FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014 01
Ran by Andreas (administrator) on ANDREAS-HP on 14-08-2014 12:53:51
Running from C:\Users\Andreas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Español (España, internacional)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NCP engineering GmbH) C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpclcfg.exe
(NCP Engineering GmbH) C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncprwsnt.exe
() C:\Program Files (x86)\LANCOM\Advanced VPN Client\NCPSEC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NCP engineering GmbH) C:\Program Files (x86)\LANCOM\Advanced VPN Client\NcpBudgetGui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\scalc.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2010-12-17] (IDT, Inc.)
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [42808 2011-06-27] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-07-01] (Hewlett-Packard Company)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [103992 2011-09-13] (Hewlett-Packard Development Company L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [UIExec] => C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe [156448 2012-05-04] ()
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-06] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [NcpBudgetGui] => C:\Program Files (x86)\LANCOM\Advanced VPN Client\NcpBudgetGui.exe [999424 2013-11-13] (NCP engineering GmbH)
HKLM-x32\...\Run: [NcpPopup] => C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncppopup.exe [1011280 2012-03-20] (NCP engineering GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-07-23] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2334838483-4133862729-1016828376-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21653096 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2334838483-4133862729-1016828376-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Supervisar alertas de tinta - HP Officejet 4620 series.lnk
ShortcutTarget: Supervisar alertas de tinta - HP Officejet 4620 series.lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {39201A40-FC19-4B3A-9C4F-667BB6A02AB1} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {52db1893-8a90-4192-aede-08e00b8f8473} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=105&systemid=473&v=a11465-148&apn_uid=2331992103804423&apn_dtid=BND101&o=APN10640&apn_ptnrs=AG1&q={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - 371749EC7A94488FB1ECF9797D04316C URL = hxxp://start.funmoods.com/results.php?f=4&a=promose&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1185-111090-7840-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: No Name -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> No File
BHO-x32: No Name -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} -> No File
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: No Name -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Aplicación auxiliar de inicio de sesión de Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {2DAB6EF1-66C3-427C-87CD-8DC448C47EAE} https://www5.aeat.es/es13/h/tgvicab.cab
DPF: HKLM-x32 {947B00D2-962D-4A35-9E48-98EE6A442B41} https://www1.agenciatributaria.gob.es/ADUA/internet/aded1503.cab
DPF: HKLM-x32 {B785FA3C-1DE9-4D20-8396-613C486FE95E} https://www1.agenciatributaria.gob.es/es13/h/cactivex.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @UtilityChest_49.com/Plugin -> C:\Program Files (x86)\UtilityChest_49\bar\1.bin\NP49Stub.dll No File
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Andreas\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: United States English Spellchecker - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-25]
FF Extension: HP Detect - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2} [2012-06-04]
FF Extension: Cliqz Beta - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\st2jilhu.default\Extensions\cliqz@cliqz.com.xpi [2014-08-12]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-06-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-11]
CHR Extension: (Google Drive) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-11]
CHR Extension: (YouTube) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-11]
CHR Extension: (Google Search) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-11]
CHR Extension: (Skype Click to Call) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-02-25]
CHR Extension: (Google Wallet) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-11]
CHR Extension: (Gmail) - C:\Users\Andreas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-11]
CHR HKLM-x32\...\Chrome\Extension: [dljhohhmfjfhgfhpgkfefjoojfobodhn] - C:\Program Files (x86)\Whilokii\dljhohhmfjfhgfhpgkfefjoojfobodhn.crx [2014-02-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-07-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-06] (AVAST Software)
R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2413056 2014-03-19] (Realsil Microelectronics Inc.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 ncpclcfg; C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpclcfg.exe [150800 2013-10-28] (NCP engineering GmbH)
R2 ncprwsnt; C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncprwsnt.exe [1721096 2014-02-28] (NCP Engineering GmbH)
R2 NcpSec; C:\Program Files (x86)\LANCOM\Advanced VPN Client\NCPSEC.EXE [119808 2011-04-21] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 UI Assistant Service; C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe [274208 2012-05-04] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-06] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 ncpfilt; C:\Windows\System32\DRIVERS\ncplelhp.sys [108112 2014-02-28] (NCP Engineering GmbH)
R3 ncplelhp; C:\Windows\System32\DRIVERS\ncplelhp.sys [108112 2014-02-28] (NCP Engineering GmbH)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 12:53 - 2014-08-14 12:54 - 00033610 _____ () C:\Users\Andreas\Downloads\FRST.txt
2014-08-14 12:53 - 2014-08-14 12:53 - 02100224 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2014-08-14 12:53 - 2014-08-14 12:53 - 00000000 ____D () C:\FRST
2014-08-11 17:09 - 2014-08-11 17:09 - 00003342 _____ () C:\Windows\System32\Tasks\{8BE9B9DA-FA01-4780-AB81-851B8B544A67}
2014-08-11 16:57 - 2014-08-11 16:57 - 00001979 _____ () C:\Users\Andreas\Desktop\Driver Cleaner Pro.lnk
2014-08-11 16:57 - 2014-08-11 16:57 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
2014-08-11 16:57 - 2014-08-11 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
2014-08-11 16:57 - 2014-08-11 16:57 - 00000000 ____D () C:\Program Files (x86)\Driver Cleaner Pro
2014-08-11 16:56 - 2014-08-11 17:11 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\DesktopIconForAmazon
2014-08-11 16:56 - 2014-08-11 16:56 - 02817354 _____ () C:\Users\Andreas\Downloads\DCProSetup_15.zip
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Abelssoft
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Abelssoft
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-11 16:56 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-08-11 16:56 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-08-11 16:55 - 2014-08-11 17:11 - 00066936 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-08-11 16:54 - 2014-08-11 16:54 - 01101648 _____ () C:\Users\Andreas\Downloads\Driver Cleaner PE - CHIP-Installer.exe
2014-08-11 16:31 - 2014-06-17 03:00 - 65187899 _____ (Macrovision Corporation) C:\Users\Andreas\Downloads\ControlCenter4 Updater.exe
2014-08-11 16:30 - 2014-08-11 16:31 - 64084564 _____ (A.I.SOFT,INC.) C:\Users\Andreas\Downloads\CC4updater_424201.EXE
2014-08-11 15:51 - 2014-08-11 15:52 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\ControlCenter4
2014-08-11 15:46 - 2014-08-11 15:46 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk
2014-08-11 15:46 - 2014-08-11 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-08-11 15:45 - 2014-08-11 15:46 - 00000066 _____ () C:\Windows\Brfaxrx.ini
2014-08-11 15:45 - 2014-08-11 15:45 - 00000000 ____D () C:\ProgramData\ControlCenter4
2014-08-11 15:45 - 2014-08-11 15:45 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-08-11 15:45 - 2014-08-11 15:45 - 00000000 ____D () C:\Brother
2014-08-11 15:44 - 2012-07-09 17:19 - 00005120 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2S.dll
2014-08-11 15:44 - 2012-03-19 13:09 - 00245760 ____N (brother) C:\Windows\SysWOW64\NSSearch.dll
2014-08-11 15:44 - 2010-03-15 19:45 - 00073728 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2.dll
2014-08-11 15:44 - 2007-12-13 22:16 - 00005632 ____N (Brother Industries Ltd.) C:\Windows\SysWOW64\BrDctF2L.dll
2014-08-11 15:42 - 2014-08-11 15:42 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\InstallShield
2014-08-11 15:41 - 2014-08-11 15:41 - 00000000 ____D () C:\ProgramData\zeon
2014-08-11 15:39 - 2014-08-11 15:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2014-08-11 15:39 - 2014-08-11 15:39 - 00001866 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2014-08-11 15:38 - 2014-08-14 10:30 - 00000000 ____D () C:\Users\Andreas\Documents\MeineWebSeiten
2014-08-11 15:35 - 2014-08-11 15:35 - 00000155 _____ () C:\Windows\SysWOW64\pp.log
2014-08-11 14:58 - 2014-08-11 14:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 14:55 - 2014-08-11 14:55 - 00000000 ____D () C:\AMD
2014-08-11 14:53 - 2014-08-11 14:54 - 269338400 _____ (AMD Inc.) C:\Users\Andreas\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-08-11 14:41 - 2014-08-11 14:48 - 105664472 _____ (A.I.SOFT,INC.) C:\Users\Andreas\Downloads\MFC-J4410DW-inst-B1-eu1(1).EXE
2014-08-11 14:04 - 2014-08-11 14:04 - 00000000 ____D () C:\Users\Andreas\Downloads\install
2014-08-11 14:03 - 2014-08-11 14:04 - 105664472 _____ (A.I.SOFT,INC.) C:\Users\Andreas\Downloads\MFC-J4410DW-inst-B1-eu1.EXE
2014-08-11 13:43 - 2014-08-11 13:43 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 13:43 - 2014-08-11 13:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 13:43 - 2014-08-11 13:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 13:43 - 2014-08-11 13:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 13:43 - 2014-08-11 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-06 16:40 - 2014-08-14 08:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-06 16:39 - 2014-08-06 16:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 16:39 - 2014-08-06 16:39 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-06 16:39 - 2014-08-06 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-06 16:39 - 2014-08-06 16:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-06 16:39 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-06 16:39 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-06 12:10 - 2014-08-06 12:11 - 00000022 _____ () C:\Users\Andreas\Downloads\S_20140806_121016_Neue_Nachrichten.zip
2014-08-04 17:15 - 2014-08-04 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-16 09:44 - 2014-07-16 09:44 - 00000000 ___RD () C:\Users\Andreas\AppData\Roaming\Brother
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-14 12:54 - 2014-08-14 12:53 - 00033610 _____ () C:\Users\Andreas\Downloads\FRST.txt
2014-08-14 12:53 - 2014-08-14 12:53 - 02100224 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2014-08-14 12:53 - 2014-08-14 12:53 - 00000000 ____D () C:\FRST
2014-08-14 12:42 - 2014-05-21 17:06 - 00000574 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2334838483-4133862729-1016828376-1001.job
2014-08-14 12:31 - 2012-05-17 12:33 - 00000838 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-14 12:24 - 2012-09-12 15:04 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Skype
2014-08-14 12:19 - 2014-02-11 21:46 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-14 10:30 - 2014-08-11 15:38 - 00000000 ____D () C:\Users\Andreas\Documents\MeineWebSeiten
2014-08-14 09:00 - 2012-02-20 12:18 - 01200769 _____ () C:\Windows\WindowsUpdate.log
2014-08-14 08:02 - 2014-08-06 16:40 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-14 07:29 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-14 07:29 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-14 07:24 - 2012-09-12 15:04 - 00000000 ____D () C:\ProgramData\Skype
2014-08-14 07:21 - 2014-02-11 21:46 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-14 07:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-14 07:21 - 2009-07-14 06:51 - 00123677 _____ () C:\Windows\setupact.log
2014-08-13 17:39 - 2012-09-24 08:15 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-13 13:58 - 2012-05-15 19:39 - 00003994 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{81EDD4D1-C001-44A4-A67F-76F8783CE17C}
2014-08-12 14:23 - 2011-07-21 07:53 - 00748422 _____ () C:\Windows\system32\perfh00A.dat
2014-08-12 14:23 - 2011-07-21 07:53 - 00159604 _____ () C:\Windows\system32\perfc00A.dat
2014-08-12 14:23 - 2009-07-14 07:13 - 01679834 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-12 13:10 - 2009-07-14 06:45 - 00300216 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-11 17:11 - 2014-08-11 16:56 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\DesktopIconForAmazon
2014-08-11 17:11 - 2014-08-11 16:55 - 00066936 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-08-11 17:09 - 2014-08-11 17:09 - 00003342 _____ () C:\Windows\System32\Tasks\{8BE9B9DA-FA01-4780-AB81-851B8B544A67}
2014-08-11 16:58 - 2014-06-05 14:27 - 00003198 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForAndreas
2014-08-11 16:58 - 2014-06-05 14:27 - 00000340 _____ () C:\Windows\Tasks\HPCeeScheduleForAndreas.job
2014-08-11 16:57 - 2014-08-11 16:57 - 00001979 _____ () C:\Users\Andreas\Desktop\Driver Cleaner Pro.lnk
2014-08-11 16:57 - 2014-08-11 16:57 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
2014-08-11 16:57 - 2014-08-11 16:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Cleaner Pro
2014-08-11 16:57 - 2014-08-11 16:57 - 00000000 ____D () C:\Program Files (x86)\Driver Cleaner Pro
2014-08-11 16:56 - 2014-08-11 16:56 - 02817354 _____ () C:\Users\Andreas\Downloads\DCProSetup_15.zip
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Abelssoft
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Abelssoft
2014-08-11 16:56 - 2014-08-11 16:56 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-08-11 16:54 - 2014-08-11 16:54 - 01101648 _____ () C:\Users\Andreas\Downloads\Driver Cleaner PE - CHIP-Installer.exe
2014-08-11 16:31 - 2014-08-11 16:30 - 64084564 _____ (A.I.SOFT,INC.) C:\Users\Andreas\Downloads\CC4updater_424201.EXE
2014-08-11 15:52 - 2014-08-11 15:51 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\ControlCenter4
2014-08-11 15:46 - 2014-08-11 15:46 - 00002144 _____ () C:\Users\Public\Desktop\Brother Creative Center.lnk
2014-08-11 15:46 - 2014-08-11 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
2014-08-11 15:46 - 2014-08-11 15:45 - 00000066 _____ () C:\Windows\Brfaxrx.ini
2014-08-11 15:46 - 2014-05-05 13:22 - 00000092 _____ () C:\Windows\brpcfx.ini
2014-08-11 15:46 - 2014-05-05 13:22 - 00000024 _____ () C:\Windows\Brpfx04a.ini
2014-08-11 15:45 - 2014-08-11 15:45 - 00000000 ____D () C:\ProgramData\ControlCenter4
2014-08-11 15:45 - 2014-08-11 15:45 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-08-11 15:45 - 2014-08-11 15:45 - 00000000 ____D () C:\Brother
2014-08-11 15:45 - 2014-05-05 13:20 - 00000000 ____D () C:\Program Files (x86)\ControlCenter4
2014-08-11 15:45 - 2014-05-05 13:19 - 00000000 ____D () C:\Program Files (x86)\Brother
2014-08-11 15:43 - 2011-07-20 22:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-11 15:42 - 2014-08-11 15:42 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\InstallShield
2014-08-11 15:41 - 2014-08-11 15:41 - 00000000 ____D () C:\ProgramData\zeon
2014-08-11 15:41 - 2014-08-11 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nuance PaperPort 12
2014-08-11 15:41 - 2014-05-05 13:14 - 00000000 ____D () C:\ProgramData\Nuance
2014-08-11 15:41 - 2014-05-05 13:14 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-08-11 15:39 - 2014-08-11 15:39 - 00001866 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2014-08-11 15:39 - 2014-05-05 13:15 - 00000000 ____D () C:\ProgramData\ScanSoft
2014-08-11 15:35 - 2014-08-11 15:35 - 00000155 _____ () C:\Windows\SysWOW64\pp.log
2014-08-11 15:17 - 2012-05-15 19:38 - 00000000 ___HD () C:\Users\Andreas
2014-08-11 15:15 - 2014-04-26 14:57 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-11 15:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-08-11 15:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-11 14:58 - 2014-08-11 14:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-11 14:55 - 2014-08-11 14:55 - 00000000 ____D () C:\AMD
2014-08-11 14:54 - 2014-08-11 14:53 - 269338400 _____ (AMD Inc.) C:\Users\Andreas\Downloads\14-4-win7-win8-win8.1-64-dd-ccc-whql.exe
2014-08-11 14:48 - 2014-08-11 14:41 - 105664472 _____ (A.I.SOFT,INC.) C:\Users\Andreas\Downloads\MFC-J4410DW-inst-B1-eu1(1).EXE
2014-08-11 14:36 - 2010-11-21 05:47 - 00845006 _____ () C:\Windows\PFRO.log
2014-08-11 14:21 - 2014-05-05 13:21 - 00013055 _____ () C:\Windows\BRRBCOM.INI
2014-08-11 14:04 - 2014-08-11 14:04 - 00000000 ____D () C:\Users\Andreas\Downloads\install
2014-08-11 14:04 - 2014-08-11 14:03 - 105664472 _____ (A.I.SOFT,INC.) C:\Users\Andreas\Downloads\MFC-J4410DW-inst-B1-eu1.EXE
2014-08-11 13:43 - 2014-08-11 13:43 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 13:43 - 2014-08-11 13:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 13:43 - 2014-08-11 13:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 13:43 - 2014-08-11 13:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 13:43 - 2014-08-11 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-11 13:43 - 2013-10-27 12:43 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-07 16:24 - 2012-09-12 15:04 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-07 10:53 - 2014-06-11 09:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-08-06 16:39 - 2014-08-06 16:39 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-06 16:39 - 2014-08-06 16:39 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-06 16:39 - 2014-08-06 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-06 16:39 - 2014-08-06 16:39 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-06 16:39 - 2014-04-30 08:08 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-06 16:39 - 2014-03-19 19:29 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\Malwarebytes
2014-08-06 16:39 - 2014-03-19 19:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-06 16:39 - 2014-02-11 20:56 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-08-06 16:39 - 2013-05-17 09:25 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-06 16:39 - 2013-05-17 09:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-06 16:39 - 2012-06-28 08:37 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-06 16:39 - 2012-06-18 07:02 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-08-06 16:39 - 2012-06-18 07:02 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-06 16:39 - 2012-06-18 07:02 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-06 16:39 - 2012-06-18 07:02 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-06 16:39 - 2012-06-18 07:02 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-06 16:28 - 2012-05-23 18:26 - 00000000 ____D () C:\Users\Andreas\AppData\Roaming\SoftGrid Client
2014-08-06 12:11 - 2014-08-06 12:10 - 00000022 _____ () C:\Users\Andreas\Downloads\S_20140806_121016_Neue_Nachrichten.zip
2014-08-06 11:41 - 2013-08-20 21:29 - 00000000 ____D () C:\Users\Andreas\Documents\Taxpool-Buchhalter
2014-08-06 10:02 - 2012-05-17 09:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-04 17:15 - 2014-08-04 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-31 16:18 - 2012-05-17 09:47 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-07-31 16:18 - 2012-05-17 09:24 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-07-29 10:30 - 2012-06-01 10:31 - 00000000 ___HD () C:\Users\Andreas\AppData\Local\CrashDumps
2014-07-29 07:53 - 2006-02-02 13:19 - 00000000 ____D () C:\temp
2014-07-28 16:02 - 2011-01-26 15:20 - 00000000 ____D () C:\privat
2014-07-28 11:19 - 2012-05-17 10:20 - 00000000 ____D () C:\Users\Andreas\AppData\Local\Thunderbird
2014-07-28 11:07 - 2012-05-17 10:18 - 00002102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-28 11:07 - 2012-05-17 10:18 - 00002090 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-24 15:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-24 08:24 - 2014-02-11 21:48 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-24 07:56 - 2009-07-14 07:08 - 00032626 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-16 09:44 - 2014-07-16 09:44 - 00000000 ___RD () C:\Users\Andreas\AppData\Roaming\Brother
2014-07-16 09:28 - 2014-05-07 18:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-16 09:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
Some content of TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\APNSetup.exe
C:\Users\Andreas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpspmrzm.dll
C:\Users\Andreas\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Andreas\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Andreas\AppData\Local\Temp\_is4BDE.exe
C:\Users\Andreas\AppData\Local\Temp\_is7C8F.exe
C:\Users\Andreas\AppData\Local\Temp\_is8DED.exe
C:\Users\Andreas\AppData\Local\Temp\_isA360.exe
C:\Users\Andreas\AppData\Local\Temp\_isC0FE.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-04 15:03
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014 01
Ran by Andreas at 2014-08-14 12:55:00
Running from C:\Users\Andreas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: LANCOM Advanced VPN Client (Disabled) {BEB21647-135A-7893-42A0-BBC3960C218D}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1&1 Surf-Stick (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
6300 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2011.0705.1115.18310 - Nombre de su organización) Hidden
AMD Media Foundation Decoders (Version: 1.0.60705.1113 - ATI Technologies Inc.) Hidden
AMD Steady Video Plug-In (Version: 1.00.0000 - AMD) Hidden
AMD System Monitor (HKLM-x32\...\{4144F415-7434-4501-97DE-CED4FAF64E7D}) (Version: 1.0.6 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2011.0705.1115.18310 - Nombre de su organización) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{6153098B-60DB-6A9F-EA0F-B006A96B57D5}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BBSAK (HKLM-x32\...\{B23F12D4-17DE-453A-B1F4-55E501FE0EBF}) (Version: 1.9.2 - JMT Labs)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)
BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden
BlackBerry Device Software v6.0.0 für das BlackBerry 9780-Smartphone (HKLM-x32\...\{7540EBC2-FA82-42F7-8B3D-D6D8239077DA}) (Version: 6.0.0.723 (Plattform 6.6.0.248) - Research in Motion Ltd.)
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Brother MFL-Pro Suite MFC-J4410DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Calener_VYP (HKLM-x32\...\Calener_VYP) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0705.1115.18310 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0705.1115.18310 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help English (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help French (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help German (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0705.1114.18310 - ATI) Hidden
ccc-utility64 (Version: 2011.0705.1115.18310 - ATI) Hidden
CERMA_v2_2 versión 2.2 (HKLM-x32\...\{B4CC6C30-FDF2-4347-A547-BB8D6DC57F96}_is1) (Version: 2.2 - )
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
Compatibilidad con Aplicaciones de Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Configurador AEAT (HKCU\...\Configurador AEAT 2.5) (Version: 2.5 - AEAT)
Configurador AEAT 1.12 (HKLM-x32\...\Configurador AEAT 1.12) (Version: 1.12 - AEAT)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.13345 - Landesfinanzdirektion Thüringen)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hacer clic y ejecutar de Microsoft Office 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Hacer clic y ejecutar de Microsoft Office 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Documentation (HKLM-x32\...\{DE15C5EC-7C30-44BF-ACEB-03960FC5601D}) (Version: 1.1.1.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Officejet 4620 series Ayuda (HKLM-x32\...\{36D47790-7562-4A7F-B933-600A700B2D40}) (Version: 6.0.0 - Hewlett Packard)
HP Officejet 4620 series Estudio para la mejora del producto (HKLM\...\{3ADC3E59-CC72-409E-8FB4-692E40C76B32}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Software básico del dispositivo (HKLM\...\{CFA8A322-2D7F-4425-A251-F42BAF0A52D1}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{999164B6-5B78-4DD3-BACE-7292640AD0DD}) (Version: 3.1.0.9760 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Software Framework (HKLM-x32\...\{364EB037-16AE-4B15-AC7E-EE3AEDD80700}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6319.0 - IDT)
InfinityAT (HKLM-x32\...\BB29F88B-A742-4E2C-B0F3-FFEC11E1BA06) (Version: 5.2.8 - TransAct Futures LLC)
IVA 2012 1.00 (HKLM-x32\...\1554-4768-6406-1156) (Version: 1.00 - AEAT)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LANCOM Advanced VPN Client (HKLM-x32\...\NCP RWS/GA) (Version: 2.32 Build 218 - LANCOM Systems GmbH)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (ESN) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Español (HKLM-x32\...\{90140011-0066-0C0A-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850C0A-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MIG Bank Trading Station - MINI (HKLM-x32\...\MIG Bank Trading Station - MINI) (Version: 4.00 - MetaQuotes Software Corp.)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 es-ES) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 es-ES)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{AEE39224-92BE-4389-9493-E57FF73BB96A}) (Version: 1.3.1 - OLYMPUS IMAGING CORP.)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Paquete de controladores de Windows - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PostCALENER (HKLM-x32\...\PostCALENER) (Version: - )
PriMus-DCF v.NEXT GENERATION(c) (HKLM-x32\...\{3BFED551-630D-4C5E-A90F-A6B7E9CF3CA0}) (Version: NEXT GENERATION(c) - ACCA software S.p.A.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
Renta 2012 1.21 (HKLM-x32\...\8421-7800-2226-7659) (Version: 1.21 - AEAT)
Renta 2013 1.21 (HKLM-x32\...\2285-3920-8902-9260) (Version: 1.21 - AEAT)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Taxpool-Buchhalter Mini 7.10 (HKLM-x32\...\Taxpool-Buchhalter Mini) (Version: 7.10 - psynetic® Software)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27339 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zip Extractor Packages (HKCU\...\Zip Extractor Packages) (Version: - ) <==== ATTENTION
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2334838483-4133862729-1016828376-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2334838483-4133862729-1016828376-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\977\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2334838483-4133862729-1016828376-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2334838483-4133862729-1016828376-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2334838483-4133862729-1016828376-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2334838483-4133862729-1016828376-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Andreas\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
24-07-2014 11:04:19 Windows Update
28-07-2014 09:00:51 Windows Update
31-07-2014 14:12:55 Windows Update
04-08-2014 09:53:07 Windows Update
06-08-2014 14:37:04 avast! antivirus system restore point
08-08-2014 07:25:09 Windows Update
11-08-2014 11:41:15 Installed Java 7 Update 67
11-08-2014 12:14:41 Entfernt Brother Software Suite
11-08-2014 12:31:43 Windows Update
11-08-2014 12:57:36 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
11-08-2014 13:09:29 Operación de restauración
11-08-2014 13:36:52 Installed Nuance PaperPort 12.
11-08-2014 13:40:37 Installed Nuance PDF Viewer Plus.
11-08-2014 13:43:08 Installiert Brother Software Suite
11-08-2014 15:06:03 Removed Nuance PaperPort 12.
11-08-2014 15:11:26 Removed Nuance PDF Viewer Plus.
11-08-2014 15:12:06 Removed Nuance PDF Viewer Plus.
14-08-2014 08:27:49 Removed Nuance PaperPort 12.
14-08-2014 08:29:52 Removed Nuance PaperPort 12.
14-08-2014 08:31:02 Removed Nuance PDF Viewer Plus.
14-08-2014 08:59:27 Removed Nuance PDF Viewer Plus.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-03-18 19:44 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {025DFF88-0205-435D-A174-9DB1481BD5A7} - System32\Tasks\{1C4D8CF3-B7CF-44CE-AED3-8BA88422A9BE} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {1AE0A00A-2F08-4300-A76E-48931C836D03} - System32\Tasks\G2MUpdateTask-S-1-5-21-2334838483-4133862729-1016828376-1001 => C:\Users\Andreas\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-14] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {2E4DDC9F-55C2-403D-8B2A-3AB6F087C9A9} - System32\Tasks\{A12D8AFF-E76F-40AE-BC31-AEE17007C17B} => C:\Program Files (x86)\mig4setup_mini.exe
Task: {36AA7FFE-2241-46CC-BA86-8F35EA50E37A} - System32\Tasks\{05C963B2-4B62-49B3-9F7C-23C3DF62764B} => Firefox.exe
Task: {4AB3BC9E-23D3-41D6-8048-BB45FAE5C44D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {4F2C353C-CF71-4704-8440-22CDD533C33E} - System32\Tasks\{5DE7E3DF-FA50-4DBE-998E-88868888CA9A} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {4FD791C4-9BDE-425C-8CE3-9619202BDDB5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {6491B479-D503-4A8C-9801-3CC119BE12C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {6E6836F1-8702-422A-A544-F41745915CCD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-06] (AVAST Software)
Task: {76962D5D-3A66-4D4F-AF48-0D1A7B7AA812} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {84D41C05-7A03-4118-8B35-963AB95B2F15} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-27] ()
Task: {8E4B6A5E-2F35-45CF-97EC-D6779A6C6C65} - System32\Tasks\HPCeeScheduleForAndreas => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {92C4CBA6-5721-426B-AD8A-13CB73F8A9AD} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {A4E12249-B4C9-49DA-9003-B0CC2F7A5125} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A89B0F9B-1C08-4EA9-B22E-D0BDF05D8BB6} - System32\Tasks\{1D8C15A0-7038-4518-A85C-4546547CC365} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {B4688716-A750-4861-B39C-3D3983839488} - System32\Tasks\{941AE965-B365-4914-B7A7-810CFBC6277F} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {B52F8420-525E-4DB3-8A3B-00F3F8C8A1FB} - System32\Tasks\{A31DD10B-0970-4BC6-95F7-8D234B9BB60D} => C:\SYSTEM.SAV\util\OfficeDesktopIconThread.exe [2011-03-08] (Hewlett-Packard Company)
Task: {C646B0E5-C8DD-4D4C-9542-880E547046A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CC2EC510-B0D1-4ECF-B9DB-194707A01D98} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {EBD00F86-B119-461D-9030-24C5C48A3438} - System32\Tasks\{E78F87D0-F378-4B6C-AF0B-1468DA8447E0} => C:\Program Files (x86)\mig4setup_mini.exe
Task: {F3AE0C42-19D3-4882-A53E-49763D04EA23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-11] (Google Inc.)
Task: {F55CBBD1-9D9F-464D-AF02-47847168AB57} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F89CFD3B-37C2-418E-B480-0D1631DB90D9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-14] (Adobe Systems Incorporated)
Task: {F9EFAD9B-BB87-422E-B9A4-C2D7AFC28BDB} - System32\Tasks\{EB3CFBE3-9DCB-48D8-B9A8-853A596B92B9} => C:\Program Files (x86)\mig4setup_mini.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2334838483-4133862729-1016828376-1001.job => C:\Users\Andreas\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForAndreas.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
2011-07-05 12:27 - 2011-07-05 12:27 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-03-29 19:15 - 2012-04-26 11:03 - 01409024 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\x64\libeay32.dll
2014-03-29 19:15 - 2011-10-12 16:43 - 00165888 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\x64\ncpbudget2008.dll
2014-03-29 19:15 - 2014-02-28 14:02 - 00121856 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\x64\ncpmif32.dll
2014-03-29 19:14 - 2011-04-21 08:11 - 00119808 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\NCPSEC.EXE
2013-09-14 13:20 - 2012-05-04 17:19 - 00274208 _____ () C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-06-27 16:18 - 2011-06-27 16:18 - 00107320 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-09-14 13:20 - 2012-05-04 17:19 - 00156448 _____ () C:\Program Files (x86)\1&1 Surf-Stick\UIExec.exe
2011-04-27 17:05 - 2011-04-27 17:05 - 01102336 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\System.Data.SQLite.dll
2014-08-06 16:38 - 2014-08-06 16:38 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-13 07:14 - 2014-08-13 07:14 - 02786304 _____ () C:\Program Files\AVAST Software\Avast\defs\14081203\algo.dll
2014-08-14 07:22 - 2014-08-14 07:22 - 02797056 _____ () C:\Program Files\AVAST Software\Avast\defs\14081301\algo.dll
2014-03-29 19:14 - 2014-02-18 13:51 - 01817088 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpgacc.dll
2014-03-29 19:15 - 2014-02-28 14:02 - 00108032 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpmif32.dll
2014-08-06 16:38 - 2014-08-06 16:38 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-29 19:14 - 2002-06-28 11:16 - 00151552 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpcfg.dll
2014-03-29 19:14 - 2013-11-11 16:02 - 00199168 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpdlg.dll
2014-03-29 19:14 - 2002-09-04 16:27 - 00102400 _____ () C:\Program Files (x86)\LANCOM\Advanced VPN Client\ncpcry.dll
2014-08-11 15:44 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2011-04-27 17:05 - 2011-04-27 17:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-06-11 09:50 - 2014-07-18 03:39 - 03338352 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 09:50 - 2014-07-18 03:39 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 09:50 - 2014-07-18 03:39 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-07-11 14:33 - 2013-07-11 14:33 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2013-07-10 23:08 - 2013-07-10 23:08 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2014-08-04 17:15 - 2014-08-04 17:15 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-14 13:31 - 2014-07-14 13:31 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Adaptador de tunelización Teredo de Microsoft
Description: Adaptador de tunelización Teredo de Microsoft
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Officejet Pro 8600
Description: Officejet Pro 8600
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2014 00:19:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/14/2014 11:19:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/14/2014 10:19:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/14/2014 09:19:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/14/2014 08:19:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/14/2014 07:22:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 06:19:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/13/2014 05:19:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/13/2014 04:19:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
Error: (08/13/2014 03:19:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi
System errors:
=============
Error: (08/14/2014 07:21:23 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.
Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126
Error: (08/13/2014 06:20:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/13/2014 07:13:55 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: El módulo de extensibilidad de WLAN no se pudo iniciar.
Ruta de acceso del módulo: C:\Windows\system32\Rtlihvs.dll
Código de error: 126
Error: (08/12/2014 05:46:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (08/12/2014 02:14:25 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR2.
Error: (08/12/2014 02:14:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR2.
Error: (08/12/2014 02:14:24 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR2.
Error: (08/12/2014 02:14:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: El controlador detectó un error de controladora en \Device\Harddisk1\DR2.
Error: (08/12/2014 01:13:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: El servicio Windows Search no pudo iniciarse debido al siguiente error:
%%1053
Error: (08/12/2014 01:13:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Windows Search.
Microsoft Office Sessions:
=========================
Error: (08/14/2014 00:19:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/14/2014 11:19:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/14/2014 10:19:02 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/14/2014 09:19:01 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/14/2014 08:19:03 AM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/14/2014 07:22:55 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/13/2014 06:19:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/13/2014 05:19:03 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/13/2014 04:19:01 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/13/2014 03:19:02 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.24.15\BonanzaDealsLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)
CodeIntegrity Errors:
===================================
Date: 2014-08-11 15:03:01.428
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-08-11 15:03:01.085
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-03-18 18:40:41.222
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2014-03-18 18:40:40.952
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\ComboFix\catchme.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-06-04 09:06:49.457
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-06-04 09:06:49.422
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-06-04 07:45:49.571
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-06-04 07:45:49.531
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-06-03 11:38:48.156
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
Date: 2012-06-03 11:38:48.141
Description: Windows no puede comprobar la integridad de imagen del archivo \Device\HarddiskVolume2\Windows\System32\drivers\Sentinel64.sys porque el hash del archivo no se encuentra en el sistema. Puede que un cambio reciente de hardware o software haya instalado un archivo dañado o con una firma incorrecta, o que exista un software malintencionado de origen desconocido.
==================== Memory info ===========================
Processor: AMD E2-3000M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 47%
Total physical RAM: 5609.41 MB
Available physical RAM: 2930.47 MB
Total Pagefile: 11216.99 MB
Available Pagefile: 8257.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:577.01 GB) (Free:493.6 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:14.99 GB) (Free:1.64 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 3CC052AE)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=577 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit