Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 25.07.2014, 10:10   #1
cosha
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Hallo,

ich habe das Problem, dass meine aktuelle Anwendung ständig in den Hintergrund gedrängt wird. Bei der Eingabe dieses Textes muss ich ca. alle drei Zeichen ins Feld klicken, damit ich weiterschreiben kann. Im Taskmanager ist der Prozess "wisptis.exe" doppelt, einmal mit und einmal ohne Benutzername. Der ohne Benutzername lässt sich nicht beenden.
Der Prozess "OUTLOOK.EXE *32" taucht auf und verschwindet im 2-3-Sekunden-Takt.
Die CPU-Auslastung schwankt sehr stark, teilweise bis zum Maximum, obwohl kaum Anwendungen aktiv sind.
Ich habe bereits Scans mit Malwarebytes Anti-Malware, frst und GMER durchgeführt, die Logs liegen vor.
Ich habe im Forum gelesen, dass das Problem mit "wisptis.exe" nicht neu ist. Es wurde dort aber nicht deutlich, ob der Rechner evtl. inifiziert war.

Ich hoffe, jemand kann mir helfen, vielen Dank schonmal im Voraus!

Alt 25.07.2014, 10:47   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 25.07.2014, 13:47   #3
cosha
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Hallo cosinus,

erst einmal danke für die schnelle Reaktion. Scan mit frst hatte ich schon (siehe oben, das wurde im Text nicht hervorgehoben, frag nicht, warum. Hier die logs:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:59 on 24/07/2014 (Doreen)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 18.07.2014
Suchlauf-Zeit: 18:20:19
Logdatei:  Malwarebytes Anti-Malware .txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.18.07
Rootkit Datenbank: v2014.07.17.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Doreen

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 289798
Verstrichene Zeit: 29 Min, 32 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 2
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [ed129c045c1fb284f319863bd23017e9], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DatamngrCoordinator.exe, In Quarantäne, [33cc5d43542795a1907cbb06b15121df], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 3
PUP.Optional.Spigot.A, C:\Users\Doreen\AppData\LocalLow\Search Settings, In Quarantäne, [e11effa13348b680d8ea1b9f3bc7f808], 
PUP.Optional.Spigot.A, C:\Users\Doreen\AppData\LocalLow\Search Settings\res, In Quarantäne, [e11effa13348b680d8ea1b9f3bc7f808], 
PUP.Optional.Spigot.A, C:\Users\Doreen\AppData\LocalLow\Search Settings\temp, In Quarantäne, [e11effa13348b680d8ea1b9f3bc7f808], 

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 18.07.2014 18:18:06, SYSTEM, DOREEN-PC, Manual, Rootkit Database, 2014.7.3.1, 2014.7.17.1, 
Update, 18.07.2014 18:18:30, SYSTEM, DOREEN-PC, Manual, Malware Database, 2014.7.6.8, 2014.7.18.7, 

(end)
         

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 18.07.2014 18:18:06, SYSTEM, DOREEN-PC, Manual, Rootkit Database, 2014.7.3.1, 2014.7.17.1, 
Update, 18.07.2014 18:18:30, SYSTEM, DOREEN-PC, Manual, Malware Database, 2014.7.6.8, 2014.7.18.7, 

(end)
         


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Doreen (administrator) on DOREEN-PC on 24-07-2014 17:09:18
Running from C:\Users\Doreen\Downloads
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
() C:\Windows\System32\atwtusb.exe
() C:\Windows\System32\atwtusb.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Windows\PLFSetI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\AtwtusbIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Users\Doreen\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe
         

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by Doreen at 2014-07-24 17:11:25
Running from C:\Users\Doreen\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version:  - 1&1 Internet AG)
1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden
5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - )
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version:  - )
Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version:  - )
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version:  - )
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version:  - GnuCash Development Team)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version:  - Peter Pledel, -Softwareentwicklung-)
Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skillstraining (HKLM-x32\...\Skillstraining ) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - )
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.)

==================== Custom CLSID entries: ==========================

(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-07-2014 09:27:25 Windows Update
22-07-2014 10:30:58 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION
Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn)
Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain
Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe

==================== Loaded Modules (whitelisted) =============

2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe
2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe
2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe
2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe
2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll
2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll
2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d7bf
ID des fehlerhaften Prozesses: 0x1560
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Ausnahmecode: 0x40000015
Fehleroffset: 0x000a0940
ID des fehlerhaften Prozesses: 0x87c
Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0
Pfad der fehlerhaften Anwendung: HelperService.exe1
Pfad des fehlerhaften Moduls: HelperService.exe2
Berichtskennung: HelperService.exe3


System errors:
=============
Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: 
%%1115

Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht.

Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2


CodeIntegrity Errors:
===================================
  Date: 2014-07-10 22:30:14.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 22:20:32.815
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:34:17.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:22:12.189
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-07 16:52:55.845
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 17:43:28.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 1976.96 MB
Available physical RAM: 507.9 MB
Total Pagefile: 3953.92 MB
Available Pagefile: 2170.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS
Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by Doreen at 2014-07-24 17:11:25
Running from C:\Users\Doreen\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version:  - 1&1 Internet AG)
1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden
5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - )
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version:  - )
Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version:  - )
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version:  - )
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version:  - GnuCash Development Team)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version:  - Peter Pledel, -Softwareentwicklung-)
Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skillstraining (HKLM-x32\...\Skillstraining ) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - )
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.)

==================== Custom CLSID entries: ==========================

(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-07-2014 09:27:25 Windows Update
22-07-2014 10:30:58 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION
Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn)
Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain
Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe

==================== Loaded Modules (whitelisted) =============

2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe
2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe
2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe
2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe
2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll
2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll
2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d7bf
ID des fehlerhaften Prozesses: 0x1560
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Ausnahmecode: 0x40000015
Fehleroffset: 0x000a0940
ID des fehlerhaften Prozesses: 0x87c
Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0
Pfad der fehlerhaften Anwendung: HelperService.exe1
Pfad des fehlerhaften Moduls: HelperService.exe2
Berichtskennung: HelperService.exe3


System errors:
=============
Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: 
%%1115

Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht.

Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2


CodeIntegrity Errors:
===================================
  Date: 2014-07-10 22:30:14.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 22:20:32.815
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:34:17.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:22:12.189
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-07 16:52:55.845
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 17:43:28.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 1976.96 MB
Available physical RAM: 507.9 MB
Total Pagefile: 3953.92 MB
Available Pagefile: 2170.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS
Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Ich hoffe, ich habe nichts vergessen.
__________________

Alt 25.07.2014, 14:17   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Zitat:
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Woher hast du diese Windows-Edition?
Enterprise-Editionen gibt es nicht mal so beim nöchsten Laden um die Ecke. Ich vermute, dass dieser Rechner gewerblich genutzt wird, lieg ich da richtig?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 25.07.2014, 16:24   #5
cosha
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Nein. Rechner ist privat. Wir hatten ihn ohne Betriebssystem gekauft, weil ich als Student über einen Hochschulaccount verschiedene Software, u. a. BS, kostenlos bekommen konnte. Darauf hin hat uns ein guter Bekannter, Systemadmin bei der Allianz, bei der Installation geholfen (seine Install-CD und mein Key). Der Key sollte eigentlich W 7 Professional freischalten, hat dann aber die Enterprise-Installation nicht verändert.


Alt 25.07.2014, 22:07   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Ok...ich hab leider vergessen zu erwähnen, dass das FRST.txt Logfile unvollständig ist
__________________
--> Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt

Alt 25.07.2014, 23:09   #7
cosha
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Okay, hier nochmal die FRST logs:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Doreen (administrator) on DOREEN-PC on 24-07-2014 17:09:18
Running from C:\Users\Doreen\Downloads
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
() C:\Windows\System32\atwtusb.exe
() C:\Windows\System32\atwtusb.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Windows\PLFSetI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\AtwtusbIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Users\Doreen\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe
         
FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by Doreen at 2014-07-24 17:11:25
Running from C:\Users\Doreen\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version:  - 1&1 Internet AG)
1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden
5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - )
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version:  - )
Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version:  - )
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version:  - )
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version:  - GnuCash Development Team)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version:  - Peter Pledel, -Softwareentwicklung-)
Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skillstraining (HKLM-x32\...\Skillstraining ) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - )
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.)

==================== Custom CLSID entries: ==========================

(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-07-2014 09:27:25 Windows Update
22-07-2014 10:30:58 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION
Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn)
Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain
Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe

==================== Loaded Modules (whitelisted) =============

2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe
2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe
2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe
2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe
2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll
2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll
2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d7bf
ID des fehlerhaften Prozesses: 0x1560
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Ausnahmecode: 0x40000015
Fehleroffset: 0x000a0940
ID des fehlerhaften Prozesses: 0x87c
Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0
Pfad der fehlerhaften Anwendung: HelperService.exe1
Pfad des fehlerhaften Moduls: HelperService.exe2
Berichtskennung: HelperService.exe3


System errors:
=============
Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: 
%%1115

Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht.

Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2


CodeIntegrity Errors:
===================================
  Date: 2014-07-10 22:30:14.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 22:20:32.815
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:34:17.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:22:12.189
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-07 16:52:55.845
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 17:43:28.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 1976.96 MB
Available physical RAM: 507.9 MB
Total Pagefile: 3953.92 MB
Available Pagefile: 2170.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS
Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 25.07.2014, 23:38   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Das erste Log hast du schon wieder unvollständig gepostet....
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 26.07.2014, 23:33   #9
cosha
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Verflixt, ich war der Meinung mit <STRG>A würde alles markiert, aber irgend etwas hat mir ein NULL in die log geschummelt, daher hat er immer an der Stelle abgebrochen, jetzt also nochmal:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Doreen (administrator) on DOREEN-PC on 24-07-2014 17:09:18
Running from C:\Users\Doreen\Downloads
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
() C:\Windows\System32\atwtusb.exe
() C:\Windows\System32\atwtusb.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Windows\PLFSetI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\AtwtusbIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Users\Doreen\Desktop\Defogger.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe
HKLM\...\Run: [TAPIDroidProductActivation] => C:\Program Files\TAPIDroid\productactivation.exe [1521008 2014-06-04] (CONVERGIT GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-11] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6262552 2014-06-24] (Piriform Ltd)
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {86607117-1b26-11e1-8f06-4c0f6e9255d2} - G:\EasySuite.exe
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {9bfd98c6-b2f3-11e0-8f0d-206a8a1fcc7d} - H:\.\Autorun.exe AUTORUN=1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TAPICall4.lnk
ShortcutTarget: TAPICall4.lnk -> C:\Windows\Installer\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}\TAPICall.ico ()
Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0E89DCB6843CCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {08F73DEC-0B27-44D2-A1E8-4A71A760693A} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKCU - {0EFBD239-5D93-413E-A0AC-6D619F894A7B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKCU - {4FC75C4E-3F6E-4DC2-A268-CA23CB83B255} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKCU - {5AB3C5FC-13B4-4DFD-B4F8-1DE63D981EC0} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=C48A5F8F-3977-4242-8029-4554F0A2D31D&apn_sauid=4A3E7850-B174-4F26-A8A8-A031B5282E58
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {EAF13F8A-9DDC-4DC1-B525-504EECEEF6E3} URL = hxxp://start.iminent.com/?appId=F4CD3D6E-4EDF-4B49-9714-69062FB287F0&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - {EB100D93-C264-4570-ADC0-F505E9F61DDB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {01F29AE5-D48D-417B-9D00-8A115C23A0EB} -> C:\Users\Doreen\AppData\LocalLow\systems ie bho\bho.dll ()
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} ->  No File
BHO-x32: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\SysWow64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: www.google.de
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: Adblock Plus - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-18]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-03]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 HandleService; C:\Users\Doreen\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 serviceIEConfig; C:\Windows\SysWOW64\ieconfig_1und1_svc.exe [1053848 2013-04-28] ()
R2 TAPILineAgent; C:\Program Files\TAPIDroid\dalservice.exe [1269616 2014-06-04] (CONVERGIT GmbH)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [241664 2009-08-31] () [File not signed]
R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2011-07-20] ()
R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-09-20] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 ewsercd; C:\Windows\System32\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.)
S3 ewsercd; C:\Windows\SysWOW64\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [116864 2008-12-13] (Huawei Technologies Co., Ltd.)
S3 hwusbfake; C:\Windows\SysWOW64\DRIVERS\ewusbfake.sys [116224 2011-07-20] (Huawei Technologies Co., Ltd.)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [63264 2009-05-07] (O2Micro )
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 17:09 - 2014-07-24 17:10 - 00019519 _____ () C:\Users\Doreen\Downloads\FRST.txt
2014-07-24 17:09 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST
2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe
2014-07-24 17:02 - 2014-07-24 17:02 - 00129016 _____ () C:\Users\Doreen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log
2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable
2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe
2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe
2014-07-12 16:54 - 2014-07-12 21:50 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall
2014-07-12 16:52 - 2014-07-12 21:50 - 00000000 ____D () C:\ProgramData\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall
2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid
2014-07-12 13:24 - 2014-06-04 20:39 - 03063664 _____ (CONVERGIT GmbH) C:\Windows\system32\TapiDroid.tsp
2014-07-12 13:24 - 2014-06-04 20:39 - 00267120 _____ (CONVERGIT GmbH) C:\Windows\system32\lineagent.tsp
2014-07-12 12:26 - 2014-07-12 12:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT
2014-07-12 12:19 - 2014-07-12 12:20 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe
2014-07-12 12:16 - 2009-08-04 19:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-11 16:04 - 2014-07-15 14:24 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft
2014-07-10 21:34 - 2014-07-10 22:12 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe
2014-07-10 10:45 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 10:44 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 10:44 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 10:43 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 10:43 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 10:43 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 10:43 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 10:43 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 10:43 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 10:43 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 10:43 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 10:43 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 10:43 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 10:43 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 10:43 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 10:43 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 10:42 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 10:42 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 10:42 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 10:42 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 10:42 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 10:42 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 10:42 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 10:42 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 10:42 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 10:42 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 10:42 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 10:42 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 10:42 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 10:42 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 10:42 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 10:42 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 10:42 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 10:42 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 10:42 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 10:42 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 10:42 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 10:42 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 10:42 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 10:42 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 10:42 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 10:42 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 10:42 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 10:42 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 10:42 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 10:42 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 10:42 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 10:42 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 10:42 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 10:42 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 10:42 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 10:42 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 10:42 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 10:42 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 10:42 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 10:41 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 10:41 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 10:41 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 10:41 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 10:41 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 10:41 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 10:40 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 10:39 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 10:39 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 10:39 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 10:39 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 10:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 10:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 10:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 10:39 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-07 00:06 - 2014-07-18 18:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 00:06 - 2014-07-07 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 00:05 - 2014-07-07 00:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 00:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-07 00:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-07 00:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-06 23:59 - 2014-07-07 00:00 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe
2014-07-06 23:47 - 2014-07-14 04:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job
2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task
2014-07-06 23:46 - 2014-07-14 07:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job
2014-07-06 23:46 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task
2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys
2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen)
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 17:10 - 2014-07-24 17:09 - 00019519 _____ () C:\Users\Doreen\Downloads\FRST.txt
2014-07-24 17:09 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST
2014-07-24 17:08 - 2014-02-18 20:35 - 00000000 ____D () C:\Users\Doreen\Documents\Outlook-Dateien
2014-07-24 17:08 - 2011-07-08 18:01 - 00740802 _____ () C:\Windows\system32\perfh00C.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00735444 _____ () C:\Windows\system32\perfh015.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00678840 _____ () C:\Windows\system32\perfh00E.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00474100 _____ () C:\Windows\system32\perfh001.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00172364 _____ () C:\Windows\system32\perfc00E.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00156962 _____ () C:\Windows\system32\perfc015.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00150670 _____ () C:\Windows\system32\perfc00C.dat
2014-07-24 17:08 - 2011-07-08 18:01 - 00095862 _____ () C:\Windows\system32\perfc001.dat
2014-07-24 17:08 - 2011-07-08 14:30 - 00476588 _____ () C:\Windows\system32\perfh00B.dat
2014-07-24 17:08 - 2011-07-08 14:30 - 00102610 _____ () C:\Windows\system32\perfc00B.dat
2014-07-24 17:08 - 2009-07-14 12:49 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-24 17:08 - 2009-07-14 12:49 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-24 17:08 - 2009-07-14 07:13 - 05407164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-24 17:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-24 17:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe
2014-07-24 17:02 - 2014-07-24 17:02 - 00129016 _____ () C:\Users\Doreen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log
2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable
2014-07-24 16:59 - 2011-07-07 10:39 - 00000000 ____D () C:\Users\Doreen
2014-07-24 16:55 - 2014-07-24 16:57 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe
2014-07-24 16:54 - 2011-07-07 10:38 - 01199344 _____ () C:\Windows\WindowsUpdate.log
2014-07-24 16:48 - 2012-09-15 11:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-24 16:46 - 2009-07-14 04:34 - 00000528 _____ () C:\Windows\win.ini
2014-07-24 16:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-24 15:35 - 2013-09-03 10:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-22 09:01 - 2014-05-15 11:02 - 00000000 ____D () C:\Users\Doreen\Documents\Betreuertätigkeit
2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe
2014-07-20 20:33 - 2012-11-18 19:16 - 00005133 _____ () C:\ProgramData\hpzinstall.log
2014-07-18 18:18 - 2014-07-07 00:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-15 14:24 - 2014-07-11 16:04 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft
2014-07-14 14:26 - 2011-12-06 01:54 - 00000000 ____D () C:\Users\Doreen\Documents\Bewerbungsunterlagen
2014-07-14 07:45 - 2014-07-06 23:46 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job
2014-07-14 04:45 - 2014-07-06 23:47 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job
2014-07-12 21:50 - 2014-07-12 16:54 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall
2014-07-12 21:50 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall
2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid
2014-07-12 12:30 - 2014-07-12 12:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT
2014-07-12 12:20 - 2014-07-12 12:19 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe
2014-07-12 12:17 - 2011-07-08 17:34 - 00000000 ____D () C:\Windows\ar-SA
2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-07-11 21:35 - 2014-02-20 23:40 - 00000000 ____D () C:\at work
2014-07-11 21:06 - 2013-09-03 10:54 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-11 21:06 - 2013-09-03 10:54 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-11 21:05 - 2014-05-27 18:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-11 21:05 - 2014-01-02 08:25 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-11 21:05 - 2013-09-03 10:54 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-11 18:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 03:15 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:15 - 2009-07-14 13:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:12 - 2011-07-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-11 03:10 - 2013-08-18 11:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 03:07 - 2010-08-10 21:51 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 22:19 - 2014-02-20 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BdB at work
2014-07-10 22:18 - 2014-02-20 23:43 - 00000672 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BdB at work 2013.lnk
2014-07-10 22:18 - 2014-02-20 23:43 - 00000666 _____ () C:\Users\Public\Desktop\BdB at work 2013.lnk
2014-07-10 22:12 - 2014-07-10 21:34 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe
2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 14:48 - 2012-09-15 11:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 14:48 - 2012-09-15 11:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 14:48 - 2011-07-10 19:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-07 09:03 - 2013-01-16 13:04 - 00000000 ____D () C:\Users\Doreen\Documents\Eigene Scans
2014-07-07 06:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-07-07 04:45 - 2014-05-13 17:43 - 00000000 ____D () C:\Program Files\Defraggler
2014-07-07 00:07 - 2014-07-07 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 00:07 - 2014-07-07 00:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 00:05 - 2013-03-14 12:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 00:00 - 2014-07-06 23:59 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-06 23:50 - 2014-05-13 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 23:50 - 2014-05-13 17:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe
2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task
2014-07-06 23:47 - 2014-07-06 23:46 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task
2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-06-30 04:09 - 2014-07-10 10:41 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 10:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 16:40 - 2014-06-15 16:39 - 00000000 ____D () C:\Users\Doreen\.jameica
2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-28 13:36 - 2011-07-08 12:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys
2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen)
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe

Some content of TEMP:
====================
C:\Users\Doreen\AppData\Local\Temp\npfp.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-11 18:34

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by Doreen at 2014-07-24 17:11:25
Running from C:\Users\Doreen\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1und1 Internet Explorer Add-On (HKLM-x32\...\1und1 Internet Explorer Add-On) (Version:  - 1&1 Internet AG)
1und1 Internet Explorer Add-On (x32 Version: 1.0 - 1&1 Internet AG) Hidden
5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.19.3 - Suyin Optronics Corp)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.105.2015.1103 - Alps Electric)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BdB at work 2013 (HKLM-x32\...\BdB_at_Work_2005_is1) (Version: 2013 - LOGO Datensysteme GmbH)
Biet-O-Matic v2.14.8 (HKLM-x32\...\Biet-O-Matic v2.14.8) (Version: 2.14.8 - BOM Development Team)
Broadcom Gigabit Integrated Controller (HKLM\...\{F26DE123-C491-4D8C-BC86-FDF604F00226}) (Version: 14.2.5.1 - Broadcom Corporation)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
CONVERGIT TAPIDroid (HKLM\...\86E9B266-6C63-436C-A046-A52E1BEBDED0_is1) (Version: 1.0.1 - )
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die neue MDK-Prüfanleitung - Version April 2013 (HKCU\...\Die neue MDK-Prüfanleitung - Version April 2013) (Version:  - )
Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011 (HKCU\...\Die neuen Qualitätsanforderungen für Pflegeeinrichtungen - Version September 2011) (Version:  - )
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.2 - CEWE COLOR AG u Co. OHG)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
Druckstudio Geldgeschenke (HKLM-x32\...\{12640463-09D4-467A-B4C3-3F8B13A01D22}) (Version:  - )
DX-Ball 1.09 (HKLM-x32\...\DX-Ball 1.09) (Version:  - )
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Free Notes & Office Ink (HKLM-x32\...\{556F2137-B772-43BB-9A45-E0275234DD16}) (Version:   -  )
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GnuCash 2.6.3 (HKLM-x32\...\GnuCash_is1) (Version:  - GnuCash Development Team)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Join Air (HKLM-x32\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation)
Konz 2013 (HKLM-x32\...\InstallShield_{76651FD7-2B71-4B61-9F3A-E82F52F08D92}) (Version: 1.00.0000 - USM)
Konz 2013 (x32 Version: 1.00.0000 - USM) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
Lidl-Fotos (HKLM-x32\...\Lidl-Fotos_is1) (Version:  - )
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.318.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{249d5ca2-4555-41b5-a112-d45aec69dffa}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{cde5fd82-4a8f-483e-adf0-ca7343d00433}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
O2Micro Flash Memory Card Reader Driver (HKLM\...\{7C552757-172E-4C18-AA3E-3DFAC5A15DAA}) (Version: 3.31.02 - O2Micro)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF Architect (HKLM-x32\...\{30B41B7A-3C9D-44DE-A7A1-949011F33CC3}) (Version: 1.0.41.8362 - pdfforge)
PDF24 Creator 6.6.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
pdfforge Toolbar v6.0 (HKLM-x32\...\{96B3C2A3-ADD6-4E63-89D3-1E3AC115D3FA}) (Version: 6.0 - Spigot, Inc.) <==== ATTENTION
PleSoft 6.0 (HKLM-x32\...\PleSoft_is1) (Version:  - Peter Pledel, -Softwareentwicklung-)
Power Presenter RE II (HKLM-x32\...\{8537166B-40F4-4FAE-BAC5-454A4DD773B7}) (Version: 2.59 - Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skillstraining (HKLM-x32\...\Skillstraining ) (Version:  - )
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)
TAPICall 4.2.51 (HKLM-x32\...\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}) (Version: 4.2.51 - CONVERGIT GmbH)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB Tablet Manager (HKLM\...\RmTablet) (Version: 5.00 - )
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
Verbindungsassistent (HKLM-x32\...\Verbindungsassistent) (Version: 2.1 - Verbindungsassistent)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416) (HKLM\...\DFEA59689C004DFD0378309F3A583EA32D78A1B3) (Version: 01/06/2010 6.2.0.9416 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.)

==================== Custom CLSID entries: ==========================

(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

16-07-2014 09:27:25 Windows Update
22-07-2014 10:30:58 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02D69B4C-CEF2-40F8-BA5A-2CF0562F7D90} - \FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl No Task File <==== ATTENTION
Task: {128930EE-4461-453F-8C2E-95234BD9971B} - System32\Tasks\{BF97F017-2201-4AC1-9342-E7133DD34C53} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {30E2757D-8956-43FA-B62E-362F4D43C985} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {3AE48064-EF60-4B75-B5FB-F20FC604D5D5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {5F0AF058-143E-42B0-81E7-D5277367DC08} - System32\Tasks\{448A464A-3BCB-40C0-B6DE-486D13F7B886} => C:\Users\Doreen\Downloads\jameica\jameica-win64.exe [2014-01-09] (Olaf Willuhn)
Task: {8C1DCBDE-52DF-4A9C-B5E6-1CEB5D8DDB5F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {A3825148-2E33-4D98-8CEA-457AACD97A5A} - System32\Tasks\{DAB52BE3-70B8-452E-8D15-ED98D35F1712} => Firefox.exe hxxp://ui.skype.com/ui/0/5.8.0.156/de/abandoninstall?page=tsMain
Task: {B621BB39-CD15-4FD2-B5E5-CE85631BC747} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-11] (AVAST Software)
Task: {C311A7B1-3D1F-4D97-B59A-104431AC65CB} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-05-09] (IObit)
Task: {DD96AB11-13A7-4FF7-9A3D-FA8EB868307B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {E811960B-DEF5-4DA7-A877-35CE20BCCE65} - System32\Tasks\Driver Booster SkipUAC (Doreen) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {F6CBFBA6-4F20-4761-B9EE-E7B2A9FD711B} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: {F8954E27-7A66-4944-9B3F-04BA65D06D9A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2014-04-09] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe

==================== Loaded Modules (whitelisted) =============

2009-09-21 15:04 - 2009-09-21 15:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-04-28 14:44 - 2013-04-28 14:44 - 01053848 _____ () C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
2011-07-23 08:13 - 2009-08-31 10:43 - 00241664 _____ () C:\Program Files (x86)\Join Air\AssistantServices.exe
2011-07-20 20:29 - 2011-07-20 20:31 - 00330696 _____ () C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
2013-05-04 17:25 - 2012-09-20 20:29 - 00581120 _____ () C:\Windows\system32\atwtusb.exe
2011-07-08 12:38 - 2010-06-09 18:54 - 00206208 _____ () C:\Windows\PLFSetI.exe
2013-05-04 17:25 - 2012-09-10 15:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe
2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-11 21:05 - 2014-07-11 21:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-24 15:36 - 2014-07-24 15:36 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll
2014-06-21 00:10 - 2014-06-21 00:10 - 00374272 _____ () C:\Users\Doreen\AppData\Roaming\Win System\sub\default.dll
2014-07-11 21:05 - 2014-07-11 21:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2014-06-11 14:18 - 2014-06-11 14:19 - 03022960 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-11 14:18 - 2014-06-11 14:19 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-06-11 10:27 - 2014-06-11 10:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UIExec => "C:\Program Files (x86)\Join Air\UIExec.exe"
MSCONFIG\startupreg: Ulead AutoDetector v2 => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Name des fehlerhaften Moduls: OUTLOOK.EXE, Version: 14.0.7113.5000, Zeitstempel: 0x527d636c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d7bf
ID des fehlerhaften Prozesses: 0x1560
Startzeit der fehlerhaften Anwendung: 0xOUTLOOK.EXE0
Pfad der fehlerhaften Anwendung: OUTLOOK.EXE1
Pfad des fehlerhaften Moduls: OUTLOOK.EXE2
Berichtskennung: OUTLOOK.EXE3

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Name des fehlerhaften Moduls: HelperService.exe, Version: 1.0.0.1, Zeitstempel: 0x50ae2d74
Ausnahmecode: 0x40000015
Fehleroffset: 0x000a0940
ID des fehlerhaften Prozesses: 0x87c
Startzeit der fehlerhaften Anwendung: 0xHelperService.exe0
Pfad der fehlerhaften Anwendung: HelperService.exe1
Pfad des fehlerhaften Moduls: HelperService.exe2
Berichtskennung: HelperService.exe3


System errors:
=============
Error: (07/21/2014 10:00:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet: 
%%1115

Error: (07/20/2014 09:47:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Event Log" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/19/2014 00:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Intel(R) PROSet/Wireless Event Log erreicht.

Error: (07/14/2014 11:49:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/14/2014 03:38:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 08:55:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0006F03A-0000-0000-C000-000000000046}

Error: (07/14/2014 07:42:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/13/2014 07:46:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/13/2014 11:45:26 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9BA38BF4-8CDF-428B-AE44-83E1182B2938}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (07/24/2014 04:56:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 09:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: OUTLOOK.EXE14.0.7113.5000527d636cOUTLOOK.EXE14.0.7113.5000527d636cc00000050001d7bf156001cfa45313154dc9C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEC:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE81c96feb-1046-11e4-9c1e-560f6e9255d2

Error: (07/20/2014 08:46:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/20/2014 08:45:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe

Error: (07/14/2014 11:47:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HelperService.exe1.0.0.150ae2d74HelperService.exe1.0.0.150ae2d7440000015000a094087c01cf9f798d62b54dC:\Program Files (x86)\PDF Architect\HelperService.exeC:\Program Files (x86)\PDF Architect\HelperService.exe847cfebb-0ba0-11e4-a1b0-560f6e9255d2


CodeIntegrity Errors:
===================================
  Date: 2014-07-10 22:30:14.811
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 22:20:32.815
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:34:17.122
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-10 21:22:12.189
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-07 16:52:55.845
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-06 17:43:28.578
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 74%
Total physical RAM: 1976.96 MB
Available physical RAM: 507.9 MB
Total Pagefile: 3953.92 MB
Available Pagefile: 2170.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:116.33 GB) (Free:63.9 GB) NTFS
Drive d: () (Fixed) (Total:116.45 GB) (Free:116.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 404E404D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=116 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 27.07.2014, 19:50   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.07.2014, 11:56   #11
cosha
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Gut, also los:

zu 1.)

Code:
ATTFilter
# AdwCleaner v3.300 - Bericht erstellt am 28/07/2014 um 11:04:51
# Aktualisiert 27/07/2014 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzername : Doreen - DOREEN-PC
# Gestartet von : C:\Users\Doreen\Desktop\adwcleaner_3.300.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\Common Files\IMGUpdater
Ordner Gefunden : C:\Program Files (x86)\Common Files\Spigot
Ordner Gefunden : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gefunden : C:\Program Files\Web Assistant
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Premium
Ordner Gefunden : C:\Users\Doreen\AppData\LocalLow\pdfforge
Ordner Gefunden : C:\Users\Doreen\AppData\Roaming\pdfforge

***** [ Tasks ] *****

Task Gefunden : Driver Booster Scan
Task Gefunden : Driver Booster Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\pdfforge
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\pdfforge
Schlüssel Gefunden : [x64] HKCU\Software\Search Settings
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\pdfforgeToolbar-stub-1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Schlüssel Gefunden : HKLM\Software\pdfforge
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\Web Assistant
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Web Assistant
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gefunden : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\prefs.js ]

Zeile gefunden : user_pref("iminent.LayoutId", "28");
Zeile gefunden : user_pref("iminent.enableToolbar", "false");
Zeile gefunden : user_pref("iminent.enabledAds", "obsolete");
Zeile gefunden : user_pref("iminent.newtabredirect", "true");
Zeile gefunden : user_pref("iminent.nomsi", "true");
Zeile gefunden : user_pref("iminent.registerToolbarEvent102", "1403347070939");
Zeile gefunden : user_pref("iminent.searchindex", "1");
Zeile gefunden : user_pref("iminent.version", "8.25.2.1");
Zeile gefunden : user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]

*************************

AdwCleaner[R0].txt - [5193 octets] - [28/07/2014 11:04:51]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5253 octets] ##########
         
zu 2.)

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Enterprise x64
Ran by Doreen on 28.07.2014 at 11:46:36,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2778196636-664131229-1303017621-1000\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\web assistant
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\TaskScheduler_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{5AB3C5FC-13B4-4DFD-B4F8-1DE63D981EC0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EAF13F8A-9DDC-4DC1-B525-504EECEEF6E3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\Users\Doreen\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\Doreen\appdata\locallow\pdfforge"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\umbrella"
Successfully deleted: [Empty Folder] C:\Users\Doreen\appdata\local\{C612833A-F322-4EBC-97B6-7C0541016183}
Successfully deleted: [Folder] "C:\ProgramData\ask"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Doreen\AppData\Roaming\mozilla\firefox\profiles\3xc3jzu1.default\prefs.js

user_pref("iminent.LayoutId", "28");
user_pref("iminent.enableToolbar", "false");
user_pref("iminent.enabledAds", "obsolete");
user_pref("iminent.newtabredirect", "true");
user_pref("iminent.nomsi", "true");
user_pref("iminent.registerToolbarEvent102", "1403347070939");
user_pref("iminent.searchindex", "1");
user_pref("iminent.version", "8.25.2.1");
user_pref("{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocatio
Emptied folder: C:\Users\Doreen\AppData\Roaming\mozilla\firefox\profiles\3xc3jzu1.default\minidumps [68 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.07.2014 at 12:04:53,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
und zu 3.)


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Doreen (administrator) on DOREEN-PC on 28-07-2014 12:42:28
Running from C:\Users\Doreen\Downloads
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Handle) C:\Users\Doreen\AppData\Roaming\Win System\handle.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\ieconfig_1und1_svc.exe
() C:\Program Files (x86)\Join Air\AssistantServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Verbindungsassistent\WTGService.exe
() C:\Windows\System32\atwtusb.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Windows\System32\atwtusb.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Windows\PLFSetI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\System32\AtwtusbIcon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google) C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CONVERGIT GmbH) C:\Program Files (x86)\TAPICall\TAPICall_Core.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CONVERGIT GmbH) C:\Program Files\TAPIDroid\dalservice.exe
() C:\Users\Doreen\Desktop\adwcleaner_3.300.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Thisisu) C:\Users\Doreen\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-21] (Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-06-28] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [AtwtusbIcon] => AtwtusbIcon.exe 
HKLM\...\Run: [TAPIDroidProductActivation] => C:\Program Files\TAPIDroid\productactivation.exe [1521008 2014-06-04] (CONVERGIT GmbH)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-11] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-06-27] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [6262552 2014-06-24] (Piriform Ltd)
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {86607117-1b26-11e1-8f06-4c0f6e9255d2} - G:\EasySuite.exe
HKU\S-1-5-21-2778196636-664131229-1303017621-1000\...\MountPoints2: {9bfd98c6-b2f3-11e0-8f0d-206a8a1fcc7d} - H:\.\Autorun.exe AUTORUN=1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Google Calendar Sync.lnk
ShortcutTarget: Google Calendar Sync.lnk -> C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TAPICall4.lnk
ShortcutTarget: TAPICall4.lnk -> C:\Windows\Installer\{984FAEE8-B42C-4BA5-903A-4B05A7B099A1}\TAPICall.ico ()
Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Doreen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x0E89DCB6843CCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {08F73DEC-0B27-44D2-A1E8-4A71A760693A} URL = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
SearchScopes: HKCU - {0EFBD239-5D93-413E-A0AC-6D619F894A7B} URL = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
SearchScopes: HKCU - {4FC75C4E-3F6E-4DC2-A268-CA23CB83B255} URL = hxxp://go.web.de/suchbox/google?q={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {EB100D93-C264-4570-ADC0-F505E9F61DDB} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {01F29AE5-D48D-417B-9D00-8A115C23A0EB} -> C:\Users\Doreen\AppData\LocalLow\systems ie bho\bho.dll ()
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: 1&&1 Internet AG Browser Configuration by mquadr.at -> {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} -> C:\Windows\SysWow64\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: www.google.de
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-26]
FF Extension: Adblock Plus - C:\Users\Doreen\AppData\Roaming\Mozilla\Firefox\Profiles\3xc3jzu1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-11]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-06-11]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-11-18]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2012-12-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-09-03]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 HandleService; C:\Users\Doreen\AppData\Roaming\Win System\handle.exe [637952 2014-06-10] (Handle) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S4 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1522312 2012-11-22] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [905864 2012-11-22] (pdfforge GbR)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 serviceIEConfig; C:\Windows\SysWOW64\ieconfig_1und1_svc.exe [1053848 2013-04-28] ()
R2 TAPILineAgent; C:\Program Files\TAPIDroid\dalservice.exe [1269616 2014-06-04] (CONVERGIT GmbH)
R2 UI Assistant Service; C:\Program Files (x86)\Join Air\AssistantServices.exe [241664 2009-08-31] () [File not signed]
R2 WTGService; C:\Program Files (x86)\Verbindungsassistent\WTGService.exe [330696 2011-07-20] ()
R2 WTService; C:\Windows\system32\atwtusb.exe [581120 2012-09-20] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 ewsercd; C:\Windows\System32\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.)
S3 ewsercd; C:\Windows\SysWOW64\DRIVERS\ewsercd.sys [112896 2011-07-20] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\SysWOW64\DRIVERS\ewusbmdm.sys [116864 2008-12-13] (Huawei Technologies Co., Ltd.)
S3 hwusbfake; C:\Windows\SysWOW64\DRIVERS\ewusbfake.sys [116224 2011-07-20] (Huawei Technologies Co., Ltd.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-25] (Malwarebytes Corporation)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [63264 2009-05-07] (O2Micro )
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider)
S2 mdmxsdk; system32\DRIVERS\mdmxsdk.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 12:42 - 2014-07-28 12:42 - 00019292 _____ () C:\Users\Doreen\Downloads\FRST.txt
2014-07-28 12:35 - 2014-07-28 12:35 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT1.txt
2014-07-28 12:04 - 2014-07-28 12:04 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT.txt
2014-07-28 11:46 - 2014-07-28 11:46 - 00000000 ____D () C:\Windows\ERUNT
2014-07-28 11:43 - 2014-07-28 11:43 - 01016261 _____ (Thisisu) C:\Users\Doreen\Desktop\JRT.exe
2014-07-28 11:36 - 2014-07-28 11:36 - 00005361 _____ () C:\Users\Doreen\Desktop\AdwCleaner[R0].txt
2014-07-28 11:04 - 2014-07-28 11:06 - 00000000 ____D () C:\AdwCleaner
2014-07-28 11:02 - 2014-07-28 11:02 - 01367289 _____ () C:\Users\Doreen\Desktop\adwcleaner_3.300.exe
2014-07-25 10:39 - 2014-07-25 10:39 - 00000262 _____ () C:\Users\Doreen\Desktop\Malwarebytes Anti-Malware Schutz.txt
2014-07-25 10:36 - 2014-07-25 10:36 - 00001884 _____ () C:\Users\Doreen\Desktop\ Malwarebytes Anti-Malware .txt
2014-07-24 23:05 - 2014-07-24 23:05 - 00456288 _____ () C:\Users\Doreen\Desktop\gmer.log
2014-07-24 17:20 - 2014-07-24 17:20 - 00380416 _____ () C:\Users\Doreen\Downloads\Gmer-19357.exe
2014-07-24 17:11 - 2014-07-24 17:14 - 00042201 _____ () C:\Users\Doreen\Desktop\Addition.txt
2014-07-24 17:09 - 2014-07-28 12:42 - 00000000 ____D () C:\FRST
2014-07-24 17:09 - 2014-07-24 17:14 - 00067941 _____ () C:\Users\Doreen\Desktop\FRST.txt
2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe
2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log
2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable
2014-07-24 16:57 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe
2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe
2014-07-12 16:54 - 2014-07-12 21:50 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall
2014-07-12 16:52 - 2014-07-12 21:50 - 00000000 ____D () C:\ProgramData\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall
2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid
2014-07-12 13:24 - 2014-06-04 20:39 - 03063664 _____ (CONVERGIT GmbH) C:\Windows\system32\TapiDroid.tsp
2014-07-12 13:24 - 2014-06-04 20:39 - 00267120 _____ (CONVERGIT GmbH) C:\Windows\system32\lineagent.tsp
2014-07-12 12:26 - 2014-07-12 12:30 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT
2014-07-12 12:19 - 2014-07-12 12:20 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe
2014-07-12 12:16 - 2009-08-04 19:56 - 00296960 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftsrch.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\ftsrch.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx041e.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\ftlx041e.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftlx0411.dll
2014-07-12 12:16 - 2009-08-04 19:55 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\ftlx0411.dll
2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-11 16:04 - 2014-07-15 14:24 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft
2014-07-10 21:34 - 2014-07-10 22:12 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe
2014-07-10 10:45 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 10:45 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 10:45 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 10:44 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 10:44 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 10:43 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 10:43 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 10:43 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 10:43 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 10:43 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 10:43 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 10:43 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 10:43 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 10:43 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 10:43 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 10:43 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 10:43 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 10:43 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 10:42 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 10:42 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 10:42 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 10:42 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 10:42 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 10:42 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 10:42 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 10:42 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 10:42 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 10:42 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 10:42 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 10:42 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 10:42 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 10:42 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 10:42 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 10:42 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 10:42 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 10:42 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 10:42 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 10:42 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 10:42 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 10:42 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 10:42 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 10:42 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 10:42 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 10:42 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 10:42 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 10:42 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 10:42 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 10:42 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 10:42 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 10:42 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 10:42 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 10:42 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 10:42 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 10:42 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 10:42 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 10:42 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 10:42 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 10:41 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 10:41 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 10:41 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 10:41 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 10:41 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 10:41 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 10:40 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 10:39 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 10:39 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 10:39 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 10:39 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 10:39 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 10:39 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 10:39 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-10 10:39 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-07 00:06 - 2014-07-25 10:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 00:06 - 2014-07-07 00:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 00:05 - 2014-07-07 00:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 00:05 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-07 00:05 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-07 00:05 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-06 23:59 - 2014-07-07 00:00 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe
2014-07-06 23:47 - 2014-07-14 04:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job
2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task
2014-07-06 23:46 - 2014-07-14 07:45 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job
2014-07-06 23:46 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task
2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys
2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen)
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 12:43 - 2014-07-28 12:42 - 00019292 _____ () C:\Users\Doreen\Downloads\FRST.txt
2014-07-28 12:42 - 2014-07-24 17:09 - 00000000 ____D () C:\FRST
2014-07-28 12:35 - 2014-07-28 12:35 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT1.txt
2014-07-28 12:34 - 2014-02-18 20:35 - 00000000 ____D () C:\Users\Doreen\Documents\Outlook-Dateien
2014-07-28 12:04 - 2014-07-28 12:04 - 00004093 _____ () C:\Users\Doreen\Desktop\JRT.txt
2014-07-28 11:48 - 2012-09-15 11:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-28 11:46 - 2014-07-28 11:46 - 00000000 ____D () C:\Windows\ERUNT
2014-07-28 11:43 - 2014-07-28 11:43 - 01016261 _____ (Thisisu) C:\Users\Doreen\Desktop\JRT.exe
2014-07-28 11:36 - 2014-07-28 11:36 - 00005361 _____ () C:\Users\Doreen\Desktop\AdwCleaner[R0].txt
2014-07-28 11:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 11:07 - 2009-07-14 06:45 - 00016320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 11:06 - 2014-07-28 11:04 - 00000000 ____D () C:\AdwCleaner
2014-07-28 11:04 - 2011-07-08 18:01 - 00740802 _____ () C:\Windows\system32\perfh00C.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00735444 _____ () C:\Windows\system32\perfh015.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00678840 _____ () C:\Windows\system32\perfh00E.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00474100 _____ () C:\Windows\system32\perfh001.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00172364 _____ () C:\Windows\system32\perfc00E.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00156962 _____ () C:\Windows\system32\perfc015.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00150670 _____ () C:\Windows\system32\perfc00C.dat
2014-07-28 11:04 - 2011-07-08 18:01 - 00095862 _____ () C:\Windows\system32\perfc001.dat
2014-07-28 11:04 - 2011-07-08 14:30 - 00476588 _____ () C:\Windows\system32\perfh00B.dat
2014-07-28 11:04 - 2011-07-08 14:30 - 00102610 _____ () C:\Windows\system32\perfc00B.dat
2014-07-28 11:04 - 2009-07-14 12:49 - 00703230 _____ () C:\Windows\system32\perfh007.dat
2014-07-28 11:04 - 2009-07-14 12:49 - 00150838 _____ () C:\Windows\system32\perfc007.dat
2014-07-28 11:04 - 2009-07-14 07:13 - 05407164 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-28 11:03 - 2011-07-07 10:38 - 01275975 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 11:02 - 2014-07-28 11:02 - 01367289 _____ () C:\Users\Doreen\Desktop\adwcleaner_3.300.exe
2014-07-28 10:58 - 2013-09-03 10:54 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-28 10:57 - 2009-07-14 04:34 - 00000528 _____ () C:\Windows\win.ini
2014-07-28 10:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 14:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-25 10:39 - 2014-07-25 10:39 - 00000262 _____ () C:\Users\Doreen\Desktop\Malwarebytes Anti-Malware Schutz.txt
2014-07-25 10:36 - 2014-07-25 10:36 - 00001884 _____ () C:\Users\Doreen\Desktop\ Malwarebytes Anti-Malware .txt
2014-07-25 10:33 - 2014-07-07 00:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-25 10:06 - 2013-03-14 08:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 10:06 - 2013-03-14 08:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-24 23:14 - 2013-03-14 08:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-24 23:05 - 2014-07-24 23:05 - 00456288 _____ () C:\Users\Doreen\Desktop\gmer.log
2014-07-24 17:20 - 2014-07-24 17:20 - 00380416 _____ () C:\Users\Doreen\Downloads\Gmer-19357.exe
2014-07-24 17:14 - 2014-07-24 17:11 - 00042201 _____ () C:\Users\Doreen\Desktop\Addition.txt
2014-07-24 17:14 - 2014-07-24 17:09 - 00067941 _____ () C:\Users\Doreen\Desktop\FRST.txt
2014-07-24 17:02 - 2014-07-24 17:02 - 02093568 _____ (Farbar) C:\Users\Doreen\Downloads\FRST64.exe
2014-07-24 16:59 - 2014-07-24 16:59 - 00000474 _____ () C:\Users\Doreen\Desktop\defogger_disable.log
2014-07-24 16:59 - 2014-07-24 16:59 - 00000000 _____ () C:\Users\Doreen\defogger_reenable
2014-07-24 16:59 - 2011-07-07 10:39 - 00000000 ____D () C:\Users\Doreen
2014-07-24 16:55 - 2014-07-24 16:57 - 00050477 _____ () C:\Users\Doreen\Desktop\Defogger.exe
2014-07-24 16:55 - 2014-07-24 16:55 - 00050477 _____ () C:\Users\Doreen\Downloads\Defogger.exe
2014-07-22 09:01 - 2014-05-15 11:02 - 00000000 ____D () C:\Users\Doreen\Documents\Betreuertätigkeit
2014-07-20 20:45 - 2014-07-20 20:45 - 02347384 _____ (ESET) C:\Users\Doreen\Downloads\esetsmartinstaller_deu.exe
2014-07-20 20:33 - 2012-11-18 19:16 - 00005133 _____ () C:\ProgramData\hpzinstall.log
2014-07-15 14:24 - 2014-07-11 16:04 - 00000000 ____D () C:\Users\Doreen\Documents\Studium Verwaltung und Recht-Betreuung u. Vormundschaft
2014-07-14 14:26 - 2011-12-06 01:54 - 00000000 ____D () C:\Users\Doreen\Documents\Bewerbungsunterlagen
2014-07-14 07:45 - 2014-07-06 23:46 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job
2014-07-14 04:45 - 2014-07-06 23:47 - 00000410 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job
2014-07-12 21:50 - 2014-07-12 16:54 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\TAPICall
2014-07-12 21:50 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPICall
2014-07-12 16:52 - 2014-07-12 16:52 - 00000000 ____D () C:\Program Files (x86)\TAPICall
2014-07-12 16:48 - 2014-07-12 16:48 - 10016768 _____ () C:\Users\Doreen\Downloads\TAPICall-10000.msi
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAPIDroid
2014-07-12 13:24 - 2014-07-12 13:24 - 00000000 ____D () C:\Program Files\TAPIDroid
2014-07-12 12:30 - 2014-07-12 12:26 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-12 12:22 - 2014-07-12 12:22 - 00000000 ____D () C:\ProgramData\CONVERGIT
2014-07-12 12:20 - 2014-07-12 12:19 - 15556064 _____ ( ) C:\Users\Doreen\Downloads\TAPIDroid-10000.exe
2014-07-12 12:17 - 2011-07-08 17:34 - 00000000 ____D () C:\Windows\ar-SA
2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-07-12 12:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-07-11 21:35 - 2014-02-20 23:40 - 00000000 ____D () C:\at work
2014-07-11 21:06 - 2013-09-03 10:54 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-11 21:06 - 2013-09-03 10:54 - 00001972 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-11 21:05 - 2014-07-11 21:05 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-11 21:05 - 2014-05-27 18:56 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-11 21:05 - 2014-01-02 08:25 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-11 21:05 - 2013-09-03 10:54 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-11 21:05 - 2013-09-03 10:54 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-11 03:15 - 2014-05-06 03:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:15 - 2009-07-14 13:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 03:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:12 - 2011-07-07 14:23 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-11 03:10 - 2013-08-18 11:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 03:07 - 2010-08-10 21:51 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 22:19 - 2014-02-20 23:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BdB at work
2014-07-10 22:18 - 2014-02-20 23:43 - 00000672 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\BdB at work 2013.lnk
2014-07-10 22:18 - 2014-02-20 23:43 - 00000666 _____ () C:\Users\Public\Desktop\BdB at work 2013.lnk
2014-07-10 22:12 - 2014-07-10 21:34 - 374366024 _____ (LOGO Datensysteme GmbH ) C:\Users\Doreen\Downloads\atwork_2013_setup(1).exe
2014-07-09 14:48 - 2014-07-09 14:48 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 14:48 - 2012-09-15 11:33 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 14:48 - 2012-09-15 11:33 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 14:48 - 2011-07-10 19:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-07 09:03 - 2013-01-16 13:04 - 00000000 ____D () C:\Users\Doreen\Documents\Eigene Scans
2014-07-07 06:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-07-07 04:45 - 2014-05-13 17:43 - 00000000 ____D () C:\Program Files\Defraggler
2014-07-07 00:07 - 2014-07-07 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-07 00:07 - 2014-07-07 00:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-07 00:05 - 2013-03-14 12:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 00:00 - 2014-07-06 23:59 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Doreen\Downloads\mbam-setup-2.0.0.1000.exe
2014-07-06 23:50 - 2014-05-13 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-06 23:50 - 2014-05-13 17:30 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-06 23:49 - 2014-07-06 23:49 - 04812672 _____ (Piriform Ltd) C:\Users\Doreen\Downloads\ccsetup415.exe
2014-07-06 23:47 - 2014-07-06 23:47 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume D Task
2014-07-06 23:47 - 2014-07-06 23:46 - 00003210 _____ () C:\Windows\System32\Tasks\Defraggler Volume C Task
2014-06-30 05:24 - 2014-06-30 05:24 - 00000000 ____D () C:\Users\Doreen\AppData\Local\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00001085 _____ () C:\Users\Public\Desktop\PDF24 Creator.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00001065 _____ () C:\Users\Public\Desktop\PDF24 Fax.lnk
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-06-30 05:20 - 2014-06-30 05:20 - 00000000 ____D () C:\Program Files (x86)\PDF24
2014-06-30 04:09 - 2014-07-10 10:41 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 10:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 16:40 - 2014-06-15 16:39 - 00000000 ____D () C:\Users\Doreen\.jameica
2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-06-29 11:52 - 2011-07-07 12:17 - 00001128 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-28 13:36 - 2014-06-28 13:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-06-28 13:36 - 2011-07-08 12:41 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-06-28 13:34 - 2014-06-28 13:34 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-06-28 13:34 - 2014-06-28 13:34 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-06-28 13:33 - 2014-06-28 13:33 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-06-28 13:33 - 2014-06-28 13:33 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-06-28 13:33 - 2014-06-28 13:33 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-06-28 13:33 - 2014-06-28 13:33 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-06-28 13:33 - 2014-06-28 13:33 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-06-28 13:32 - 2014-06-28 13:32 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-06-28 13:27 - 2014-06-28 13:27 - 00462544 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57nd60a.sys
2014-06-28 13:16 - 2014-06-28 13:16 - 00003216 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-06-28 13:16 - 2014-06-28 13:16 - 00003160 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-06-28 13:16 - 2014-06-28 13:16 - 00002856 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Doreen)
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Users\Doreen\AppData\Roaming\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\ProgramData\IObit
2014-06-28 13:16 - 2014-06-28 13:16 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-28 13:13 - 2014-06-28 13:13 - 00961360 _____ (Chip Digital GmbH) C:\Users\Doreen\Downloads\Driver Booster Free - CHIP-Installer.exe

Some content of TEMP:
====================
C:\Users\Doreen\AppData\Local\Temp\npfp.dll
C:\Users\Doreen\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-11 18:34

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 28.07.2014, 18:44   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Standard

Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt



Edit: Lade adwCleaner bitte neu runter, die alte adwCleaner bitte löschen. Und bitte dann auch auf Löschen klicken nach dem Suchlauf.
__________________
Logfiles bitte immer in CODE-Tags posten

Geändert von cosinus (28.07.2014 um 21:13 Uhr)

Antwort

Themen zu Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt
aktiv, aktuelle, aktuelle anwendung wird in den hintergrund gedrängt, anti-malware, anwendung, anwendungen, benutzer, cpu-auslastung, doppel, doppelt, durchgeführt, eingabe, forum, gen, gmer, hintergrund, klicke, klicken, malwarebytes, neu, problem, prozess, rechner, schonmal, taskmanager, wisptis.exe doppelt, zeichen



Ähnliche Themen: Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  3. Mein Laptop soll vom "Dealfinder" und vom "HolenMediaPlayer" bereinigt werden
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (7)
  4. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  5. "Skype" und "Minianwendungen" werden nicht mehr ausgeführt (Windows 7)
    Log-Analyse und Auswertung - 21.05.2013 (3)
  6. Ordner wie "Anwendungsdaten" oder "Lokale Einstellungen" werden im Explorer nicht angezeigt
    Plagegeister aller Art und deren Bekämpfung - 08.02.2013 (5)
  7. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  8. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  9. Programme und gestartete Anwendungen (auch im Hintergrund) schließen nicht "normal"
    Plagegeister aller Art und deren Bekämpfung - 08.08.2012 (7)
  10. Malwarereinigung: "TR/Kazy.25747.40", "Trojan.Downloader..." und "Backdoor: Win32Cycbot.B"
    Log-Analyse und Auswertung - 09.06.2011 (1)
  11. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  12. Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Alles rund um Windows - 16.04.2011 (0)
  13. IE öffnet PopUps die zum Teil auch "unsichtbar" im Hintergrund aktiviert werden
    Log-Analyse und Auswertung - 26.08.2010 (1)
  14. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  15. "error cleaner" "privacy protector" "spyware&malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (7)
  16. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)

Zum Thema Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt - Hallo, ich habe das Problem, dass meine aktuelle Anwendung ständig in den Hintergrund gedrängt wird. Bei der Eingabe dieses Textes muss ich ca. alle drei Zeichen ins Feld klicken, damit - Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt...
Archiv
Du betrachtest: Anwendungen werden "in den Hintergrund" geschoben, "wisptis.exe" doppelt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.