| MartinR91 | 13.06.2015 13:53 |
So, hier die geforderten Logs:
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Loreli von Röschen (administrator) on SCHNECKCHEN on 13-06-2015 14:48:23
Running from F:\
Loaded Profiles: Loreli von Röschen (Available Profiles: Loreli von Röschen)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit_manager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\GeekBuddy\unit.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\CompatTel\diagtrackrunner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-19] (IDT, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2011-08-26] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-11] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\MountPoints2: {01b8a906-085f-11e5-befa-8434977326ed} - "G:\Startme.exe"
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\MountPoints2: {471066ae-718b-11e4-beee-8434977326ed} - "F:\Startme.exe"
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\MountPoints2: {471079f2-718b-11e4-beee-8434977326ed} - "G:\Startme.exe"
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\MountPoints2: {c7aa0b65-0c44-11e4-bedd-8434977326ed} - "F:\Startme.exe"
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\MountPoints2: {cab93641-0ec6-11e5-befa-8434977326ed} - "F:\Startme.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2013-08-06]
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files (x86)\Comodo\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Loreli von Röschen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-09-15]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?affID=119556&tt=180413_new&babsrc=HP_ss&mntrId=062112689D98AFEF
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
URLSearchHook: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 - (No Name) - {5786d022-540e-4699-b350-b4be0ae94b79} - No File
SearchScopes: HKLM -> {0A0A162E-A181-4F56-BDDD-5B60067ABE45} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {0A0A162E-A181-4F56-BDDD-5B60067ABE45} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 -> {0A0A162E-A181-4F56-BDDD-5B60067ABE45} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119556&tt=180413_new&babsrc=SP_ss&mntrId=062112689D98AFEF
SearchScopes: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-3548527525-1266510089-1818601297-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-02-19] (DVDVideoSoft Ltd.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-10] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-10] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-02-19] (DVDVideoSoft Ltd.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-01-25] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-01-25] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-01-25] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default
FF NewTab: hxxp://www.google.com/firefox
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=3&q={searchTerms}
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: LEO Eng-Deu
FF Homepage: google.de
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-10] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-12] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3548527525-1266510089-1818601297-1002: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\searchplugins\conduit.xml [2012-12-25]
FF SearchPlugin: C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\searchplugins\firefox-add-ons.xml [2013-01-13]
FF SearchPlugin: C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\searchplugins\googletranslate.xml [2013-01-20]
FF Extension: Avira Browser Safety - C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\Extensions\abs@avira.com [2015-05-28]
FF Extension: WOT - C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-06-06]
FF Extension: Wiktionary and Google Translate - C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\Extensions\googledictionary@toptip.ca.xpi [2013-05-18]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-02-28]
FF Extension: Adblock Plus - C:\Users\Loreli von Röschen\AppData\Roaming\Mozilla\Firefox\Profiles\vx5bmr56.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-09-10] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-11] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-11] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70872 2015-03-05] (Comodo Security Solutions, Inc.)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2015-01-30] (Comodo Security Solutions, Inc.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-07-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-22] (Advanced Micro Devices, Inc.)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-23] (AppEx Networks Corporation)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3860480 2013-08-23] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-23] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2014-12-04] (Sony Mobile Communications)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 14:48 - 2015-06-13 14:48 - 00000000 ____D C:\FRST
2015-06-13 14:47 - 2015-06-13 14:47 - 00000795 _____ C:\WINDOWS\setupact.log
2015-06-13 14:47 - 2015-06-13 14:47 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-11 13:24 - 2015-06-11 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-11 13:13 - 2015-06-11 13:13 - 00000000 ____D C:\ProgramData\ATI
2015-06-11 00:09 - 2015-06-11 00:09 - 00060993 _____ C:\WINDOWS\SysWOW64\CCCInstall_201506110009383558.log
2015-06-11 00:09 - 2015-06-11 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-06-11 00:09 - 2015-06-11 00:09 - 00000000 ____D C:\Program Files\ATI Technologies
2015-06-11 00:09 - 2015-06-11 00:09 - 00000000 ____D C:\Program Files (x86)\AMD AVT
2015-06-11 00:08 - 2013-03-08 16:47 - 00058536 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2015-06-10 23:55 - 2015-06-10 23:55 - 00060993 _____ C:\WINDOWS\SysWOW64\CCCInstall_201506102355175054.log
2015-06-10 23:25 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 23:25 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 23:25 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 23:25 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 23:25 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 23:25 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 23:25 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 23:25 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 23:15 - 2015-06-10 23:15 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\GWX
2015-06-10 22:56 - 2013-08-23 01:11 - 03860480 _____ (Qualcomm Atheros Communications, Inc.) C:\WINDOWS\system32\Drivers\athwbx.sys
2015-06-10 22:51 - 2015-06-10 22:51 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-06-10 22:51 - 2012-08-19 21:45 - 06085632 _____ (IDT, Inc.) C:\WINDOWS\system32\stlang64.dll
2015-06-10 22:51 - 2012-08-19 21:45 - 01821184 _____ (IDT, Inc.) C:\WINDOWS\system32\IDTNC64.cpl
2015-06-10 22:51 - 2012-08-19 21:45 - 01664000 _____ (IDT, Inc.) C:\WINDOWS\sttray64.exe
2015-06-10 22:51 - 2011-05-02 14:27 - 03308376 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEP64A.dll
2015-06-10 22:51 - 2011-05-02 14:27 - 00426328 _____ (Dolby Laboratories) C:\WINDOWS\system32\EED64A.dll
2015-06-10 22:51 - 2011-05-02 14:27 - 00136024 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEL64A.dll
2015-06-10 22:51 - 2011-05-02 14:27 - 00118104 _____ (Dolby Laboratories) C:\WINDOWS\system32\EEA64A.dll
2015-06-10 22:50 - 2012-08-19 21:45 - 02188800 _____ (IDT, Inc.) C:\WINDOWS\system32\stapo64.dll
2015-06-10 22:50 - 2012-08-19 21:45 - 00671744 ____N (IDT, Inc.) C:\WINDOWS\system32\stapi64.dll
2015-06-10 22:50 - 2012-08-19 21:45 - 00542208 _____ (IDT, Inc.) C:\WINDOWS\system32\Drivers\stwrt64.sys
2015-06-10 22:50 - 2012-08-19 21:45 - 00499200 _____ (IDT, Inc.) C:\WINDOWS\system32\stcplx64.dll
2015-06-10 22:50 - 2012-08-19 21:45 - 00255488 _____ (IDT, Inc.) C:\WINDOWS\system32\st646425.dll
2015-06-10 22:23 - 2015-06-10 22:31 - 43876928 _____ (Hewlett-Packard Company ) C:\Users\Loreli von Röschen\Downloads\sp63733.exe
2015-06-10 22:23 - 2015-06-10 22:28 - 18120464 _____ (Hewlett-Packard ) C:\Users\Loreli von Röschen\Downloads\sp58495.exe
2015-06-10 22:23 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2015-06-10 22:23 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2015-06-10 22:22 - 2015-06-10 23:44 - 301312216 _____ (Hewlett-Packard ) C:\Users\Loreli von Röschen\Downloads\sp63691.exe
2015-06-10 22:21 - 2015-06-10 23:44 - 297678408 _____ (Hewlett-Packard ) C:\Users\Loreli von Röschen\Downloads\sp63689.exe
2015-06-10 22:21 - 2015-06-10 22:28 - 45375248 _____ (Hewlett-Packard ) C:\Users\Loreli von Röschen\Downloads\sp59620.exe
2015-06-10 22:19 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2015-06-10 22:19 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2015-06-10 22:19 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2015-06-10 22:19 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2015-06-10 22:17 - 2015-06-10 22:17 - 05197824 _____ C:\Users\Loreli von Röschen\Downloads\HPSupportSolutionsFramework-11.51.0049.msi
2015-06-10 21:52 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-06-10 21:52 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2015-06-10 21:52 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-06-10 21:52 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-06-10 21:51 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-06-10 21:51 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-06-10 21:51 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-06-10 21:51 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-06-10 21:51 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-06-10 21:51 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-06-10 21:51 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-06-10 21:51 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2015-06-10 21:51 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-06-10 21:51 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-06-10 21:51 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-06-10 21:51 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2015-06-10 21:51 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-06-10 21:51 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2015-06-10 21:51 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-06-10 21:51 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2015-06-10 21:51 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-06-10 21:51 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2015-06-10 21:51 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2015-06-10 21:51 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2015-06-10 21:51 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2015-06-10 21:51 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2015-06-10 21:51 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2015-06-10 21:51 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2015-06-10 21:51 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2015-06-10 21:51 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2015-06-10 21:51 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2015-06-10 21:51 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-06-10 21:51 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-06-10 21:51 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2015-06-10 21:51 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2015-06-10 21:51 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-06-10 21:51 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-06-10 21:51 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSHVHOST.DLL
2015-06-10 21:51 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\QSVRMGMT.DLL
2015-06-10 21:51 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2015-06-10 21:51 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2015-06-10 21:51 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2015-06-10 21:51 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2015-06-10 21:51 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSHVHOST.DLL
2015-06-10 21:51 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\QSVRMGMT.DLL
2015-06-10 21:51 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2015-06-10 21:51 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2015-06-10 21:51 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2015-06-10 21:51 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2015-06-10 21:51 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2015-06-10 21:51 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2015-06-10 21:51 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-06-10 21:51 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys
2015-06-10 21:51 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys
2015-06-10 21:51 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys
2015-06-10 21:51 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys
2015-06-10 21:51 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2015-06-10 21:51 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2015-06-10 21:51 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2015-06-10 21:51 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2015-06-10 21:51 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2015-06-10 21:51 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2015-06-10 21:51 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2015-06-10 21:51 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2015-06-10 21:51 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2015-06-10 21:51 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2015-06-10 21:51 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2015-06-10 21:51 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2015-06-10 21:51 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2015-06-10 21:51 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2015-06-10 21:51 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2015-06-10 21:51 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-06-10 21:40 - 2015-05-16 00:01 - 00133288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-06-10 21:40 - 2015-05-15 23:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-06-10 21:40 - 2015-05-15 22:47 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-06-10 21:40 - 2015-05-15 22:23 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-06-10 21:40 - 2015-05-15 21:42 - 03682304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-06-10 21:40 - 2015-05-15 21:32 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-06-10 21:40 - 2015-05-15 21:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-06-10 21:40 - 2015-05-15 21:28 - 02223104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-06-10 21:40 - 2015-05-15 21:28 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-06-10 21:40 - 2015-05-15 21:28 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-06-10 21:40 - 2015-05-15 21:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-06-10 21:40 - 2015-05-15 21:21 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-06-10 21:40 - 2015-05-15 21:21 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-06-10 21:40 - 2015-05-15 21:19 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-06-10 21:40 - 2015-05-15 21:19 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-06-10 21:40 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-06-10 21:40 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-06-10 21:40 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-06-10 21:40 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-06-10 21:37 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 21:37 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 21:37 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 21:37 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 21:35 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 21:35 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 21:35 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 21:35 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 21:35 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 21:35 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 21:35 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 21:35 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 21:35 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 21:35 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 21:35 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 21:34 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 21:34 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 21:34 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 21:34 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 21:34 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 21:34 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 21:34 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 21:34 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 21:34 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 21:34 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 21:34 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 21:34 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 21:34 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 21:34 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 21:34 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 21:31 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 21:31 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 21:31 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 21:31 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 21:31 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 21:31 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 21:31 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 21:31 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 21:31 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 21:31 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 21:31 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 21:31 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 21:31 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 21:31 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 21:31 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 21:31 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 21:31 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 21:31 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 21:31 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 21:31 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 21:31 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 21:31 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 21:31 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 21:31 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 21:31 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 21:31 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 21:30 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 21:30 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 21:30 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 21:30 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 21:30 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 21:30 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 21:30 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 21:30 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 21:30 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 21:30 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 21:30 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 21:30 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 21:30 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 21:30 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 21:30 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 21:30 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 21:29 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-10 21:21 - 2015-06-10 21:21 - 06549184 _____ (Piriform Ltd) C:\Users\Loreli von Röschen\Downloads\ccsetup506.exe
2015-06-10 17:47 - 2015-06-10 17:47 - 00000424 _____ C:\Users\Loreli von Röschen\Desktop\Dieser PC - Verknüpfung.lnk
2015-06-10 17:05 - 2015-06-10 17:05 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{8EAB00FE-A3F9-4D20-81EA-B403EBBBCAC3}
2015-06-10 17:04 - 2015-06-10 17:04 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{2CC7AB46-33C8-4519-8DFE-442F8AA19E24}
2015-06-10 13:42 - 2015-06-10 13:42 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{499DF27A-99ED-4FC1-9476-0B64FB5F3911}
2015-06-09 16:41 - 2015-06-09 16:41 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{E031C4CA-67E5-4655-963B-9948466FB278}
2015-06-09 16:38 - 2015-06-09 16:38 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{B1A2A022-2669-4427-A7A2-2D2599148470}
2015-06-08 19:34 - 2015-06-08 19:34 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{BF8264FB-FD54-4972-B86E-6CAA2F264E80}
2015-06-08 19:33 - 2015-06-08 19:33 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{9CA8386F-5D2F-40DD-A2BB-131D2C341E2E}
2015-06-08 19:28 - 2015-06-08 19:28 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{914EF8D0-849A-46A0-BEAA-F4C6D2626D11}
2015-06-08 19:27 - 2015-06-08 19:27 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{804C7AC6-9D49-4860-88CA-757A68881B12}
2015-06-08 19:25 - 2015-06-08 19:25 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{10C8A439-6B96-4708-B57F-107DE3DEDBDF}
2015-06-06 19:42 - 2015-06-10 23:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-21 14:51 - 2015-05-21 14:51 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\{ED15DA91-C765-46DC-B47E-75633238C09F}
2015-05-18 17:47 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-18 17:47 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 14:02 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-15 14:02 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-15 14:02 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-15 14:02 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-15 14:02 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-15 14:02 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-15 14:02 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-15 14:02 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-15 14:02 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-15 14:01 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-15 14:01 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-15 14:01 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-15 14:01 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-15 14:01 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-15 14:01 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-15 14:01 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-15 14:01 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-15 14:01 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-15 14:01 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-15 14:01 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-15 14:01 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-15 14:01 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-15 14:01 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-15 14:01 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-15 14:01 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-15 14:01 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-15 13:49 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-15 13:49 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-15 13:44 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-15 13:44 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-15 13:44 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-15 13:38 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-15 13:29 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-15 13:29 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-15 13:29 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-15 13:29 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-15 13:20 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-15 13:20 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-15 13:20 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-13 14:44 - 2014-03-24 23:02 - 01704711 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-13 14:44 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-12 18:07 - 2013-06-02 11:24 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-12 17:51 - 2012-12-25 18:25 - 00000000 ____D C:\Users\Loreli von Röschen\Documents\Youcam
2015-06-11 17:08 - 2012-12-25 18:13 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3548527525-1266510089-1818601297-1002
2015-06-11 13:23 - 2014-04-22 13:12 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-06-11 13:23 - 2014-04-22 13:12 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-06-11 13:15 - 2013-02-05 16:55 - 02883072 ___SH C:\Users\Loreli von Röschen\Desktop\Thumbs.db
2015-06-11 13:10 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-11 00:11 - 2013-08-22 15:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-06-11 00:10 - 2014-12-26 16:51 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-11 00:10 - 2014-07-14 22:17 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-11 00:09 - 2012-10-08 01:55 - 00000000 ____D C:\ProgramData\AMD
2015-06-11 00:05 - 2012-08-04 02:02 - 00000000 ____D C:\SWSetup
2015-06-10 23:55 - 2012-10-08 01:53 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2015-06-10 23:51 - 2014-08-16 00:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-10 23:27 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 23:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-10 23:11 - 2013-08-22 16:44 - 00575080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 23:10 - 2012-12-25 18:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-10 23:05 - 2015-04-07 15:42 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-10 23:05 - 2015-04-07 15:42 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-10 23:05 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 23:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-06-10 23:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-06-10 23:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\setup
2015-06-10 23:05 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-06-10 23:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 23:03 - 2013-01-20 21:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-10 23:03 - 2013-01-20 21:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 23:01 - 2012-10-08 01:57 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-06-10 23:01 - 2012-10-08 01:56 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-06-10 22:58 - 2012-10-08 02:00 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-06-10 22:57 - 2014-01-18 20:33 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-10 22:56 - 2014-01-18 20:34 - 00000000 ____D C:\ProgramData\Oracle
2015-06-10 22:56 - 2014-01-18 20:33 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2015-06-10 22:56 - 2014-01-18 20:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-10 22:52 - 2012-10-08 01:57 - 00000000 ____D C:\Program Files\IDT
2015-06-10 22:48 - 2012-12-25 22:54 - 05730304 ___SH C:\Users\Loreli von Röschen\Downloads\Thumbs.db
2015-06-10 22:40 - 2012-07-26 07:26 - 00000202 _____ C:\WINDOWS\win.ini
2015-06-10 22:39 - 2013-09-25 18:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 22:34 - 2012-12-26 21:15 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-10 22:19 - 2013-01-13 14:11 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Roaming\HpUpdate
2015-06-10 22:18 - 2012-08-23 13:53 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-06-10 22:14 - 2013-01-13 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-06-10 22:14 - 2013-01-13 14:11 - 00000000 ____D C:\Program Files (x86)\HP
2015-06-10 22:14 - 2012-10-08 02:02 - 00000000 ____D C:\WINDOWS\Hewlett-Packard
2015-06-10 21:29 - 2012-12-25 19:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-06-10 21:29 - 2012-12-25 19:28 - 00000000 ____D C:\Program Files\CCleaner
2015-06-10 17:07 - 2013-09-30 06:14 - 01980998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-10 17:07 - 2013-09-30 05:56 - 00842578 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-10 17:07 - 2013-09-30 05:56 - 00191774 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-10 16:12 - 2014-12-04 18:32 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2015-06-10 14:08 - 2013-06-02 11:24 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-09 18:23 - 2012-12-25 18:04 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\Packages
2015-06-08 19:27 - 2014-04-14 12:35 - 00000000 ____D C:\Users\Loreli von Röschen\AppData\Local\Windows Live
2015-06-03 18:18 - 2015-03-17 15:36 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2015-03-17 15:36 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-19 10:43 - 2013-05-02 22:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-19 10:43 - 2013-05-02 22:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-18 22:25 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-18 22:25 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-18 17:16 - 2013-05-02 22:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-18 17:07 - 2013-09-30 05:59 - 00000000 ____D C:\Program Files\Windows Journal
==================== Files in the root of some directories =======
2013-09-03 18:39 - 2013-09-03 18:39 - 0004608 _____ () C:\Users\Loreli von Röschen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-13 21:40 - 2015-04-13 21:40 - 0039312 _____ () C:\Users\Loreli von Röschen\AppData\Local\recently-used.xbel
2013-01-13 14:11 - 2013-01-13 14:11 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-20 22:40 - 2014-10-01 12:28 - 0015290 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Loreli von Röschen\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-11 00:23
==================== End of log ============================
--- --- ---
Addition.txt:
[CODE]Additional
FRST Logfile: Code:
scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Loreli von Röschen at 2015-06-13 14:50:32
Running from F:\
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3548527525-1266510089-1818601297-500 - Administrator - Disabled)
Gast (S-1-5-21-3548527525-1266510089-1818601297-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3548527525-1266510089-1818601297-1006 - Limited - Enabled)
Loreli von Röschen (S-1-5-21-3548527525-1266510089-1818601297-1002 - Administrator - Enabled) => C:\Users\Loreli von Röschen
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{44E7AC6A-A1D0-FC78-71B5-274DB611E7B3}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
Apowersoft Gratis - Audiorekorder V2.3.4 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 2.3.4 - APOWERSOFT LIMITED)
Ashampoo Burning Studio 2013 v.11.0.5 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira (HKLM-x32\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserProtect (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - Bit89 Inc)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Free YouTube to MP3 Converter version 3.12.55.219 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.55.219 - DVDVideoSoft Ltd.)
GanttProject (HKLM-x32\...\GanttProject) (Version: - )
GeekBuddy (HKLM-x32\...\{D43B9708-6C72-4797-971D-B878CBF45385}) (Version: 4.19.131 - Comodo Security Solutions Inc)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{E7EB0FFE-B5E3-4163-A2A1-DD329380664A}) (Version: 4.2.5.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{16B7BDA1-B967-4D2D-8B27-E12727C28350}) (Version: 2.10.3 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{94BB4B4F-BD6D-4166-A580-F868C8384CA6}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.210.0 - Tracker Software Products Ltd)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.8.201506081556 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.259 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.259 - Sony)
Studie zur Verbesserung von HP Deskjet 3520 series Produkten (HKLM\...\{A5BB6A58-BC1A-48A7-BB19-1768A80CF9C9}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.12 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{0C5B0539-7EDE-4297-947E-48890971B557}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0407-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
21-05-2015 19:40:54 Windows Update
28-05-2015 22:56:16 Geplanter Prüfpunkt
10-06-2015 16:13:19 Installed Sony Mobile Drivers
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09F5CB34-8D3D-4F8A-A4AE-9CF137A9C3A8} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {0B71E52A-66E5-4280-8D03-6900859E9A1A} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {1155B1ED-AB2D-40F8-95C5-896B417C0BF7} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {2C9D29F9-9384-458E-84D8-52C94854DE47} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {2F6B8A58-0C40-4FA1-8C60-94BCCD7B21E6} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {399192D6-0666-4F2A-B42E-35789D642EB5} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {664BC5D6-A84F-4C89-96EF-312A3A6E91CD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {6D60665E-4EA3-4023-B205-9B278551B9A2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10] (Adobe Systems Incorporated)
Task: {86953DA1-0F97-42F6-A223-7C2EA4FF67CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {89624777-664C-4025-A3B6-334ABEF2D4E4} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {90FFE0F1-594A-4DCF-ABFD-BBD095E0527D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {AFAA1450-F0EF-4A2F-A442-1486F593C1F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {B4EB5FC1-FF0B-478C-A2C1-AB788DE76AA5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {DAADB29C-1DA6-48FE-87C4-20A0BB668263} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {F556F936-3712-4F4A-9037-2D59D5A2241C} - System32\Tasks\HPCustParticipation HP Deskjet 3520 series => C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {FECCE9EF-35CC-412F-854D-5071AC8698B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (Whitelisted) ==============
2013-09-10 22:25 - 2013-09-10 22:25 - 00127488 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00134144 _____ () C:\WINDOWS\system32\WinMetadata\Windows.ApplicationModel.winmd
2014-05-02 20:00 - 2014-05-02 20:00 - 00138752 _____ () C:\Program Files\WindowsApps\12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37t\AsparionClockShared.DLL
2013-08-22 09:19 - 2013-08-22 08:54 - 00096256 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Storage.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd
2014-05-02 20:00 - 2014-05-02 20:00 - 00044544 _____ () C:\Program Files\WindowsApps\12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37t\eShared.DLL
2013-08-22 09:19 - 2013-08-22 08:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00020480 _____ () C:\WINDOWS\system32\WinMetadata\Windows.System.winmd
2014-12-04 18:16 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2013-09-10 22:25 - 2013-09-10 22:25 - 00102400 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-04 18:16 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-12-04 18:16 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-12-04 18:16 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2015-03-23 19:19 - 2015-03-23 19:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll
2014-12-04 18:16 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2015-04-10 11:26 - 2015-04-10 11:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2013-06-11 10:31 - 2013-06-11 10:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 15:33 - 2012-04-04 15:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 18:02 - 2013-01-08 18:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 12:51 - 2012-07-26 12:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2015-03-05 16:44 - 2015-03-05 16:44 - 02254552 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtCore4.dll
2015-03-05 16:44 - 2015-03-05 16:44 - 00976088 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtNetwork4.dll
2015-03-05 16:44 - 2015-03-05 16:44 - 08024792 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtGui4.dll
2015-03-05 16:44 - 2015-03-05 16:44 - 00032984 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\imageformats\qgif4.dll
2015-03-05 16:44 - 2015-03-05 16:44 - 01299672 _____ () C:\Program Files (x86)\Comodo\GeekBuddy\QtScript4.dll
2012-10-08 02:16 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Loreli von Röschen\Desktop\4b8dc2f200af5955b7015d4abaf28c45.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-3548527525-1266510089-1818601297-1002\...\StartupApproved\Run: => "HP Deskjet 3520 series (NET)"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{78D5B37C-E516-484F-9555-CCE5293749D8}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{B01F7119-FDCC-4105-AFCA-89D46C4B03A2}] => (Allow) C:\Program Files (x86)\Common Files\Comodo\GeekBuddyRSP.exe
FirewallRules: [{0BB43BDB-EF70-424F-8346-71BF6DCD4691}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5152F023-D9C3-4BD7-8F23-2552F35CA036}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{810B59F9-F649-4744-80E6-B82195BB63BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A7B99EDB-7B8B-49BD-B955-820CC161DBA1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{DA66003B-01F6-4B82-8781-554C863ECB24}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{CBC87E9D-04B7-47CD-8485-65886451D0A9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B1D25FD8-4650-4D0A-9E75-2453AB0696B5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{950CBBFB-6881-4139-B7B4-D5330CDF5A1A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2DC0E0BD-6D4E-497F-BF7E-2FAA0ADC24EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{61314325-2244-4028-8DE0-313599FF9DDC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E4793CB0-E2A9-4DD0-A66B-9A57C1512317}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8D60E9AB-0D57-4768-B15F-79D386D73D7A}] => (Allow) LPort=1900
FirewallRules: [{6670BD37-6968-4D82-B0DF-705698ED87E8}] => (Allow) LPort=2869
FirewallRules: [{6ECC68A7-DE35-4E17-A5CE-5EE15607F7C1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5E2282B6-2E0E-4990-B496-3BEE97D3FAE6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\{C55BF64E-60E1-494C-B1EB-97A008141A55}\setup\hpznui40.exe
