [105864 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 BVRPMPR5; C:\windows\system32\drivers\BVRPMPR5.SYS [49904 2009-08-25] (Avanquest Software) [File not signed]
S3 CVirtA; C:\windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [308859 2009-08-23] (Cisco Systems, Inc.) [File not signed]
R3 DNE; C:\windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
S3 FFUsbAudio; C:\windows\System32\DRIVERS\ffusbaudio.sys [42328 2011-10-31] (Focusrite Audio Engineering Ltd.)
R3 SMARTMouseFilterx86; C:\windows\System32\DRIVERS\SMARTMouseFilterx86.sys [11632 2011-01-25] (SMART Technologies ULC)
R3 SMARTVHidMini2000x86; C:\windows\System32\DRIVERS\SMARTVHidMini2000x86.sys [14704 2011-01-25] (SMART Technologies ULC)
R3 SMARTVTabletPCx86; C:\windows\System32\DRIVERS\SMARTVTabletPCx86.sys [21872 2011-01-25] (SMART Technologies ULC)
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-09] (Avira GmbH)
S3 SynasUSB; C:\windows\System32\drivers\SynasUSB.sys [23288 2007-10-24] (SIA Syncrosoft)
S3 USBAAPL; C:\windows\System32\Drivers\usbaapl.sys [42496 2011-08-02] (Apple, Inc.) [File not signed]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]
R3 SPPD; \??\C:\windows\system32\drivers\SPPD.sys [X]
S3 taphss; system32\DRIVERS\taphss.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-24 21:41 - 2015-03-24 21:41 - 00380416 _____ () C:\Users\Laura\Downloads\Gmer-19357.exe
2015-03-24 21:40 - 2015-03-24 21:41 - 00027174 _____ () C:\Users\Laura\Desktop\FRST.txt
2015-03-24 21:39 - 2015-03-24 21:40 - 00000000 ____D () C:\FRST
2015-03-24 21:37 - 2015-03-24 21:38 - 01135104 _____ (Farbar) C:\Users\Laura\Desktop\FRST.exe
2015-03-24 21:37 - 2015-03-24 21:38 - 00000472 _____ () C:\Users\Laura\Desktop\defogger_disable.log
2015-03-24 21:37 - 2015-03-24 21:37 - 00000000 _____ () C:\Users\Laura\defogger_reenable
2015-03-24 21:35 - 2015-03-24 21:36 - 00050477 _____ () C:\Users\Laura\Desktop\Defogger.exe
2015-03-24 21:07 - 2015-03-24 21:07 - 00001222 _____ () C:\Users\Laura\Desktop\Revo Uninstaller.lnk
2015-03-24 21:07 - 2015-03-24 21:07 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-03-24 21:06 - 2015-03-24 21:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Laura\Downloads\revosetup95.exe
2015-03-24 14:53 - 2015-03-24 14:53 - 00000000 ____D () C:\Users\Laura\AppData\Local\avaavxvyex
2015-03-09 19:17 - 2015-03-24 21:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-03-08 14:50 - 2015-03-08 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2015-03-04 17:10 - 2015-03-04 17:10 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-04 17:10 - 2015-03-04 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-04 17:09 - 2015-03-04 17:10 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2015-03-04 17:09 - 2015-03-04 17:10 - 00000000 ____D () C:\Program Files\iTunes
2015-03-04 17:09 - 2015-03-04 17:09 - 00000000 ____D () C:\Program Files\iPod
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-24 21:37 - 2010-01-04 09:50 - 00000000 ____D () C:\Users\Laura
2015-03-24 21:28 - 2009-09-22 06:23 - 02086242 _____ () C:\windows\WindowsUpdate.log
2015-03-24 21:22 - 2010-01-04 10:41 - 00001120 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-771618654-3341757510-301361698-
1001UA.job
2015-03-24 21:05 - 2009-07-14 05:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-
439d-8115-601632D005A0
2015-03-24 21:05 - 2009-07-14 05:34 - 00014736 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-
439d-8115-601632D005A0
2015-03-24 20:59 - 2010-05-01 20:41 - 00000000 ___RD () C:\Users\Laura\Documents\My Dropbox
2015-03-24 20:59 - 2010-05-01 20:39 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Dropbox
2015-03-24 20:57 - 2010-12-09 08:56 - 00001094 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-24 20:56 - 2009-07-14 05:53 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-24 20:56 - 2009-07-14 05:39 - 00308575 _____ () C:\windows\setupact.log
2015-03-24 20:53 - 2010-12-09 08:56 - 00001098 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-24 20:52 - 2014-01-16 17:17 - 00000444 _____ () C:\windows\Tasks\ParetoLogic Registration3.job
2015-03-24 20:52 - 2012-04-28 11:05 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-24 14:59 - 2009-09-22 06:48 - 00786438 _____ () C:\windows\PFRO.log
2015-03-24 14:53 - 2014-04-07 16:06 - 00002056 _____ () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-03-24 14:53 - 2014-03-16 18:03 - 00000000 ____D () C:\Program Files\SearchProtect
2015-03-15 20:36 - 2014-04-01 08:00 - 00000150 ____H () C:\Users\Laura\Documents\maxdesk.ini2
2015-03-15 20:36 - 2014-04-01 07:50 - 00000817 ____H () C:\Users\Laura\Documents\PP11Thumbs.ptn2
2015-03-15 20:36 - 2014-04-01 07:49 - 02962772 ____H () C:\Users\Laura\Documents\PP11Thumbs.ptn
2015-03-11 17:44 - 2010-01-04 09:56 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 17:42 - 2013-08-14 10:06 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 17:36 - 2010-02-11 19:34 - 119837696 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-11 16:43 - 2010-05-01 20:40 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-03-10 20:46 - 2012-10-29 17:57 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-03-10 17:36 - 2013-08-10 13:10 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-10 17:36 - 2013-08-10 13:08 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-10 17:36 - 2013-08-10 13:08 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-08 14:50 - 2012-04-24 14:43 - 00000000 ____D () C:\Users\Laura\AppData\Roaming\elsterformular
2015-03-08 14:49 - 2014-08-06 07:59 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-04 17:09 - 2014-08-28 07:40 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2015-03-04 17:09 - 2010-01-04 11:33 - 00000000 ____D () C:\Program Files\Common Files\Apple
==================== Files in the root of some directories =======
2013-05-17 21:31 - 2013-05-17 21:32 - 4167680 _____ () C:\Program Files\GUTE87B.tmp
2013-07-24 14:01 - 2013-07-24 14:03 - 0594154 _____ () C:\Users\Laura\AppData\Roaming\Scorch_Install.log
2013-06-04 20:11 - 2014-02-06 17:38 - 0005120 _____ () C:\Users\Laura\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-01-06 12:23 - 2010-04-02 11:11 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-01-04 09:53 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-01-04 17:33 - 2013-12-17 22:04 - 0000020 ____H () C:\ProgramData\PKP_DLec.DAT
Some content of TEMP:
====================
C:\Users\Laura\AppData\Local\Temp\avgnt.exe
C:\Users\Laura\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgele2g.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-16 18:31
==================== End Of Log ============================
| Und schließlich die Addition.txt. Zitat:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2015
Ran by Laura at 2015-03-24 21:42:17
Running from C:\Users\Laura\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.0.0.4080 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.91 - NOS Microsystems Ltd.)
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AnyPC Client (HKLM\...\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}) (Version: 1.0.0.12 - Doctorsoft)
Apple Application Support (32-Bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Panorama Maker 3 (HKLM\...\{A5F68DC8-0278-4AD8-B413-861509B5F25B}) (Version: - ArcSoft)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (Version: 2.0.5 - Audacity Team) Hidden
Avira (HKLM\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 15.0.8.656 - Avira)
BatteryLifeExtender (HKLM\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-7360N (HKLM\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
Business Contact Manager für Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Business Contact Manager für Outlook 2007 SP2 (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Cisco Systems VPN Client 5.0.06.0110 (HKLM\...\{08B785C1-3893-4154-B53B-F5D341D0AAAA}) (Version: 5.0.6 - Cisco Systems, Inc.)
Cornelsen Werkzeuge 3.6 (HKLM\...\{C55F20AB-2B65-434E-ABA7-6B70232B4602}) (Version: 3.6.0 - Cornelsen Verlag, Berlin)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
dm-Fotowelt (HKLM\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dropbox (HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\Dropbox) (Version: 3.2.9 - Dropbox, Inc.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{A7581D39-EA20-4883-A480-80C21047052B}) (Version: 4.0.2 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
ElsterFormular (HKLM\...\ElsterFormular) (Version: 16.0.20150211 - Landesfinanzdirektion Thüringen)
English G 21, A5 - Digitaler Unterrichtsplaner (HKLM\...\Cornelsen_DUP_324378) (Version: - Cornelsen Verlag, Berlin)
FileParade bundle uninstaller (HKLM\...\FileParade bundle uninstaller) (Version: 2.0.0.3 - FileParade) <==== ATTENTION
Focusrite USB 2.0 Audio Driver 2.2 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.2 - Focusrite Audio Engineering Limited.)
Focusrite USB Audio Driver 1.10 (HKLM\...\Focusrite USB Audio Driver_is1) (Version: 1.10 - Focusrite Audio Engineering Ltd.)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.10.1213 - Foxit Corporation)
Free YouTube Download version 3.2.44.908 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Game Pack (HKLM\...\{63eafc52-b963-4297-a7eb-d412944e7065}_is1) (Version: 5.3.0.10 - Oberon Media, Inc.)
Google Chrome (HKU\S-1-5-21-771618654-3341757510-301361698-1001\...\Google Chrome) (Version: 41.0.2272.101 - Google Inc.)
Google Talk Plugin (HKLM\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPL Ghostscript 8.70 (HKLM\...\GPL Ghostscript 8.70) (Version: - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM\...\{90A40407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8003.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyScript HWR (French) (HKLM\...\{9A960F35-C1DA-4FC0-B802-EAFF4179FDB0}) (Version: 4.4.5.1 - SMART Technologies ULC)
MyScript HWR (German) (HKLM\...\{415CD877-0970-4CB6-B178-1E72F7DC60E7}) (Version: 4.4.5.1 - SMART Technologies ULC)
Nuance PaperPort 12 (HKLM\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PaperPort Image Printer (HKLM\...\{6EF2FDAB-7FBF-4AB9-92CD-594BDDB6A56B}) (Version: 14.00.0000 - Nuance Communications, Inc.)
ParetoLogic FileCure (HKLM\...\{C1C441C4-57FA-4950-BDBA-BABFBAA2AA39}) (Version: 2.0.1.0 - ParetoLogic, Inc.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PictureProject (HKLM\...\{FF3999BE-1A7B-4738-88AA-97BF14094A4A}) (Version: 1.0 - )
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
R for Windows 3.0.1 (HKLM\...\R for Windows 3.0.1_is1) (Version: 3.0.1 - R Core Team)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RStudio (HKLM\...\RStudio) (Version: 0.97.551 - RStudio)
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Scansoft PDF Professional (Version: - ) Hidden
Search Protect (Version: 2.22.0.160 - Client Connect LTD) Hidden <==== ATTENTION
Sibelius Scorch (Firefox, Opera, Netscape only) (HKLM\...\{8A0BD487-D185-4316-92CE-9E415C3AC6DB}) (Version: 6.0.7 - Sibelius Software)
Sibelius Scorch (Firefox, Opera, Netscape, Chrome only) (HKLM\...\{41626CC0-A854-4402-AD06-D7939515C282}) (Version: 6.2.0 - Sibelius Software, a division of Avid Technology, Inc.)
SMART Notebook (HKLM\...\{9550F8A6-3D21-4544-8B87-F9FE7E01B964}) (Version: 10.7.144.0 - SMART Technologies ULC)
SMART Product Drivers (HKLM\...\{4CE6C6E8-0DAD-4757-86ED-7FB4035BA98B}) (Version: 10.7.182.1 - SMART Technologies ULC)
SMART Product Update (HKLM\...\{8D4B716A-0ABE-4238-9090-D208E5F57A5E}) (Version: 5.0.108.0 - SMART Technologies ULC)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
Syncrosoft Lizenz Kontrolle (HKLM\...\Syncrosoft License Control) (Version: - SIA Syncrosoft)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Websteroids (Version: 2.6.63 - Creative Island Media, LLC) Hidden <==== ATTENTION
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Zip Motion Block Video codec (Remove Only) (HKLM\...\ZMBV) (Version: - DOSBox Team)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version: - Check Point Software Technologies)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.57\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.25.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.2.183.39\goopdate.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Laura\AppData\Local\Google\Chrome\Application\41.0.2272.101\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{b2b568c8-3712-4a75-b806-4b3c2fdb06d5}\localserver32 -> C:\Users\Laura\AppData\Local\Temp\{e9513610-f218-4dda-b954-2c7e6ba7cabb}\IDriver.NonElevated.exe No (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.25.11\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.65\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Laura\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-771618654-3341757510-301361698-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Laura\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
==================== Restore Points =========================
Could not list restore points.
Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0F99FC2E-851D-4ACE-ABA8-1DCDBB241331} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {18EFB925-7A8C-4DC5-AD07-6BB03B58812E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-771618654-3341757510-301361698-1001UA => C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {1CCDF7FB-ACBA-4D0A-87CC-1EFE7E679086} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {1E39C766-8719-4861-B64C-891A551193BF} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {2597EFA9-C770-438C-B1F5-7F9D0025F2DD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {31C68D58-AC39-4AF3-8080-45603F50948A} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-09-21] (Samsung Electronics. Co. Ltd.)
Task: {3915A7F2-7E00-4C8D-8E36-A910E9D19528} - System32\Tasks\{09B06F62-93EF-47F9-93D4-F07A123126A3} => C:\Program Files\iTunes\iTunes.exe [2015-02-13] (Apple Inc.)
Task: {3998EA81-563E-4C1C-AC8D-6282FDDA82AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-771618654-3341757510-301361698-1001Core => C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {44F25C08-4892-49FD-B959-90C87F4238EF} - System32\Tasks\{1C2937BA-DA0F-495B-90B0-AAB96B121233} => C:\Program Files\iTunes\iTunes.exe [2015-02-13] (Apple Inc.)
Task: {4E483ADB-3D6D-42BB-8BB8-FE2E8FD1FE70} - System32\Tasks\{767CD4F5-CBA2-4F96-9BFF-301705097F55} => C:\Program Files\iTunes\iTunes.exe [2015-02-13] (Apple Inc.)
Task: {4F84C640-273B-468A-A346-A795D5F1969D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {58C61A61-43CC-4D5A-80E6-802F2AF8F803} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-27] (Google Inc.)
Task: {66C32559-3BF4-4CDE-8292-CF653355C3C2} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {7BCD00B0-EE74-47B1-9E08-980456CC2B98} - System32\Tasks\{572669B5-55F9-410A-BD15-6D87D9EBCE16} => pcalua.exe -a E:\Autorun.exe -d E:\
Task: {8F7A8B82-212B-4D84-ABEB-803DBC27963B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-08] (Adobe Systems Incorporated)
Task: {9523F949-7BD0-4F3E-A555-180E02B1A978} - System32\Tasks\{124DBE9D-CD7A-4FCD-AEAE-85B51436506E} => pcalua.exe -a "C:\Program Files\Steinberg\Asio\dxfdsetup.exe" -d "C:\Users\Laura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase Essential 4"
Task: {C7AD6C6B-CB53-402E-BDED-3E55E922E51C} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {CABCA88D-4D3C-44A1-B25B-1481537E6FD1} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {D2CA94C5-C372-418F-9C46-B1ADFB2E6FFD} - System32\Tasks\{8EC1FCC2-62EC-446D-A133-B6A41BEBE493} => pcalua.exe -a C:\Users\Laura\Downloads\zaSetup_92_102_000_en.exe -d C:\windows\system32
Task: {D5D39899-82BD-42CC-B8CA-5F3F85E2CD1B} - System32\Tasks\avaavxvyex => C:\Users\Laura\AppData\Local\avaavxvyex\avaavxvyex.exe [2015-03-16] () <==== ATTENTION
Task: {DDE01D42-6FF1-4A7E-8759-DF0021412D94} - System32\Tasks\{6119A0BE-AFAA-48A4-9482-D6D012758475} => pcalua.exe -a "C:\Program Files\Nikon\FotoShare\Uninstal.exe" -c C:\PROGRA~1\Nikon\FOTOSH~1\INSTALL.LOG
Task: {E77D8A0A-2C20-4926-837B-0C4C93B79D8D} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {F8634591-4693-4C1C-9025-2BD9F15815DE} - System32\Tasks\{881C3E7B-D45E-49B8-90EA-15C172DC5465} => C:\Program Files\iTunes\iTunes.exe [2015-02-13] (Apple Inc.)
Task: {FCC85F9D-CE13-4427-ABDC-98A596891E6A} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {FF520546-9FBB-40D0-B9B4-CEE701894095} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-08] (Samsung Electronics Co., Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-771618654-3341757510-301361698-1001Core.job => C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-771618654-3341757510-301361698-1001UA.job => C:\Users\Laura\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\ParetoLogic Registration3.job => C:\windows\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
==================== Loaded Modules (whitelisted) ==============
2010-01-04 18:32 - 2005-01-06 18:33 - 00116224 _____ () C:\windows\System32\redmonnt.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-08-23 21:41 - 2009-08-23 21:41 - 00197424 _____ () C:\windows\system32\vpnapi.dll
2010-01-04 09:55 - 2009-08-13 21:58 - 00044312 _____ () C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
2014-12-24 17:01 - 2013-08-30 00:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-01-19 12:03 - 2015-01-19 12:03 - 00245760 _____ () C:\Program Files\Avira\My Avira\System.ComponentModel.Composition.dll
2009-09-22 06:26 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2013-10-05 16:04 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00750080 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-24 20:58 - 2015-03-24 20:58 - 00043008 _____ () c:\users\laura\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpgele2g.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00047616 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:08 - 2015-03-04 23:08 - 00865280 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:07 - 2015-03-04 23:07 - 00200704 _____ () C:\Users\Laura\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-24 17:29 - 2015-03-14 11:12 - 01174856 _____ () C:\Users\Laura\AppData\Local\Google\Chrome\Application\41.0.2272.101\libglesv2.dll
2015-03-24 17:29 - 2015-03-14 11:12 - 00080200 _____ () C:\Users\Laura\AppData\Local\Google\Chrome\Application\41.0.2272.101\libegl.dll
2015-03-24 17:29 - 2015-03-14 11:12 - 09278792 _____ () C:\Users\Laura\AppData\Local\Google\Chrome\Application\41.0.2272.101\pdf.dll
2015-03-24 17:29 - 2015-03-14 11:12 - 14974280 _____ () C:\Users\Laura\AppData\Local\Google\Chrome\Application\41.0.2272.101\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C5A503E
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-771618654-3341757510-301361698-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Laura\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NkbMonitor.exe.lnk => C:\windows\pss\NkbMonitor.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SMART-Board-Werkzeuge.lnk => C:\windows\pss\SMART-Board-Werkzeuge.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk => C:\windows\pss\VPN Client.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe" start
MSCONFIG\startupreg: FreePDF Assistant => C:\Program Files\FreePDF_XP\fpassist.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISW => C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: PaperPort PTD => "C:\Program Files\Nuance\PaperPort\pptd40nt.exe"
MSCONFIG\startupreg: PDF5 Registry Controller => C:\Program Files\Nuance\PDF Viewer Plus\RegistryController.exe
MSCONFIG\startupreg: PDFHook => C:\Program Files\Nuance\PDF Viewer Plus\pdfpro5hook.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SMART Board Service => C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe
MSCONFIG\startupreg: SMART SNMP Agent => C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-771618654-3341757510-301361698-500 - Administrator - Disabled)
fbwuser (S-1-5-21-771618654-3341757510-301361698-1007 - Limited - Enabled) => C:\Users\fbwuser
Gast (S-1-5-21-771618654-3341757510-301361698-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-771618654-3341757510-301361698-1002 - Limited - Enabled)
Laura (S-1-5-21-771618654-3341757510-301361698-1001 - Administrator - Enabled) => C:\Users\Laura
UpdatusUser (S-1-5-21-771618654-3341757510-301361698-1009 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2015 09:15:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 21:15:37.555]: [00002132]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
Error: (03/24/2015 09:15:36 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 21:15:36.541]: [00002132]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 2
Error: (03/24/2015 09:00:36 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.
Error: (03/24/2015 08:56:56 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 0x80041002
Error: (03/24/2015 05:14:16 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 17:14:16.165]: [00003828]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
Error: (03/24/2015 05:14:15 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 17:14:15.151]: [00003828]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
Error: (03/24/2015 05:14:14 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 17:14:14.137]: [00003828]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
Error: (03/24/2015 05:14:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 17:14:13.123]: [00003828]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
Error: (03/24/2015 05:14:12 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 17:14:12.108]: [00003828]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
Error: (03/24/2015 04:02:35 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STI BrtSTI: [2015/03/24 16:02:34.982]: [00003828]: CUsbScnDev: DeviceIoControl() failed. ErrorCode = 5
System errors:
=============
Error: (03/24/2015 08:53:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Windows 7 Service Pack 1 (KB976932)
Error: (03/24/2015 08:53:22 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: NT-AUTORITÄT)
Description: Fehler bei der Service Pack-Installation. Fehlercode: 0x80041002.
Error: (03/24/2015 02:58:38 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (03/22/2015 09:11:31 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (03/22/2015 09:52:51 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (03/22/2015 09:42:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Oberon Media Game Console service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/22/2015 09:42:59 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Oberon Media Game Console service erreicht.
Error: (03/20/2015 04:14:23 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Windows 7 Service Pack 1 (KB976932)
Error: (03/20/2015 04:14:19 PM) (Source: Microsoft-Windows-Service Pack Installer) (EventID: 8) (User: NT-AUTORITÄT)
Description: Fehler bei der Service Pack-Installation. Fehlercode: 0x80041002.
Error: (03/20/2015 02:39:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Oberon Media Game Console service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (12/28/2014 00:13:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/17/2013 06:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 208 seconds with 120 seconds of active time. This session ended with a crash.
Error: (10/23/2013 09:04:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 13613 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/30/2013 06:12:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6187 seconds with 2100 seconds of active time. This session ended with a crash.
Error: (03/03/2013 07:21:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2157 seconds with 1800 seconds of active time. This session ended with a crash.
Error: (02/20/2013 03:37:03 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1872 seconds with 1680 seconds of active time. This session ended with a crash.
Error: (03/16/2011 10:27:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 985 seconds with 840 seconds of active time. This session ended with a crash.
Error: (09/28/2010 03:43:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2828 seconds with 900 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Percentage of memory in use: 50%
Total physical RAM: 3066.61 MB
Available physical RAM: 1507.25 MB
Total Pagefile: 6129.45 MB
Available Pagefile: 4230.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1887.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:181.11 GB) (Free:77.28 GB) NTFS
Drive d: () (Fixed) (Total:101.88 GB) (Free:90.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 031AA195)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=181.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=101.9 GB) - (Type=07 NTFS)
==================== End Of Log ============================
| Alle logs sind auch noch im Anhang.
Vielen herzlichen Dank schon jetzt ein Mal. 
LG, Laura
|
24.03.2015, 22:37
Baum-Darstellung