| Nailimixam | 25.01.2015 19:43 |
Hallo Schrauber,
Oh sorry, ich versuche es einmal:
Additional.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2015 01
Ran by Pia Bausch at 2015-01-25 16:11:00
Running from C:\Users\Pia Bausch\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Trend Micro Client/Server Security Agent (Enabled - Up to date) {5D349EF8-873B-C657-917F-F1D93E101A7C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Trend Micro Client/Server Security Agent Anti-Spyware (Enabled - Up to date) {E6557F1C-A101-C9D9-ABCF-CAAB459750C1}
FW: Trend Micro Personal Firewall (Disabled) {50C2E989-60CF-0845-AFD3-290B7D301E79}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AccelerometerP11 (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 2.00.10.33 - STMicroelectronics)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.287 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.17 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.13.2.0 - Ask.com) <==== ATTENTION
AuthenTec Fingerprint Software (Version: 8.4.4.20 - AuthenTec, Inc.) Hidden
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Blender (HKLM\...\Blender) (Version: 2.72b - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{64973F6A-8754-43D1-BDD0-FC6F0546347B}) (Version: 14.4.6.2 - Broadcom Corporation)
Butterfly Magic (HKLM-x32\...\Butterfly Magic) (Version: - )
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
Cisco Jabber Video for TelePresence (HKLM-x32\...\{8803DD42-66B1-401F-BAEE-A3C10F8E4BEC}) (Version: 4.6.3.17194 - Cisco Systems, Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{2B2B45B1-3CA0-4F8D-BBB3-AC77ED46A0FE}) (Version: 1.2.2 - Dell Inc.)
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.0.00001.001 - Dell Inc.)
Dell Data Protection | Access (Version: 02.01.01.002 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 1.00.011 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 1.00.005 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Mobile Broadband Manager (HKLM-x32\...\{23EEC842-57ED-4055-A056-9D4185DFB1AA}) (Version: 6.3.3.2 - Dell)
Dell System Manager (HKLM\...\{FDF509ED-9624-4FDE-9BAA-9566C186AB96}) (Version: 1.6.00000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.118 - ALPS ELECTRIC CO., LTD.)
Dell Wireless HSPA Mini-Card Drivers (HKLM-x32\...\{9D583F01-A973-4B04-90BD-FB7886779090}) (Version: 6.3.3.6 - Dell)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
EG21 Vokabelkartei interaktiv 2 (HKLM-x32\...\{D9C1E527-F7B8-4C32-8186-E59DDD38C475}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
EG21 Vokabelkartei interaktiv 3 (HKLM-x32\...\{D14B5875-A7FB-4169-BE5B-C9003A5C71AC}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
EG21 Vokabelkartei interaktiv 4 (HKLM-x32\...\{2235E685-11A5-4E37-ADD9-60A1214F7474}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Elevated Installer (x32 Version: 3.2.26.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.20140326 - Landesfinanzdirektion Thüringen)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.0.2 - SCS Software)
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Football Mania (HKLM-x32\...\InstallShield_{E8A68053-E9B5-4334-B402-6709CFA56405}) (Version: 0.00.0067 - LEGO Media)
Football Mania (x32 Version: 0.00.0067 - LEGO Media) Hidden
Foxtab (HKLM-x32\...\foxtab) (Version: - FoxTab) <==== ATTENTION!
Foxy Security (HKLM-x32\...\Foxy Security) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FromDocToPDF Toolbar (HKLM-x32\...\FromDocToPDF_65bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION
ftp-uploader (HKLM-x32\...\ftp-uploader) (Version: 3.3.0.0 - Firma Gregor Schommer Systemberatung, Raderthaler Str. 31, D-50968 Köln)
Garmin Express (HKLM-x32\...\{0db152f6-3b8d-4363-aedd-374ee54d33ba}) (Version: 3.2.26.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.26.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.26.0 - Garmin Ltd or its subsidiaries) Hidden
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Globy (HKLM-x32\...\Globy) (Version: - )
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{F7770F7F-0ABC-30CB-95BC-93761A05CAB6}) (Version: 5.38.4.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
HyperBalloidCE (HKLM-x32\...\HyperBalloidCE) (Version: - )
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{4C1CCA11-0D08-4D5E-8444-2D9FB48BCABF}) (Version: 14.00.20110 - Intel Corporation)
Internet Explorer Toolbar 4.8 by SweetPacks (x32 Version: 4.8.0000 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
ISScript (x32 Version: 3.00.185 - InstallShield Software Corp.) Hidden
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LEGO® Harry Potter™: Die Jahre 1-4 (HKLM-x32\...\{C5A8DF48-580B-44D3-B2B2-E965A9368F28}) (Version: 1.0.0.0 - WB Games)
LEGO® Harry Potter™: Die Jahre 5-7 (HKLM-x32\...\{5C5A944F-096E-4ADD-B8E8-887F18BA6228}) (Version: 1.0.0.0 - WB Games)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
LookThisUp (HKLM\...\LookThisUp) (Version: 1.0.2 - LookThisUp) <==== ATTENTION!
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{0E302EE8-EBF9-41DE-B5A0-EA79FB842258}) (Version: 4.3.2.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (Version: 4.3.2.0 - MAGIX Software GmbH) Hidden
MAGIX Music Maker 2015 Trial Soundpools (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Small Basic v1.0 (HKLM-x32\...\{7AAA27E4-CDB3-49C0-AA2D-41827C001BA3}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft - 1.7.4 Packages (HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Minecraft - 1.7.4 Packages) (Version: - ) <==== ATTENTION
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mysteryville 2 (HKLM-x32\...\{7730D510-6DE2-4CD4-8F58-0B04680AEFE6}) (Version: 1.00.0000 - Mysteryville 2)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NTRU TCG Software Stack (Version: 2.1.34 - Security Innovation) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{0CB3B7EE-52C7-4136-AF40-605567D90318}) (Version: 3.0.07.23 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.0.07.23 - O2Micro International LTD.) Hidden
O2Micro OZ776 SCR Driver (HKLM-x32\...\InstallShield_{732D0C79-C6E3-4EDE-8D11-67D58697E0DE}) (Version: 2.1.4.210GS - O2Micro)
O2Micro OZ776 SCR Driver (Version: 2.1.4.210GS - O2Micro) Hidden
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - ) <==== ATTENTION
PC Connectivity Solution (HKLM-x32\...\{AC599724-5755-48C1-ABE7-ABB857652930}) (Version: 8.15.0.0 - Nokia)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
Pearl Poppers (HKLM-x32\...\Pearl Poppers) (Version: - )
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plantronics Calisto Driver (64-bit) (Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics CSR Driver (64-bit) (Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics CsrDfu Installer (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics FwuApi Installer (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics HidDfu Installer (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Device Handlers (32-bit) (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub DFU Handlers (32-bit) (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Install Check (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Native Runtime (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Plugins (32-bit) (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Runtime (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Software (HKLM-x32\...\{b66cc4be-f731-4d1f-a411-e7622e33da36}) (Version: 3.2.50830.8480 - Plantronics, Inc.)
Plantronics Hub Startup (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub Update Service (x32 Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Hub WMP Plugin (64-bit) (Version: 3.2.50830.8480 - Plantronics, Inc.) Hidden
Plantronics Legacy Hub SDK (x32 Version: 3.0.0.0 - Plantronics, Inc.) Hidden
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.650.0 - SAMSUNG Electronics Co., Ltd.)
SamsungConnectivityCableDriver (HKLM-x32\...\{7E84FAC8-C518-40F9-9807-7455301D6D25}) (Version: 6.83.6.2.1 - Samsung)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
SweetIM Bundle by SweetPacks (HKLM-x32\...\SweetIM Bundle by SweetPacks) (Version: 1.0.0.0 - SweetPacks LTD) <==== ATTENTION
SweetIM for Messenger 3.7 (x32 Version: 3.7.0007 - SweetIM Technologies Ltd.) Hidden <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Great Mahjongg (HKLM-x32\...\The Great Mahjongg) (Version: - )
Trend Micro Client/Server Security Agent (HKLM-x32\...\{BED0B8A2-2986-49F8-90D6-FA008D37A3D2}) (Version: 3.5.1163 - Trend Micro)
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Vokabelkartei interaktiv À plus! 1 (HKLM-x32\...\{C7BD31A9-B17E-4125-8AE6-217C1FF8BE10}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Vokabelkartei interaktiv À plus! 2 (HKLM-x32\...\{08DBA737-EAD2-4DDA-A48B-E7A8AEC45BD8}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Vokabelkartei interaktiv À plus! 3 (HKLM-x32\...\{8535E112-4075-4D54-A2BD-7CDEFB4BA528}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Wave Support Software Installer (Version: 05.13.00.033 - Wave Systems Corp) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7900 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Cambridge Silicon Radio (CSRBC) USB (10/26/2012 2.4.0.0) (HKLM\...\20C7EDA3129B3FF8F72F9BF59252B718B554FBDC) (Version: 10/26/2012 2.4.0.0 - Cambridge Silicon Radio)
Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Nokia pccsmcfd (10/12/2007 6.85.4.0) (HKLM\...\BC15EA930074932BB2C4B4493C9FD4EA95087D1A) (Version: 10/12/2007 6.85.4.0 - Nokia)
Windows-Treiberpaket - Plantronics, Inc. (usbser.ntamd64) Ports (04/21/2009 5.1) (HKLM\...\07AFE62D73C8799E9E5689F86FB9F48389717BA3) (Version: 04/21/2009 5.1 - Plantronics, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Yahoo Community Smartbar (HKLM-x32\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\{d0178b17-ab1f-4552-9a89-f1d5eb97f1e0}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Pia Bausch\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Pia Bausch\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Pia Bausch\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Pia Bausch\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
17-12-2014 21:44:24 Windows Update
25-12-2014 17:48:55 Geplanter Prüfpunkt
25-12-2014 21:35:57 Garmin Express
25-12-2014 21:38:20 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
12-01-2015 18:31:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
15-01-2015 03:01:22 Windows Update
16-01-2015 22:06:12 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
21-01-2015 19:59:07 Windows Update
23-01-2015 21:00:35 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
24-01-2015 13:56:11 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
24-01-2015 17:48:18 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0F447EA0-815A-471A-8EBE-B00EDC586154} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2011-05-26] (Dell Inc.)
Task: {145CBF8D-289B-4571-9E63-DF117313D428} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1FA33044-F92F-44CD-ABC0-60CD158DDD6D} - System32\Tasks\{F69D63AE-77A1-4E87-89F8-BA34A8EFFA6C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {20938E96-8FA0-455E-826D-7B06D588F9C7} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {292B99BD-B157-4CE8-BE77-E2746133B039} - System32\Tasks\FoxTab => C:\Users\Pia Bausch\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {3D0A45A8-9121-4D7F-B498-8512CAF15CD7} - System32\Tasks\{23D63CCC-8A31-45FE-9871-C2CB92F9FA87} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {3F29A405-49FE-4C70-BB8E-3334F3AE2C06} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [2014-08-21] (PC Utilities Software Limited) <==== ATTENTION
Task: {4491BA4B-3700-410D-B70B-DEADD3354010} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-23] (Adobe Systems Incorporated)
Task: {4B8BBA16-40EA-47EB-8D70-7DB4EBDAE7BB} - System32\Tasks\{F85AB527-F322-4AA3-8A12-595B196B4855} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {589732E3-4C2A-4F4B-B405-57308869A7C6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-17] ()
Task: {5B97072D-21F8-4FFC-8461-BFF4959942EF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1140785117-3275974374-1152227498-1000Core => C:\Users\Pia Bausch\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23] (Google Inc.)
Task: {6428195F-DCAA-4B1F-9BEA-4D85B237560C} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1140785117-3275974374-1152227498-1000
Task: {66A8B7D7-25AB-47D7-923C-572872CE3DAE} - System32\Tasks\{5D5CE647-F1F4-424D-B7E8-F6B60BA8CF93} => pcalua.exe -a E:\epson320037eu.exe -d E:\
Task: {68B6DB6A-57CF-4FB8-9E00-4CA2F4065DB7} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {6960FEC7-EDF7-4D64-8D16-5E226729711B} - System32\Tasks\Chrome => C:\Users\Pia Bausch\AppData\Local\Temp\Rau\PackerV2.exe [2014-12-23] (Packer Framework) <==== ATTENTION
Task: {7329D3A0-8575-4932-B683-EA587E76E939} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1140785117-3275974374-1152227498-1000UA => C:\Users\Pia Bausch\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-23] (Google Inc.)
Task: {9716134A-0A47-42D2-A4D6-56C6123497E1} - System32\Tasks\{F67A8953-FFF4-4611-B141-16351B34BF2A} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {9EE86894-4701-46D5-9B3D-AF21336FD1DA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {A275E288-65AB-4BA3-B2D8-FF7A240BCEC2} - System32\Tasks\{D23EE878-E040-478A-95B6-564FE9780E96} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {B1699566-3282-44EB-9CF1-27AD70CADF20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-14] (Google Inc.)
Task: {B726C91E-27D1-4976-A4D2-5018676EC41F} - System32\Tasks\{38769602-CD8F-45A3-A4FC-69E572047EDB} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
Task: {C18812C1-8041-4B85-8915-C4AE3DE82369} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-01-14] (Google Inc.)
Task: {CA92F2D9-5E38-4539-A681-ED680073AB40} - System32\Tasks\{BD207A15-D183-424A-8D94-6C268B7AF145} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {D05FCC0D-3B64-42E4-9BF4-783B0D48A27B} - System32\Tasks\{945A0B59-A136-4330-8F16-9BD34CC1C03B} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {D2614531-99C7-4EAC-902A-20EEB0B4F2DE} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {D3137221-3C2C-4EF8-9566-9B40A39E3D78} - System32\Tasks\{D020A67D-C9E2-4C4B-831C-1021F2A61541} => pcalua.exe -a "C:\Users\Pia Bausch\Desktop\forge-1.8-11.14.0.1239-1.8-installer-win.exe" -d "C:\Users\Pia Bausch\Desktop"
Task: {D6B22C7A-71BC-48A0-BBD1-5ABC8C4E1ADA} - System32\Tasks\{BBC8E3A9-E5BD-4E26-9E84-9C713B815849} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/abandoninstall?page=tsProgressBar
Task: {E2BCDBE8-D430-46D5-AC16-51612DF6E6F1} - System32\Tasks\{FDB9472F-D644-4A6E-B7B5-730215D3D745} => C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
Task: {EE044CA2-4F78-46B4-AED8-2FCD8D756373} - System32\Tasks\{ADDDE2F1-12AB-4BBE-B6EF-4E785F1AF6A2} => pcalua.exe -a "C:\Users\Pia Bausch\Desktop\vbasic_web.exe" -d "C:\Users\Pia Bausch\Desktop"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\PIABAU~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140785117-3275974374-1152227498-1000Core.job => C:\Users\Pia Bausch\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140785117-3275974374-1152227498-1000UA.job => C:\Users\Pia Bausch\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-12-09 17:17 - 2014-12-09 17:17 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-1140785117-3275974374-1152227498-500 - Administrator - Disabled)
Gast (S-1-5-21-1140785117-3275974374-1152227498-501 - Limited - Disabled) => C:\Users\Gast
Pia Bausch (S-1-5-21-1140785117-3275974374-1152227498-1000 - Administrator - Enabled) => C:\Users\Pia Bausch
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/25/2015 03:41:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/25/2015 03:06:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (01/24/2015 05:50:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: compatibilitycheck.exe, Version: 0.0.0.0, Zeitstempel: 0x54bd82c9
Name des fehlerhaften Moduls: compatibilitycheck.exe, Version: 0.0.0.0, Zeitstempel: 0x54bd82c9
Ausnahmecode: 0x4000001f
Fehleroffset: 0x00231330
ID des fehlerhaften Prozesses: 0x1924
Startzeit der fehlerhaften Anwendung: 0xcompatibilitycheck.exe0
Pfad der fehlerhaften Anwendung: compatibilitycheck.exe1
Pfad des fehlerhaften Moduls: compatibilitycheck.exe2
Berichtskennung: compatibilitycheck.exe3
Error: (01/24/2015 05:39:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (01/24/2015 05:30:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 03:03:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ExpressTray.exe, Version: 3.2.26.0, Zeitstempel: 0x5491a15b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0xd04
Startzeit der fehlerhaften Anwendung: 0xExpressTray.exe0
Pfad der fehlerhaften Anwendung: ExpressTray.exe1
Pfad des fehlerhaften Moduls: ExpressTray.exe2
Berichtskennung: ExpressTray.exe3
Error: (01/24/2015 03:03:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ExpressTray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei MS.Win32.Penimc.UnsafeNativeMethods.CreateResetEvent(IntPtr ByRef)
bei System.Windows.Input.PenThreadWorker..ctor()
bei System.Windows.Input.PenThreadPool.GetPenThreadForPenContextHelper(System.Windows.Input.PenContext)
bei System.Windows.Input.StylusLogic.get_TabletDevices()
bei System.Windows.Input.StylusLogic.RegisterHwndForInput(System.Windows.Input.InputManager, System.Windows.PresentationSource)
bei System.Windows.Interop.HwndStylusInputProvider..ctor(System.Windows.Interop.HwndSource)
bei System.Windows.Interop.HwndSource.Initialize(System.Windows.Interop.HwndSourceParameters)
bei System.Windows.Interop.HwndSource..ctor(System.Windows.Interop.HwndSourceParameters)
bei System.Windows.Window.CreateSourceWindow(Boolean)
bei System.Windows.Window.ShowHelper(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei Garmin.Cartography.MapUpdate.TrayApplication.App.Main()
Error: (01/24/2015 02:56:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 01:55:36 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT-AUTORITÄT)
Description: Die Anwendung oder der Dienst "Compatibility Verify" konnte nicht heruntergefahren werden.
Error: (01/24/2015 01:51:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: compatibilitycheck.exe, Version: 0.0.0.0, Zeitstempel: 0x54bd82c9
Name des fehlerhaften Moduls: compatibilitycheck.exe, Version: 0.0.0.0, Zeitstempel: 0x54bd82c9
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0009587e
ID des fehlerhaften Prozesses: 0x1efc
Startzeit der fehlerhaften Anwendung: 0xcompatibilitycheck.exe0
Pfad der fehlerhaften Anwendung: compatibilitycheck.exe1
Pfad des fehlerhaften Moduls: compatibilitycheck.exe2
Berichtskennung: compatibilitycheck.exe3
System errors:
=============
Error: (01/25/2015 04:11:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:11:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:11:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:08:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:08:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:08:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:08:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:08:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:08:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (01/25/2015 04:04:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (01/25/2015 03:41:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/25/2015 03:06:10 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 90080108
Error: (01/24/2015 05:50:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: compatibilitycheck.exe0.0.0.054bd82c9compatibilitycheck.exe0.0.0.054bd82c94000001f00231330192401d037f5b0607098C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exeC:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exe1c38a048-a3e9-11e4-b685-028037ec0200
Error: (01/24/2015 05:39:25 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (01/24/2015 05:30:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 03:03:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ExpressTray.exe3.2.26.05491a15bKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940dd0401d037dda6b5be20C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exeC:\Windows\system32\KERNELBASE.dllbf3836c3-a3d1-11e4-974a-028037ec0200
Error: (01/24/2015 03:03:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: ExpressTray.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.TypeInitializationException
Stapel:
bei MS.Win32.Penimc.UnsafeNativeMethods.CreateResetEvent(IntPtr ByRef)
bei System.Windows.Input.PenThreadWorker..ctor()
bei System.Windows.Input.PenThreadPool.GetPenThreadForPenContextHelper(System.Windows.Input.PenContext)
bei System.Windows.Input.StylusLogic.get_TabletDevices()
bei System.Windows.Input.StylusLogic.RegisterHwndForInput(System.Windows.Input.InputManager, System.Windows.PresentationSource)
bei System.Windows.Interop.HwndStylusInputProvider..ctor(System.Windows.Interop.HwndSource)
bei System.Windows.Interop.HwndSource.Initialize(System.Windows.Interop.HwndSourceParameters)
bei System.Windows.Interop.HwndSource..ctor(System.Windows.Interop.HwndSourceParameters)
bei System.Windows.Window.CreateSourceWindow(Boolean)
bei System.Windows.Window.ShowHelper(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei Garmin.Cartography.MapUpdate.TrayApplication.App.Main()
Error: (01/24/2015 02:56:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/24/2015 01:55:36 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: NT-AUTORITÄT)
Description: 1C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exeCompatibility Verify0302621615056143003A005C00550073006500720073005C00440065006600610075006C0074005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C0043006F006D007000610074006900620069006C006900740079002000560065007200690066006900650072005C0063006F006D007000610074006900620069006C0069007400790063006800650063006B007300760063002E006500780065000000
Error: (01/24/2015 01:51:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: compatibilitycheck.exe0.0.0.054bd82c9compatibilitycheck.exe0.0.0.054bd82c9c00000050009587e1efc01d037d3fb409ef4C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exeC:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitycheck.exeaf0f8c4a-a3c7-11e4-a546-028037ec0200
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
Percentage of memory in use: 26%
Total physical RAM: 3992.93 MB
Available physical RAM: 2931.22 MB
Total Pagefile: 7984.05 MB
Available Pagefile: 6993.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:219.69 GB) (Free:64.5 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 6EFD8936)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=219.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Defogger: Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:05 on 25/01/2015 (Pia Bausch)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
und nun FRST:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-01-2015 01
Ran by Pia Bausch (administrator) on PIABAUSCH on 25-01-2015 16:09:16
Running from C:\Users\Pia Bausch\Desktop
Loaded Profiles: Pia Bausch (Available profiles: Pia Bausch & Gast)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-04-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1934608 2010-12-23] (Intel(R) Corporation)
HKLM\...\Run: [DBRMTray] => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe [227328 2011-03-08] (Dell Computer Corporation)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe [686704 2011-07-25] ()
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [OfficeScanNT Monitor] => c:\Program Files (x86)\Trend Micro\Client Server Security Agent\pccntmon.exe [2112536 2013-03-19] (Trend Micro Inc.)
HKLM-x32\...\Run: [OE] => c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TMAS_OE\TMAS_OEMon.exe [846672 2010-08-10] (Trend Micro Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [FromDocToPDF Search Scope Monitor] => C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrchMn.exe [42536 2013-03-02] (MindSpark)
HKLM-x32\...\Run: [FromDocToPDF_65 Browser Plugin Loader] => C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65brmon.exe [30096 2013-03-02] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [SweetIM] => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-10-04] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [PLTSpokes.exe] => C:\Program Files (x86)\Plantronics\Spokes3G\PLTSpokes.exe [6579600 2014-10-23] (Plantronics, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [Google Update] => C:\Users\Pia Bausch\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-23] (Google Inc.)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [146888 2014-08-21] (PC Utilities Software Limited)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\Pia Bausch\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [LookThisUp] => "C:\Users\Pia Bausch\AppData\Roaming\LookThisUp\LookThisUp.exe"
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-17] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\MountPoints2: {abd3b293-537a-11e3-8e53-3859f9d61b58} - G:\LaunchU3.exe -a
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Pia Bausch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66jyhMonN5_WMm_RxI4vr-DbljOiysZ1l680Nl6VXESZFGpYNps2gqqOJCVb6z20rAEEF_SeM69XlnMvryDfj27gSU1eDM6ftCtEug,,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKT0XF_bCb5E9DjBOgAIfA,,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKT0XF_bCb5E9DjBOgAIfA,,&q={searchTerms}
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKTxy7fU52M7wPzRbMg0Dg,,&q={searchTerms}
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66jyhMonN5_WMm_RxI4vr-DbljOiysZ1l680Nl6VXESZFGpYNps2gqqOJCVb6z20rAEEF_SeM69XlnMvryDaC3vj7nbGW_JnJQ3jYw,,
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/?ocid=ie9hp
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://g.uk.msn.com/USREL/8
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://g.uk.msn.com/USREL/8
HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKTxy7fU52M7wPzRbMg0Dg,,&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1415030717&from=pjr&uid=ST9250315AS_6VCW0GMSXXXX6VCW0GMS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1415030717&from=pjr&uid=ST9250315AS_6VCW0GMSXXXX6VCW0GMS&q={searchTerms}
SearchScopes: HKLM -> {935B0526-B2BB-4248-A009-C85668DE6358} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKT0XF_bCb5E9DjBOgAIfA,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1415030717&from=pjr&uid=ST9250315AS_6VCW0GMSXXXX6VCW0GMS&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKT0XF_bCb5E9DjBOgAIfA,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKT0XF_bCb5E9DjBOgAIfA,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {935B0526-B2BB-4248-A009-C85668DE6358} URL =
SearchScopes: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1415030717&from=pjr&uid=ST9250315AS_6VCW0GMSXXXX6VCW0GMS&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StPOamTTqzur3wb8K-Ou-Ve_tolwkCoFEtV9h8HxjMrI-tVCBBJAVXjH2c_ez7MAbFNRMw7vfozUDFYZDokGR3x5WmFGLtUGdHomRE66j-k0nkzoGe31QXRZZ7hCnw7D-ULd5F0mnBXXgRp1mpvGnEjSXU77vHfRGVrJmK_R_7fhYodK-WzwLNRKTxy7fU52M7wPzRbMg0Dg,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1140785117-3275974374-1152227498-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1415030717&from=pjr&uid=ST9250315AS_6VCW0GMSXXXX6VCW0GMS&q={searchTerms}
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1056\TmIEPlg.dll (Trend Micro Inc.)
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1056\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Toolbar BHO -> {a235e1e3-6296-4710-af39-104a7faa6c7c} -> C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SupraSavings -> {ca3eae2b-3b20-2e6f-a849-c126d93b6ad3} -> C:\Program Files\E52BA74C-5F88-4F08-A1B8-3FC89D881FD1\xkymsyyrfh.dll ()
BHO-x32: VirtualDJ Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper -> {EEE6C35C-6118-11DC-9C72-001320C79847} -> C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: Search Assistant BHO -> {f236ca79-3123-4afb-9f74-e98117ad5625} -> C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65SrcAs.dll (MindSpark)
BHO-x32: No Name -> {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} -> C:\Users\Pia Bausch\AppData\LocalLow\systems ie bho\bho.dll ()
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - VirtualDJ Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - FromDocToPDF - {c66a678d-5e6c-4af9-8f57-c6192f42cf74} - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\65bar.dll (MindSpark)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {C66A678D-5E6C-4AF9-8F57-C6192F42CF74} - No File
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1056\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1056\TmIEPlg32.dll (Trend Micro Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default
FF NewTab: chrome://quick_start/content/index.html
FF SelectedSearchEngine: webssearches
FF Homepage: https://www.google.de/
FF Keyword.URL: hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=8E2B2572-183B-4907-87CE-E0BF9CC78E8E&n=77fc6747&ind=2013030215&p2=^Y6^xdm043^YY^de&si=swissconverter&searchfor=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_287.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll ()
FF Plugin-x32: @FromDocToPDF_65.com/Plugin -> C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin\NP65Stub.dll (MindSpark)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1140785117-3275974374-1152227498-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Pia Bausch\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-1140785117-3275974374-1152227498-1000: @talk.google.com/O1DPlugin -> C:\Users\Pia Bausch\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-1140785117-3275974374-1152227498-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Pia Bausch\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1140785117-3275974374-1152227498-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Pia Bausch\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1140785117-3275974374-1152227498-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Pia Bausch\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\Pia Bausch\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Pia Bausch\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: jid1xKH0EoS44u1a2wjetpack - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\jid1-xKH0EoS44u1a2w@jetpack [2014-11-07]
FF Extension: Foxy Security - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\sys@foxysecurity.com [2014-05-30]
FF Extension: Yahoo! Toolbar - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-10-28]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-11-16]
FF Extension: Foxtab Speed Dial - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2014-03-25]
FF Extension: NoScript - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-16]
FF Extension: Adblock Plus - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-16]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension
FF Extension: Trend Micro NSC Firefox Extension - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension [2012-10-07]
FF HKLM-x32\...\Firefox\Extensions: [65ffxtbr@FromDocToPDF_65.com] - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin
FF Extension: FromDocToPDF - C:\Program Files (x86)\FromDocToPDF_65\bar\1.bin [2013-03-02]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Pia Bausch\AppData\Roaming\Mozilla\Firefox\Profiles\455x0jfg.default\extensions\faststartff@gmail.com
FF HKU\S-1-5-21-1140785117-3275974374-1152227498-1000\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-29] (Broadcom Corporation) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
S2 bupService; C:\Users\Pia Bausch\AppData\Roaming\BupSystem\bup.exe [642048 2014-04-14] (BUP) [File not signed]
S2 CouponarificService64; C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe [186368 2014-11-19] () [File not signed]
S2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-17] (Garmin Ltd or its subsidiaries)
S2 jzmoeejfme64; C:\Program Files\003\jzmoeejfme64.exe [706560 2014-11-03] () [File not signed]
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S2 ntrtscan; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\ntrtscan.exe [1824800 2013-03-18] (Trend Micro Inc.)
S2 O2SDIOAssist; c:\Windows\SysWOW64\srvany.exe [8192 2003-04-19] () [File not signed]
S2 PlantronicsUpdateService; C:\Program Files (x86)\Plantronics\Spokes3G\SpokesUpdateService.exe [1183120 2014-10-23] (Plantronics, Inc.)
S2 RGMUpdater; C:\Users\Pia Bausch\AppData\Local\RGMService\RGMUpdater.exe [28160 2014-10-27] () [File not signed]
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [430592 2008-04-07] (Nokia.) [File not signed]
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2015-01-20] (Enigma Software Group USA, LLC.)
S2 SupraSavingsService64; C:\Program Files (x86)\E52BA74C-5F88-4F08-A1B8-3FC89D881FD1\hmhfslexky64.exe [172544 2014-07-17] () [File not signed]
S2 svcGenericHost; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\HostedAgent\svcGenericHost.exe [50208 2013-01-11] (Trend Micro Inc.)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1629696 2010-07-13] () [File not signed]
S3 TMBMServer; c:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [571928 2013-03-13] (Trend Micro Inc.)
S2 tmlisten; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\tmlisten.exe [2060904 2013-03-18] (Trend Micro Inc.)
S3 TmProxy; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmProxy.exe [918064 2012-08-08] (Trend Micro Inc.)
S2 Verifies and fixes application compatibility issues; C:\Users\Default\AppData\Roaming\Compatibility Verifier\compatibilitychecksvc.exe [91304 2015-01-12] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WMCoreService; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [586280 2011-02-23] (Ericsson AB)
S2 ZcfgSvc7; C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe [992256 2010-12-23] (Intel(R) Corporation) [File not signed]
S3 SecureStorageService; "C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 d554gps; C:\Windows\System32\DRIVERS\d554gps64.sys [101416 2010-12-02] (Ericsson AB)
R3 d554scard; C:\Windows\System32\DRIVERS\d554scard.sys [61992 2010-11-19] (Ericsson AB)
R3 ecnssndis; C:\Windows\System32\Drivers\wwuss64.sys [26664 2010-02-24] (Ericsson AB)
R3 ecnssndisfltr; C:\Windows\System32\Drivers\wwussf64.sys [30248 2010-02-24] (Ericsson AB)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-01-20] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-01-20] ()
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net)
R3 Mbm3CBus; C:\Windows\System32\DRIVERS\Mbm3CBus.sys [411208 2010-11-01] (MCCI Corporation)
S3 Mbm3DevMt; C:\Windows\System32\DRIVERS\Mbm3DevMt.sys [419912 2010-11-01] (MCCI Corporation)
S3 Mbm3mdfl; C:\Windows\System32\DRIVERS\Mbm3mdfl.sys [19528 2010-11-01] (MCCI Corporation)
S3 Mbm3Mdm; C:\Windows\System32\DRIVERS\Mbm3Mdm.sys [472648 2010-11-01] (MCCI Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [41168 2014-11-19] (NetFilterSDK.com)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [82840 2012-10-30] (Trend Micro Inc.)
S1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [174016 2012-11-13] (Trend Micro Inc.)
S3 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [65872 2012-10-30] (Trend Micro Inc.)
S2 TmFilter; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmXPFlt.sys [344376 2012-07-17] (Trend Micro Inc.)
S2 TmPreFilter; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\TmPreFlt.sys [42808 2012-07-17] (Trend Micro Inc.)
S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [109080 2013-01-09] (Trend Micro Inc.)
S2 VSApiNt; c:\Program Files (x86)\Trend Micro\Client Server Security Agent\VSApiNt.sys [2224952 2012-07-17] (Trend Micro Inc.)
R3 WwanUsbServ; C:\Windows\System32\DRIVERS\WwanUsbMp64.sys [276520 2011-02-08] (Ericsson AB)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-25 16:09 - 2015-01-25 16:09 - 00031512 _____ () C:\Users\Pia Bausch\Desktop\FRST.txt
2015-01-25 16:09 - 2015-01-25 16:09 - 00000000 ____D () C:\FRST
2015-01-25 16:07 - 2015-01-25 16:08 - 02129920 _____ (Farbar) C:\Users\Pia Bausch\Desktop\FRST64.exe
2015-01-25 16:05 - 2015-01-25 16:05 - 00000482 _____ () C:\Users\Pia Bausch\Desktop\defogger_disable.log
2015-01-25 16:05 - 2015-01-25 16:05 - 00000000 _____ () C:\Users\Pia Bausch\defogger_reenable
2015-01-25 16:04 - 2015-01-25 16:04 - 00050477 _____ () C:\Users\Pia Bausch\Desktop\Defogger.exe
2015-01-24 14:05 - 2015-01-24 14:05 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Roaming\Google
2015-01-24 13:43 - 2015-01-24 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-24 13:43 - 2015-01-24 13:43 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-23 21:47 - 2015-01-23 21:47 - 03353776 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-01-20 22:17 - 2015-01-20 22:17 - 00000000 _____ () C:\autoexec.bat
2015-01-20 20:21 - 2015-01-20 20:21 - 00000000 __SHD () C:\Users\Pia Bausch\AppData\Local\EmieBrowserModeList
2015-01-20 19:53 - 2015-01-20 19:53 - 00000000 ____D () C:\sh4ldr
2015-01-20 19:52 - 2015-01-20 19:52 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2015-01-20 19:52 - 2015-01-20 19:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-20 19:33 - 2015-01-20 19:53 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Roaming\Enigma Software Group
2015-01-16 22:10 - 2015-01-24 14:50 - 00000112 _____ () C:\ProgramData\42G8625p.dat
2015-01-14 16:19 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 16:19 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 16:19 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 16:19 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 16:19 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 16:19 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 16:19 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 16:19 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 16:19 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 16:19 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 16:19 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 16:19 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 16:19 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Adobe
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-12 18:35 - 2015-01-12 18:35 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Adobe
2015-01-12 18:31 - 2015-01-24 17:49 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Compatibility Verifier
2015-01-12 18:31 - 2015-01-24 17:49 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Compatibility Verifier
2015-01-12 17:44 - 2015-01-12 17:44 - 06388344 _____ (Tim Kosse) C:\Users\Pia Bausch\Downloads\FileZilla_3.10.0_win32-setup.exe
2014-12-30 18:49 - 2014-12-30 18:49 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-12-30 18:49 - 2014-12-30 18:49 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-30 18:49 - 2014-12-30 18:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-25 16:05 - 2011-11-03 09:02 - 00000000 ____D () C:\Users\Pia Bausch
2015-01-25 15:44 - 2010-11-21 07:50 - 00902590 _____ () C:\Windows\system32\perfh007.dat
2015-01-25 15:44 - 2010-11-21 07:50 - 00215014 _____ () C:\Windows\system32\perfc007.dat
2015-01-25 15:44 - 2009-07-14 06:13 - 02165128 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-25 15:40 - 2014-12-05 15:37 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Local\LogMeIn Hamachi
2015-01-25 15:35 - 2011-08-25 09:10 - 01258866 _____ () C:\Windows\WindowsUpdate.log
2015-01-25 15:35 - 2009-07-14 05:51 - 00168720 _____ () C:\Windows\setupact.log
2015-01-25 15:22 - 2012-01-14 17:39 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-25 15:21 - 2012-12-06 18:14 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140785117-3275974374-1152227498-1000UA.job
2015-01-25 14:54 - 2014-01-29 14:54 - 00000304 _____ () C:\Windows\Tasks\FoxTab.job
2015-01-25 14:47 - 2012-07-22 11:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-25 14:41 - 2012-12-06 18:14 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1140785117-3275974374-1152227498-1000Core.job
2015-01-25 14:41 - 2012-01-14 17:39 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 17:40 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-24 17:40 - 2009-07-14 05:45 - 00031088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-24 17:33 - 2014-12-23 22:25 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Local\RGMService
2015-01-24 17:32 - 2014-05-19 16:38 - 00000000 ___RD () C:\Users\Pia Bausch\Google Drive
2015-01-24 17:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-24 14:59 - 2011-08-25 16:57 - 00000000 ____D () C:\ProgramData\Sonic
2015-01-24 14:05 - 2012-01-14 17:39 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Local\Google
2015-01-23 22:27 - 2014-11-25 19:18 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Roaming\.minecraft
2015-01-23 21:47 - 2012-07-22 11:23 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-23 21:47 - 2012-07-22 11:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-23 21:47 - 2011-08-25 16:17 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-23 17:24 - 2013-12-14 17:00 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Roaming\Skype
2015-01-23 14:40 - 2014-12-02 16:39 - 00000000 ____D () C:\Program Files\Couponarific
2015-01-22 18:26 - 2014-10-01 20:04 - 00000000 ____D () C:\Users\Pia Bausch\Desktop\Instagram
2015-01-22 17:49 - 2014-09-23 15:57 - 00003266 _____ () C:\Windows\System32\Tasks\Optimizer Pro Schedule
2015-01-21 20:06 - 2011-02-11 18:45 - 02139408 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-01-20 21:26 - 2010-11-21 04:47 - 00266146 _____ () C:\Windows\PFRO.log
2015-01-20 18:21 - 2011-11-03 09:03 - 00000000 ____D () C:\Windows\System32\Tasks\Dell
2015-01-17 00:40 - 2013-03-16 11:30 - 00007601 _____ () C:\Users\Pia Bausch\AppData\Local\resmon.resmoncfg
2015-01-15 03:15 - 2013-08-13 17:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 03:02 - 2012-08-09 16:27 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-14 11:32 - 2013-08-29 12:53 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-01-12 17:59 - 2014-07-21 16:15 - 00000000 ____D () C:\Users\Pia Bausch\AppData\Roaming\FileZilla
2015-01-02 22:50 - 2012-03-14 18:52 - 00004805 _____ () C:\Windows\TMFilter.log
2014-12-30 18:49 - 2013-12-14 17:00 - 00000000 ____D () C:\ProgramData\Skype
==================== Files in the root of some directories =======
2013-02-26 07:28 - 2013-02-26 07:28 - 0027762 _____ () C:\Program Files\changes.txt
2013-02-26 07:34 - 2013-02-26 07:34 - 2547384 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 07:34 - 2013-02-26 07:34 - 0234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-02-26 07:34 - 2013-02-26 07:34 - 0068792 _____ (Beepa P/L) C:\Program Files\fraps64.dat
2013-02-26 07:34 - 2013-02-26 07:34 - 0186552 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2013-02-26 07:30 - 2013-02-26 07:30 - 0140288 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2014-11-27 16:04 - 2014-11-27 16:04 - 0000180 _____ () C:\Program Files\FRAPSLOG.TXT
2013-02-26 07:27 - 2013-02-26 07:27 - 0001894 _____ () C:\Program Files\README.HTM
2014-11-27 16:01 - 2014-11-27 16:01 - 0040446 _____ (Beepa Pty Ltd) C:\Program Files\uninstall.exe
2014-11-03 17:06 - 2014-11-03 17:06 - 1545136 _____ (HDTubeV03.11) C:\Users\Pia Bausch\AppData\Roaming\BCQYCY.exe
2014-04-13 12:30 - 2014-04-13 15:41 - 0000108 _____ () C:\Users\Pia Bausch\AppData\Roaming\Camdata.ini
2014-04-13 12:30 - 2014-04-13 15:41 - 0000408 _____ () C:\Users\Pia Bausch\AppData\Roaming\CamLayout.ini
2014-04-13 12:30 - 2014-04-13 15:41 - 0000408 _____ () C:\Users\Pia Bausch\AppData\Roaming\CamShapes.ini
2014-04-13 12:30 - 2014-04-13 12:33 - 0004535 _____ () C:\Users\Pia Bausch\AppData\Roaming\CamStudio.cfg
2014-11-03 17:06 - 2014-11-03 17:06 - 2042288 _____ (HDTubeV03.11) C:\Users\Pia Bausch\AppData\Roaming\CJJORAH.exe
2014-04-13 12:29 - 2014-04-13 12:30 - 0000096 _____ () C:\Users\Pia Bausch\AppData\Roaming\version2.xml
2014-01-29 14:54 - 2014-11-17 16:53 - 0000181 _____ () C:\Users\Pia Bausch\AppData\Roaming\WB.CFG
2014-11-29 19:28 - 2014-11-29 19:28 - 0002085 _____ () C:\Users\Pia Bausch\AppData\Local\recently-used.xbel
2013-03-16 11:30 - 2015-01-17 00:40 - 0007601 _____ () C:\Users\Pia Bausch\AppData\Local\resmon.resmoncfg
2015-01-16 22:10 - 2015-01-24 14:50 - 0000112 _____ () C:\ProgramData\42G8625p.dat
Files to move or delete:
====================
C:\ProgramData\42G8625p.dat
Some content of TEMP:
====================
C:\Users\Pia Bausch\AppData\Local\Temp\0birg04y.dll
C:\Users\Pia Bausch\AppData\Local\Temp\1lgq0ftb.dll
C:\Users\Pia Bausch\AppData\Local\Temp\2y-qbeib.dll
C:\Users\Pia Bausch\AppData\Local\Temp\4l0-fnac.dll
C:\Users\Pia Bausch\AppData\Local\Temp\7gaj2fq3.dll
C:\Users\Pia Bausch\AppData\Local\Temp\7z920.exe
C:\Users\Pia Bausch\AppData\Local\Temp\9uos6bli.dll
C:\Users\Pia Bausch\AppData\Local\Temp\APNStub.exe
C:\Users\Pia Bausch\AppData\Local\Temp\avhhixrd.dll
C:\Users\Pia Bausch\AppData\Local\Temp\BackupSetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\cixovzf6.dll
C:\Users\Pia Bausch\AppData\Local\Temp\cpdd890w.dll
C:\Users\Pia Bausch\AppData\Local\Temp\DeltaTB.exe
C:\Users\Pia Bausch\AppData\Local\Temp\dp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\e6ow2f5j.dll
C:\Users\Pia Bausch\AppData\Local\Temp\edde_wvx.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ewddex_5.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ffymztt5.dll
C:\Users\Pia Bausch\AppData\Local\Temp\fj3whpxl.dll
C:\Users\Pia Bausch\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\FoxySecuritySetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\f_ehlkuw.dll
C:\Users\Pia Bausch\AppData\Local\Temp\g5w6v-4d.dll
C:\Users\Pia Bausch\AppData\Local\Temp\GdiPlus.dll
C:\Users\Pia Bausch\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Pia Bausch\AppData\Local\Temp\glgtk_sx.dll
C:\Users\Pia Bausch\AppData\Local\Temp\GoogleToolbarInstaller_en32_signed.exe
C:\Users\Pia Bausch\AppData\Local\Temp\hxbxahck.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ia-7msjs.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ICReinstall_FileZilla_3.8.1_win32-setup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\ICReinstall_MineCraftSetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\ICReinstall_winzip19-mediafire.exe
C:\Users\Pia Bausch\AppData\Local\Temp\InstallerMessageBox.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Pia Bausch\AppData\Local\Temp\jpun-md-.dll
C:\Users\Pia Bausch\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Pia Bausch\AppData\Local\Temp\Kraus.exe
C:\Users\Pia Bausch\AppData\Local\Temp\LyricsPal.exe
C:\Users\Pia Bausch\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ms.exe
C:\Users\Pia Bausch\AppData\Local\Temp\npp.6.6.7.Installer.exe
C:\Users\Pia Bausch\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\Pia Bausch\AppData\Local\Temp\NPSInstallerProxy.exe
C:\Users\Pia Bausch\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
C:\Users\Pia Bausch\AppData\Local\Temp\nsi80A6.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\nweveefb.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ofjq_kjs.dll
C:\Users\Pia Bausch\AppData\Local\Temp\optprosetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\ppbg9ya-.dll
C:\Users\Pia Bausch\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Pia Bausch\AppData\Local\Temp\qdwzo0vl.dll
C:\Users\Pia Bausch\AppData\Local\Temp\qge-11ux.dll
C:\Users\Pia Bausch\AppData\Local\Temp\ql9tops3.dll
C:\Users\Pia Bausch\AppData\Local\Temp\rcallup8.dll
C:\Users\Pia Bausch\AppData\Local\Temp\s-iv8lqz.dll
C:\Users\Pia Bausch\AppData\Local\Temp\setup_297.exe
C:\Users\Pia Bausch\AppData\Local\Temp\setup_383.exe
C:\Users\Pia Bausch\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\sm1kchwo.dll
C:\Users\Pia Bausch\AppData\Local\Temp\SmallBasicLibrary.dll
C:\Users\Pia Bausch\AppData\Local\Temp\somoto_BD Renaissance_1.0.exe
C:\Users\Pia Bausch\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Pia Bausch\AppData\Local\Temp\Sqlite3.dll
C:\Users\Pia Bausch\AppData\Local\Temp\tmp145E.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp1560.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp1A7B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp1C41.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp1ECC.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp1F35.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp2442.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp24A9.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp28C0.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp2AAE.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp2FFE.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp32BC.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp32F4.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp347F.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp36DD.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp375E.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp3848.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp3A3B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp3C12.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp3F80.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4363.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp43C6.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp440A.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4472.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp44A1.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp49B4.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4A39.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4A4C.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4CD9.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4D3C.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4EB0.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp4F17.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp521C.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp552B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp588E.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp5A03.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp5C15.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp5C63.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp616B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp622C.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6387.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp66F6.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6754.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp685B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp68CC.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6996.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6C7D.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6D70.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6E70.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp6F9F.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp714E.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp715.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp7486.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp7582.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp79FC.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp7E8A.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp81A5.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp83AD.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp85E4.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp8A38.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp8B8D.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp8EDF.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp9423.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp95C4.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp97B2.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmp9AED.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpA04A.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpA060.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpA1D2.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpA30B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpA4C.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpA5BC.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpAFAC.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpB829.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpB832.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpBED4.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpBF30.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpC95.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpCB02.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpCDB4.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpCE5B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpCFD.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpD296.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpD4F8.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpD545.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpD79B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpD8EA.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpD9E9.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpDD4C.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpE16A.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpE2D0.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpE600.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpE668.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpE728.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpEACE.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpED7B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpF524.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpF998.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpFB96.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpFC2E.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpFEA3.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpFF2B.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\tmpFF4D.tmp.exe
C:\Users\Pia Bausch\AppData\Local\Temp\umhkqfzw.dll
C:\Users\Pia Bausch\AppData\Local\Temp\umxujks7.dll
C:\Users\Pia Bausch\AppData\Local\Temp\uninstaller.exe
C:\Users\Pia Bausch\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\vhh6wd8-.dll
C:\Users\Pia Bausch\AppData\Local\Temp\vtcuksu9.dll
C:\Users\Pia Bausch\AppData\Local\Temp\vvqyybou.dll
C:\Users\Pia Bausch\AppData\Local\Temp\WSSetup.exe
C:\Users\Pia Bausch\AppData\Local\Temp\xfl7ux5v.dll
C:\Users\Pia Bausch\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Pia Bausch\AppData\Local\Temp\zafwSetupWeb_120_121_000-4-.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-15 03:51
==================== End Of Log ============================
--- --- ---
Mehr habe ich wie bereits geschrieben leider nicht.
Ist es OK so??
Danke erst einmal
LG Nailimixam |
So funktioniert es:
Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
dann auf 
und dann auf 
. 