FirewallRules: [{FBD851A0-5554-480F-B693-D4BF1AEC6286}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E28A790-410A-4D9A-8DE2-62098358A9E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EADF54B3-37E4-4262-AECB-1E3AFFB1FC53}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{E1FB806B-6EFC-4085-A197-F0442A704F8C}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe
FirewallRules: [{9172E97F-BD50-4B40-8E4E-91DC8D22BF74}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{078638F5-DFF6-4436-BFE9-E191F21794CE}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{56214499-9471-492C-8FFC-9FC9EE42A5A5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{AEAB197A-BAF0-4B19-A9B7-3566DD939B38}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{16FF5C9C-DFEE-41B0-9712-C67E00B96FD1}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{EF6E8D6D-BE2F-4A3F-8B13-31B02378F358}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/13/2015 02:45:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/11/2015 06:03:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm backgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: a54
Startzeit: 01d0a4601d54de42
Endzeit: 4294967295
Anwendungspfad: C:\WINDOWS\system32\backgroundTaskHost.exe
Berichts-ID: 5fafbe9f-1053-11e5-befd-8434977326ed
Vollständiger Name des fehlerhaften Pakets: Big3Software.Wurmi_2.7.0.0_neutral__fj87jj580xarp
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (06/11/2015 01:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545042b7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000082108
ID des fehlerhaften Prozesses: 0x1640
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (06/11/2015 01:22:11 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
System errors:
=============
Error: (06/12/2015 05:52:20 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/12/2015 05:52:20 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/12/2015 05:52:19 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/11/2015 06:03:17 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/11/2015 06:03:16 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)CapsuleDigital.PhotoFunia_4.10.0.0_neutral__yede6ekgzbztcS-1-15-2-3490798887-4175610012-4048354168-3993597651-1203629619-1240133896-111838046
Error: (06/11/2015 04:50:57 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/11/2015 04:50:57 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/11/2015 04:50:57 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/11/2015 04:50:57 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Error: (06/11/2015 04:50:57 PM) (Source: DCOM) (EventID: 10016) (User: Schneckchen)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}SchneckchenLoreli von RöschenS-1-5-21-3548527525-1266510089-1818601297-1002LocalHost (unter Verwendung von LRPC)12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tS-1-15-2-3176966398-4280618494-1454447290-2886210293-1753669485-3698150592-548000920
Microsoft Office:
=========================
Error: (06/13/2015 02:45:00 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (06/11/2015 06:03:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415a5401d0a4601d54de424294967295C:\WINDOWS\system32\backgroundTaskHost.exe5fafbe9f-1053-11e5-befd-8434977326edBig3Software.Wurmi_2.7.0.0_neutral__fj87jj580xarpApp
Error: (06/11/2015 01:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: backgroundTaskHost.exe6.3.9600.17415545042b7ntdll.dll6.3.9600.17736550f4336c00004090000000000082108164001d0a43d875854c3C:\WINDOWS\system32\backgroundTaskHost.exeC:\WINDOWS\SYSTEM32\ntdll.dllc5b61b36-1030-11e5-befd-8434977326ed12199Asparion.AsparionClock_3.5.1.53_neutral__f89vgcf3qm37tApp
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (06/11/2015 01:22:11 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
Error: (06/11/2015 01:22:11 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
CodeIntegrity Errors:
===================================
Date: 2015-06-10 22:51:33.136
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.tmp because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 22:22:26.577
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 22:20:31.448
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 22:14:26.276
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 22:13:52.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 22:01:10.019
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 21:43:15.369
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 21:28:50.435
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 21:27:02.043
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-06-10 21:24:12.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD A10-4600M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 27%
Total physical RAM: 7650.26 MB
Available physical RAM: 5550.72 MB
Total Pagefile: 8866.26 MB
Available Pagefile: 6594.93 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:681.05 GB) (Free:546.27 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:16.47 GB) (Free:2.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: () (Removable) (Total:14.75 GB) (Free:9.86 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: DE60E274)
Partition: GPT Partition Type.
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.8 GB) (Disk ID: 7BA00775)
Partition 1: (Not Active) - (Size=14.8 GB) - (Type=0C)
==================== End of log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit