Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows startet nach ADW-Cleaner mit lautem Piepen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.10.2014, 09:23   #1
mÖre
 
Windows startet nach ADW-Cleaner mit lautem Piepen - Standard

Windows startet nach ADW-Cleaner mit lautem Piepen



Hiho
EIn Kumpel hat mir mal wieder nen Rechner gebracht. Fehlerbeschriebung "alles langsamm, überall Werbung"

Jedenfalls habe ich meinen normalen Workflow, der in 99% der Fälle (hier dank des Forums) klappt
JRT danach ADW Cleaner und zu guter Letzt eigentlich immer noch MWB

JRT und ADW haben eine ganze Mengen gefunden, ADW wollte dann den Rechner neu starten und seither startet der Rechner mit einem Extrem lauten Piepen.

Hierbei handelt es sich nicht um ein Hardwarepiepen (die kleinen Quälgeister auf dem Mainboard), sondern aus der Software herraus. Win7proX64 startet, zeigt dieses pulsierende "Fenster" an, wird dann kurz schwarz und wenn dann das blaue Anmeldefenster kommt, beginnt dieser extrem laute und durchdringende Lärm.
Es handelt sich um ein Notebook. Wenn ich Kopfhörer (oder zuimindest einen Blindstecker) einstecke, habe ich zumindest einmal Ruhe.

Daraufhin habe ich mit der Kaspersky RescueDisk einen kompletten Systemscan gemacht. Dieser hatte einige Trojaner gefunden (teils jedoch auch aus der Carantene von ADW)

Ein erneuter Scan mit beiden Software zeigt KEINE Schadsoftware mehr an (leere Logs).
TuneUp 2013 habe ich danach noch manuell deinstalliert und im Abgesicherten Modus alle Startprogramme/Dienste, die mir nichts gesagt haben, deaktiviert.

Anbei noch ein FRST des aktuellen Systems und das Log von Kaspersky. Leider habe ich die ersten Logs von JRT und ADW nicht mehr (Werden ja überschrieben)

Wodran kann es nun liegen? Der PC hatte bis zum Neustart durch ADW dieses Geräusch nicht gemacht.

KRD
Code:
ATTFilter
Untersuchung von Objekten: wurde abgeschlossen vor weniger als einer Minute  (Ereignis: 44, Objekte: 725904, Zeit: 16:05:57)	
15.10.14 07:57	Aufgabe wurde abgeschlossen			
15.10.14 07:57	Erstellen von Sicherungskopie unmöglich: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Protocol.dll		
15.10.14 07:57	Gefunden: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Protocol.dll		
15.10.14 07:56	Löschen unmöglich: not-a-virus:AdWare.Win32.Eorezo.eid	C:/AdwCleaner/Quarantine/C/Program Files (x86)/mbot_de_53/mybestofferstoday_widget.exe.vir	Objekt nicht gefunden	
15.10.14 07:56	Gefunden: not-a-virus:AdWare.Win32.Eorezo.eid	C:/AdwCleaner/Quarantine/C/Program Files (x86)/mbot_de_53/mybestofferstoday_widget.exe.vir		
15.10.14 07:56	Löschen unmöglich: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/1fbc04e6-0079-4716-b47e-f6c7a5543cb7.exe.vir	Objekt nicht gefunden	
14.10.14 17:49	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/1fbc04e6-0079-4716-b47e-f6c7a5543cb7.exe.vir		
14.10.14 17:15	Nicht desinfizierte Objekte: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Protocol.dll	Zurückgestellt	
14.10.14 17:15	Gefunden: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Protocol.dll		
14.10.14 17:15	Nicht desinfizierte Objekte: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Core.dll	Zurückgestellt	
14.10.14 17:15	Gefunden: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Core.dll		
14.10.14 17:15	Nicht desinfizierte Objekte: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/Newtonsoft.Json.dll	Zurückgestellt	
14.10.14 17:15	Gefunden: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/Newtonsoft.Json.dll		
14.10.14 17:15	Nicht desinfizierte Objekte: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/Interop.IWshRuntimeLibrary.dll	Zurückgestellt	
14.10.14 17:15	Gefunden: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/Interop.IWshRuntimeLibrary.dll		
14.10.14 17:15	Nicht desinfizierte Objekte: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Common.dll	Zurückgestellt	
14.10.14 17:15	Gefunden: not-a-virus:AdWare.NSIS.Adwapper.au	C:/Program Files (x86)/HD-Quality-v3/SuperSocket.ClientEngine.Common.dll		
14.10.14 15:52	Nicht desinfizierte Objekte: not-a-virus:AdWare.Win32.InstallCore.h	C:/AdwCleaner/Quarantine/C/Windows/System32/roboot64.exe.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: not-a-virus:AdWare.Win32.InstallCore.h	C:/AdwCleaner/Quarantine/C/Windows/System32/roboot64.exe.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: not-a-virus:AdWare.Win32.Agent.eqwb	C:/AdwCleaner/Quarantine/C/ProgramData/WindowsMangerProtect/ProtectWindowsManager.exe.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: not-a-virus:AdWare.Win32.Agent.eqwb	C:/AdwCleaner/Quarantine/C/ProgramData/WindowsMangerProtect/ProtectWindowsManager.exe.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: not-a-virus:AdWare.Win32.Eorezo.eid	C:/AdwCleaner/Quarantine/C/Program Files (x86)/mbot_de_53/mybestofferstoday_widget.exe.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: not-a-virus:AdWare.Win32.Eorezo.eid	C:/AdwCleaner/Quarantine/C/Program Files (x86)/mbot_de_53/mybestofferstoday_widget.exe.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/SuperSocket.ClientEngine.Core.dll.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/SuperSocket.ClientEngine.Core.dll.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/SuperSocket.ClientEngine.Protocol.dll.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/SuperSocket.ClientEngine.Protocol.dll.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/SuperSocket.ClientEngine.Common.dll.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/SuperSocket.ClientEngine.Common.dll.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/Newtonsoft.Json.dll.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/Newtonsoft.Json.dll.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/Interop.IWshRuntimeLibrary.dll.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/Interop.IWshRuntimeLibrary.dll.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/HQVP1.9V20.09-codedownloader.exe.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/HQVP1.9V20.09-codedownloader.exe.vir		
14.10.14 15:52	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/HQVP1.9V20.09-bho64.dll.vir	Zurückgestellt	
14.10.14 15:52	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/HQVP1.9V20.09-bho64.dll.vir		
14.10.14 15:51	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/efb5b214-b838-4217-926d-79954b93845e.exe.vir	Zurückgestellt	
14.10.14 15:51	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/efb5b214-b838-4217-926d-79954b93845e.exe.vir		
14.10.14 15:51	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/7df4f20b-270a-4db5-8600-6e1d21402378-4.exe.vir	Zurückgestellt	
14.10.14 15:51	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/7df4f20b-270a-4db5-8600-6e1d21402378-4.exe.vir		
14.10.14 15:51	Nicht desinfizierte Objekte: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/1fbc04e6-0079-4716-b47e-f6c7a5543cb7.exe.vir	Zurückgestellt	
14.10.14 15:51	Gefunden: Trojan.NSIS.GoogUpdate.dj	C:/AdwCleaner/Quarantine/C/Program Files (x86)/HQVP1.9V20.09/1fbc04e6-0079-4716-b47e-f6c7a5543cb7.exe.vir		
14.10.14 15:51	Aufgabe wurde gestartet
         
FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-09-2014 01 (ATTENTION: ====> FRST version is 38 days old and could be outdated)
Ran by vinzelberg (administrator) on VINZELBERG-TOSH on 15-10-2014 10:09:15
Running from F:\Viren
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-09-22] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-06] (Toshiba Europe GmbH)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-07-30] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {1d6f20c7-6e08-11e2-ac54-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {2fb833ea-8237-11e0-8eac-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {3fb7c7c8-f90f-11de-a6d9-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {3fb7c7fa-f90f-11de-a6d9-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {493563e5-9fcb-11e0-b5bf-002622ebbc57} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {594e3919-eca7-11e2-96ba-002622ebbc57} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {594e391b-eca7-11e2-96ba-002622ebbc57} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {7716d0e2-d7f0-11e1-9bd5-002622ebbc57} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {79e6c94f-6151-11e0-b681-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {79e6c953-6151-11e0-b681-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {81120628-9daf-11e1-9041-002622ebbc57} - F:\USBAutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {9b36a5de-e06d-11e1-8d8a-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {a57be356-f9eb-11de-a6ca-002622ebbc57} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {a57be35a-f9eb-11de-a6ca-002622ebbc57} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\MountPoints2: {ef2bc845-7268-11e0-a56d-701a0480194c} - F:\AutoRun.exe
HKU\S-1-5-21-1333560822-1585195183-251912520-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\vinzelberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: http=127.0.0.1:14144;https=127.0.0.1:14144
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {78e516ef-11de-47a1-8364-a99b917ec5ee} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {E8E8CAAA-95FF-4187-B274-E14135DCD91F} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {E8E8CAAA-95FF-4187-B274-E14135DCD91F} URL = https://www.google.com/search?q={searchTerms}
BHO: videos+ MediaPlayer+ -> {11111111-1111-1111-1111-110611421101} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 google-analytics.com
Tcpip\Parameters: [DhcpNameServer] 192.168.192.241

FireFox:
========
FF ProfilePath: C:\Users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: HD-Quality-v3 - C:\Users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-09-21]
FF Extension: Avira Browser Safety - C:\Users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\Extensions\abs@avira.com [2014-09-04]
FF Extension: videos+ MediaPlayer+ - C:\Users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\Extensions\BHOKP84458125@VTA31058834.com [2014-09-17]
FF Extension: PriceLess - C:\Users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\Extensions\iea-30@ewfrkcbyjjmb.co.uk [2014-09-28]
FF Extension: No Name - C:\Users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonfagbdfepfbhjgolfalmgldfbgjodi [2014-09-20]
CHR Extension: (PriceLess) - C:\Users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj [2014-09-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
S4 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [993848 2011-01-10] (Secunia)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116104 2009-08-06] (Toshiba Europe GmbH)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2014-09-22] (Synaptics Incorporated)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
U3 DfSdkS; No ImagePath
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 10:09 - 2014-10-15 10:09 - 00000000 ____D () C:\FRST
2014-10-15 10:08 - 2014-10-15 10:08 - 00000630 _____ () C:\Users\vinzelberg\Desktop\JRT.txt
2014-10-15 10:04 - 2014-10-15 10:04 - 00137120 _____ () C:\Users\vinzelberg\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 08:50 - 2014-10-15 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-10-14 16:46 - 2014-10-15 09:59 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-10-14 14:41 - 2014-10-15 09:56 - 00180580 _____ () C:\Windows\PFRO.log
2014-10-14 13:58 - 2014-10-15 10:03 - 00001301 _____ () C:\Windows\setupact.log
2014-10-14 13:58 - 2014-10-14 13:58 - 00482952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-14 13:58 - 2014-10-14 13:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-13 13:20 - 2014-10-13 13:20 - 00000000 _____ () C:\Users\vinzelberg\IE9-Windows7-x86-deu.exe.k4dg276.partial
2014-10-13 12:37 - 2014-10-15 10:04 - 00950706 _____ () C:\Windows\WindowsUpdate.log
2014-10-06 10:53 - 2014-10-06 11:01 - 00000000 ____D () C:\Users\vinzelberg\Documents\Notfall-DVD
2014-10-05 15:31 - 2013-12-11 01:48 - 00038200 _____ (TuneUp Software) C:\Windows\system32\uxt4568.tmp
2014-10-05 15:28 - 2014-10-05 15:28 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\TuneUp Software
2014-10-05 15:25 - 2014-10-15 10:00 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-10-05 15:25 - 2014-10-05 15:37 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-10-05 15:06 - 2014-10-05 15:06 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\COMPUTER BILD PC-Aufräumer 2014
2014-10-05 15:04 - 2014-10-05 15:04 - 00000000 _____ () C:\Windows\ToDisc.INI
2014-10-04 10:09 - 2014-10-04 10:09 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-03 10:18 - 2014-10-03 10:18 - 00755792 _____ () C:\Users\vinzelberg\Setup.exe
2014-10-02 14:39 - 2014-10-02 14:39 - 09488668 _____ () C:\Users\vinzelberg\Follett_Kinder-der-Freiheit_9783838757131.epub
2014-10-02 11:46 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-02 11:46 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-28 10:04 - 2014-09-28 10:04 - 00001428 _____ () C:\Users\vinzelberg\Desktop\Internet Explorer.lnk
2014-09-28 09:40 - 2014-09-28 09:41 - 63320784 _____ (Microsoft Corporation) C:\Users\vinzelberg\IE11-Windows6.1-x64-de-de (1).exe
2014-09-25 18:03 - 2014-09-25 18:03 - 00000000 _____ () C:\Users\vinzelberg\WindowsUpdateDiagnostic.diagcab.im7ugw6.partial
2014-09-25 11:41 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-25 11:41 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 12:49 - 2014-09-23 09:51 - 00137120 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-09-22 12:27 - 2014-09-22 12:27 - 00145408 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcHdmi.sys
2014-09-22 12:27 - 2014-09-22 12:27 - 00006144 _____ () C:\Windows\system32\HdmiCoin.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-09-22 11:57 - 2014-09-22 11:57 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-09-22 11:57 - 2014-09-22 11:57 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-22 11:57 - 2014-09-22 11:57 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-22 11:57 - 2014-09-22 11:57 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-22 11:57 - 2014-09-22 11:57 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-09-22 11:51 - 2014-09-22 11:51 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\ProductData
2014-09-22 11:50 - 2014-09-22 11:50 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\Apple Computer
2014-09-22 11:49 - 2014-09-22 11:49 - 00941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-22 11:49 - 2014-09-22 11:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-09-22 11:49 - 2014-09-22 11:49 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-22 11:49 - 2014-09-22 11:49 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-22 11:46 - 2014-09-22 11:46 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (vinzelberg)
2014-09-22 11:42 - 2014-09-22 11:42 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-22 11:40 - 2014-09-22 11:40 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-09-22 11:29 - 2014-09-22 11:29 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00982240 _____ () C:\Windows\SysWOW64\igkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00982240 _____ () C:\Windows\system32\igkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00439308 _____ () C:\Windows\SysWOW64\igcompkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00439308 _____ () C:\Windows\system32\igcompkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-09-22 11:29 - 2014-09-22 11:29 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00092356 _____ () C:\Windows\SysWOW64\igfcg500m.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00092356 _____ () C:\Windows\system32\igfcg500m.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-09-22 11:29 - 2014-09-22 11:29 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-09-22 11:27 - 2014-09-22 11:27 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-09-22 11:27 - 2014-09-22 11:27 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-09-22 11:27 - 2014-09-22 11:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-09-22 11:27 - 2014-09-22 11:27 - 00000000 ____D () C:\Program Files\Synaptics
2014-09-22 11:21 - 2014-09-22 11:49 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-09-22 11:17 - 2014-10-04 10:19 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-09-22 11:17 - 2014-09-23 09:51 - 00000000 ____D () C:\ProgramData\IObit
2014-09-22 11:17 - 2014-09-22 11:49 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\IObit
2014-09-21 21:50 - 2014-10-15 09:57 - 00000000 ____D () C:\Program Files (x86)\HD-Quality-v3
2014-09-21 20:31 - 2014-09-21 20:31 - 00003146 _____ () C:\Windows\System32\Tasks\{61050CDE-E01B-4443-B718-599AEA49748F}
2014-09-21 09:39 - 2014-09-21 09:39 - 00001234 _____ () C:\Users\vinzelberg\Documents\Einladung.msrcIncident
2014-09-21 09:12 - 2014-09-21 09:12 - 00137120 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-09-20 10:18 - 2014-09-21 09:21 - 00000000 ____D () C:\Windows\pss
2014-09-20 09:54 - 2014-09-22 13:52 - 00000000 ____D () C:\ProgramData\PriceLess
2014-09-20 09:54 - 2014-09-22 12:43 - 00000000 ____D () C:\Program Files (x86)\PriceLess
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\vinzelberg\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\ProgramData\532605f3fe317669
2014-09-17 16:00 - 2014-09-21 20:12 - 00003278 _____ () C:\Windows\System32\Tasks\Smart Driver Updater Schedule
2014-09-17 15:58 - 2014-09-20 10:08 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-17 15:57 - 2014-10-04 10:31 - 00000000 ____D () C:\Program Files (x86)\videos+ MediaPlayer+
2014-09-17 15:56 - 2014-09-20 09:54 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-16 12:51 - 2014-09-17 11:19 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-16 12:38 - 2014-09-16 12:40 - 176562784 _____ () C:\Users\vinzelberg\kis15.0.0.463de_6508.exe
2014-09-16 12:14 - 2014-09-17 11:38 - 00001203 _____ () C:\Windows\SysWOW64\cbass.log
2014-09-15 11:01 - 2014-09-17 11:29 - 00001558 _____ () C:\Users\vinzelberg\AppData\Roaming\gdscan.log
2014-09-15 11:01 - 2014-09-15 11:01 - 00000000 _____ () C:\Users\vinzelberg\AppData\Roaming\gdfw.log
2014-09-15 10:59 - 2014-09-17 11:27 - 00000000 ____D () C:\Program Files (x86)\G Data

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 10:09 - 2014-10-15 10:09 - 00000000 ____D () C:\FRST
2014-10-15 10:09 - 2009-07-14 06:45 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 10:09 - 2009-07-14 06:45 - 00019024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 10:08 - 2014-10-15 10:08 - 00000630 _____ () C:\Users\vinzelberg\Desktop\JRT.txt
2014-10-15 10:04 - 2014-10-15 10:04 - 00137120 _____ () C:\Users\vinzelberg\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-15 10:04 - 2014-10-13 12:37 - 00950706 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 10:03 - 2014-10-14 13:58 - 00001301 _____ () C:\Windows\setupact.log
2014-10-15 10:00 - 2014-10-05 15:25 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-10-15 09:59 - 2014-10-14 16:46 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0
2014-10-15 09:57 - 2014-09-21 21:50 - 00000000 ____D () C:\Program Files (x86)\HD-Quality-v3
2014-10-15 09:57 - 2013-10-21 08:43 - 00000441 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-15 09:56 - 2014-10-14 14:41 - 00180580 _____ () C:\Windows\PFRO.log
2014-10-15 09:56 - 2012-02-12 12:47 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-10-15 09:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 08:50 - 2014-10-15 08:50 - 00000000 ____D () C:\Windows\ERUNT
2014-10-15 08:27 - 2014-09-12 18:03 - 00000000 ____D () C:\ProgramData\G Data
2014-10-14 14:11 - 2009-07-14 19:58 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-10-14 14:11 - 2009-07-14 19:58 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-10-14 14:11 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-14 13:58 - 2014-10-14 13:58 - 00482952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-14 13:58 - 2014-10-14 13:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-14 13:24 - 2013-07-11 20:44 - 00000000 ____D () C:\Users\vinzelberg\AppData\Local\CrashDumps
2014-10-14 12:21 - 2009-12-24 17:03 - 00000000 ____D () C:\Users\vinzelberg
2014-10-14 08:33 - 2010-09-09 11:33 - 00000000 ____D () C:\ProgramData\Avery
2014-10-14 08:33 - 2009-09-08 09:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-14 08:27 - 2013-12-13 13:34 - 00000000 ____D () C:\ProgramData\BVRP Software
2014-10-14 08:15 - 2014-09-04 11:41 - 00000165 _____ () C:\Windows\Reimage.ini
2014-10-13 13:20 - 2014-10-13 13:20 - 00000000 _____ () C:\Users\vinzelberg\IE9-Windows7-x86-deu.exe.k4dg276.partial
2014-10-13 12:37 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-12 20:17 - 2012-09-24 17:44 - 00000000 ____D () C:\Users\vinzelberg\Documents\Monika
2014-10-07 17:09 - 2014-02-02 11:36 - 00003010 _____ () C:\Windows\System32\Tasks\{9842F3EE-72B0-4407-B23C-0783B7EB0D28}
2014-10-06 11:01 - 2014-10-06 10:53 - 00000000 ____D () C:\Users\vinzelberg\Documents\Notfall-DVD
2014-10-05 19:17 - 2009-12-24 17:07 - 00001428 _____ () C:\Users\vinzelberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-05 16:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-05 15:37 - 2014-10-05 15:25 - 00000000 __SHD () C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-10-05 15:37 - 2010-06-12 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-10-05 15:28 - 2014-10-05 15:28 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\TuneUp Software
2014-10-05 15:06 - 2014-10-05 15:06 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\COMPUTER BILD PC-Aufräumer 2014
2014-10-05 15:04 - 2014-10-05 15:04 - 00000000 _____ () C:\Windows\ToDisc.INI
2014-10-04 10:31 - 2014-09-17 15:57 - 00000000 ____D () C:\Program Files (x86)\videos+ MediaPlayer+
2014-10-04 10:19 - 2014-09-22 11:17 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-10-04 10:09 - 2014-10-04 10:09 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-10-04 09:32 - 2014-05-29 15:40 - 00000000 ____D () C:\Users\vinzelberg\Documents\My Digital Editions
2014-10-03 10:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Resources
2014-10-03 10:18 - 2014-10-03 10:18 - 00755792 _____ () C:\Users\vinzelberg\Setup.exe
2014-10-02 14:39 - 2014-10-02 14:39 - 09488668 _____ () C:\Users\vinzelberg\Follett_Kinder-der-Freiheit_9783838757131.epub
2014-09-28 10:04 - 2014-09-28 10:04 - 00001428 _____ () C:\Users\vinzelberg\Desktop\Internet Explorer.lnk
2014-09-28 09:41 - 2014-09-28 09:40 - 63320784 _____ (Microsoft Corporation) C:\Users\vinzelberg\IE11-Windows6.1-x64-de-de (1).exe
2014-09-25 18:03 - 2014-09-25 18:03 - 00000000 _____ () C:\Users\vinzelberg\WindowsUpdateDiagnostic.diagcab.im7ugw6.partial
2014-09-25 17:54 - 2014-09-03 10:42 - 00000000 ____D () C:\Users\vinzelberg\AppData\Local\Windows Live
2014-09-25 04:08 - 2014-10-02 11:46 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-25 03:40 - 2014-10-02 11:46 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-23 09:51 - 2014-09-22 12:49 - 00137120 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2014-09-23 09:51 - 2014-09-22 11:17 - 00000000 ____D () C:\ProgramData\IObit
2014-09-22 17:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-22 13:52 - 2014-09-20 09:54 - 00000000 ____D () C:\ProgramData\PriceLess
2014-09-22 12:43 - 2014-09-20 09:54 - 00000000 ____D () C:\Program Files (x86)\PriceLess
2014-09-22 12:27 - 2014-09-22 12:27 - 00145408 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcHdmi.sys
2014-09-22 12:27 - 2014-09-22 12:27 - 00006144 _____ () C:\Windows\system32\HdmiCoin.dll
2014-09-22 11:59 - 2009-11-24 22:44 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-22 11:57 - 2014-09-22 11:57 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-09-22 11:57 - 2014-09-22 11:57 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-09-22 11:57 - 2014-09-22 11:57 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-22 11:57 - 2014-09-22 11:57 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-22 11:57 - 2014-09-22 11:57 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-22 11:57 - 2014-09-22 11:57 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-09-22 11:57 - 2014-09-22 11:57 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-09-22 11:51 - 2014-09-22 11:51 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\ProductData
2014-09-22 11:50 - 2014-09-22 11:50 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\Apple Computer
2014-09-22 11:49 - 2014-09-22 11:49 - 00941272 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-09-22 11:49 - 2014-09-22 11:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-09-22 11:49 - 2014-09-22 11:49 - 00000000 ____D () C:\ProgramData\ProductData
2014-09-22 11:49 - 2014-09-22 11:49 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-22 11:49 - 2014-09-22 11:21 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-09-22 11:49 - 2014-09-22 11:17 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\IObit
2014-09-22 11:46 - 2014-09-22 11:46 - 00002864 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (vinzelberg)
2014-09-22 11:42 - 2014-09-22 11:42 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-22 11:40 - 2014-09-22 11:40 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-09-22 11:40 - 2014-09-22 11:40 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-09-22 11:39 - 2014-09-22 11:39 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-09-22 11:32 - 2009-11-24 22:35 - 00000000 ____D () C:\Windows\SysWOW64\Lang
2014-09-22 11:29 - 2014-09-22 11:29 - 15546880 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 11405824 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 10629408 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2014-09-22 11:29 - 2014-09-22 11:29 - 06549504 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 04896768 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 04338688 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 03158584 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00982240 _____ () C:\Windows\SysWOW64\igkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00982240 _____ () C:\Windows\system32\igkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00511032 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00439308 _____ () C:\Windows\SysWOW64\igcompkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00439308 _____ () C:\Windows\system32\igcompkrng500.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00418360 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00387640 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00272384 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00244224 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00224824 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00208896 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00206336 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00189552 _____ () C:\Windows\system32\Gfxres.th-TH.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00188416 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00178407 _____ () C:\Windows\system32\Gfxres.el-GR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00165395 _____ () C:\Windows\system32\Gfxres.ru-RU.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00163384 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00154680 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2014-09-22 11:29 - 2014-09-22 11:29 - 00147456 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00139909 _____ () C:\Windows\system32\Gfxres.ar-SA.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00136401 _____ () C:\Windows\system32\Gfxres.ja-JP.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00133746 _____ () C:\Windows\system32\Gfxres.he-IL.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00125558 _____ () C:\Windows\system32\Gfxres.it-IT.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00123230 _____ () C:\Windows\system32\Gfxres.ko-KR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00122927 _____ () C:\Windows\system32\Gfxres.es-ES.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00122709 _____ () C:\Windows\system32\Gfxres.de-DE.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2014-09-22 11:29 - 2014-09-22 11:29 - 00121173 _____ () C:\Windows\system32\Gfxres.tr-TR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00120800 _____ () C:\Windows\system32\Gfxres.fr-FR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00120366 _____ () C:\Windows\system32\Gfxres.pt-BR.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00119616 _____ () C:\Windows\system32\Gfxres.hu-HU.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119586 _____ () C:\Windows\system32\Gfxres.nl-NL.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119360 _____ () C:\Windows\system32\Gfxres.sv-SE.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00119067 _____ () C:\Windows\system32\Gfxres.pt-PT.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118745 _____ () C:\Windows\system32\Gfxres.cs-CZ.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118697 _____ () C:\Windows\system32\Gfxres.fi-FI.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118409 _____ () C:\Windows\system32\Gfxres.pl-PL.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00118058 _____ () C:\Windows\system32\Gfxres.sk-SK.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00114852 _____ () C:\Windows\system32\Gfxres.nb-NO.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00114372 _____ () C:\Windows\system32\Gfxres.sl-SI.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00114261 _____ () C:\Windows\system32\Gfxres.da-DK.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00110211 _____ () C:\Windows\system32\Gfxres.en-US.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00108544 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00104044 _____ () C:\Windows\system32\Gfxres.zh-TW.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00102883 _____ () C:\Windows\system32\Gfxres.zh-CN.resources
2014-09-22 11:29 - 2014-09-22 11:29 - 00092356 _____ () C:\Windows\SysWOW64\igfcg500m.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00092356 _____ () C:\Windows\system32\igfcg500m.bin
2014-09-22 11:29 - 2014-09-22 11:29 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2869.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2014-09-22 11:29 - 2014-09-22 11:29 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2014-09-22 11:29 - 2014-09-22 11:29 - 00005448 _____ () C:\Windows\system32\iglhxs64.vp
2014-09-22 11:29 - 2014-09-22 11:29 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2014-09-22 11:29 - 2009-11-24 22:35 - 00953912 _____ (Intel Corporation) C:\Windows\SysWOW64\igxpun.exe
2014-09-22 11:29 - 2009-08-27 08:53 - 04722176 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2014-09-22 11:27 - 2014-09-22 11:27 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2014-09-22 11:27 - 2014-09-22 11:27 - 00034544 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2014-09-22 11:27 - 2014-09-22 11:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2014-09-22 11:27 - 2014-09-22 11:27 - 00000000 ____D () C:\Program Files\Synaptics
2014-09-21 20:31 - 2014-09-21 20:31 - 00003146 _____ () C:\Windows\System32\Tasks\{61050CDE-E01B-4443-B718-599AEA49748F}
2014-09-21 20:12 - 2014-09-17 16:00 - 00003278 _____ () C:\Windows\System32\Tasks\Smart Driver Updater Schedule
2014-09-21 09:39 - 2014-09-21 09:39 - 00001234 _____ () C:\Users\vinzelberg\Documents\Einladung.msrcIncident
2014-09-21 09:21 - 2014-09-20 10:18 - 00000000 ____D () C:\Windows\pss
2014-09-21 09:12 - 2014-09-21 09:12 - 00137120 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-09-20 16:12 - 2014-01-08 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2014-09-20 16:12 - 2013-05-11 17:09 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-20 16:12 - 2013-02-24 14:07 - 00000000 ____D () C:\Windows\Msagent
2014-09-20 16:12 - 2009-12-26 12:27 - 00000000 ____D () C:\Users\Gast
2014-09-20 16:12 - 2009-09-08 10:24 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-09-20 16:12 - 2009-09-08 10:15 - 00000000 ____D () C:\ProgramData\WildTangent
2014-09-20 16:12 - 2009-09-08 10:15 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Games
2014-09-20 16:12 - 2009-09-08 10:13 - 00000000 ____D () C:\Program Files (x86)\Toshiba TEMPRO
2014-09-20 16:12 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-20 16:11 - 2014-04-19 10:33 - 00000000 ____D () C:\Program Files (x86)\LG PC Suite II
2014-09-20 16:11 - 2013-09-02 14:31 - 00000000 ____D () C:\Program Files (x86)\Browny02
2014-09-20 16:11 - 2010-06-12 11:49 - 00000000 ____D () C:\Program Files (x86)\Fotowall
2014-09-20 16:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-20 13:20 - 2010-05-06 15:55 - 00007601 _____ () C:\Users\vinzelberg\AppData\Local\resmon.resmoncfg
2014-09-20 10:08 - 2014-09-17 15:58 - 00000000 ___HD () C:\Users\Public\Temp
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\vinzelberg\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-20 09:54 - 2014-09-20 09:54 - 00000000 ____D () C:\ProgramData\532605f3fe317669
2014-09-20 09:54 - 2014-09-17 15:56 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-20 09:54 - 2009-12-24 19:38 - 00000000 ____D () C:\Users\vinzelberg\AppData\Local\Google
2014-09-17 15:55 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-17 11:38 - 2014-09-16 12:14 - 00001203 _____ () C:\Windows\SysWOW64\cbass.log
2014-09-17 11:29 - 2014-09-15 11:01 - 00001558 _____ () C:\Users\vinzelberg\AppData\Roaming\gdscan.log
2014-09-17 11:27 - 2014-09-15 10:59 - 00000000 ____D () C:\Program Files (x86)\G Data
2014-09-17 11:19 - 2014-09-16 12:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-16 12:44 - 2009-07-14 19:58 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2014-09-16 12:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2014-09-16 12:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-09-16 12:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2014-09-16 12:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2014-09-16 12:40 - 2014-09-16 12:38 - 176562784 _____ () C:\Users\vinzelberg\kis15.0.0.463de_6508.exe
2014-09-15 17:37 - 2013-02-25 10:09 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\Windows Live Writer
2014-09-15 11:22 - 2012-05-28 09:40 - 00000000 ____D () C:\Users\vinzelberg\AppData\Roaming\COMPUTERBILD-Abzockschutz
2014-09-15 11:08 - 2013-02-25 10:09 - 00000000 ____D () C:\Users\vinzelberg\AppData\Local\Windows Live Writer
2014-09-15 11:01 - 2014-09-15 11:01 - 00000000 _____ () C:\Users\vinzelberg\AppData\Roaming\gdfw.log
2014-09-15 09:06 - 2010-02-08 12:56 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\vinzelberg\AutoDetectPkg.exe
C:\Users\vinzelberg\IE11-Windows6.1-x64-de-de (1).exe
C:\Users\vinzelberg\IE11-Windows6.1-x64-de-de.exe
C:\Users\vinzelberg\kis15.0.0.463de_6508.exe
C:\Users\vinzelberg\Setup.exe


Some content of TEMP:
====================
C:\Users\vinzelberg\AppData\Local\Temp\sqlite3.dll
C:\Users\vinzelberg\AppData\Local\Temp\sqlite3.exe
C:\Users\vinzelberg\AppData\Local\Temp\TUUUninstallHelper.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-14 12:45

==================== End Of Log ============================
         
addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-09-2014 01
Ran by vinzelberg at 2014-10-15 10:10:20
Running from F:\Viren
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.7 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Cakewalk Pro Audio 9 (HKLM-x32\...\Cakewalk Pro Audio 9) (Version:  - )
Camera Support Core Library (x32 Version: 7.0.3.20 - Canon) Hidden
Camera Window (x32 Version: 4.6.2 - Canon) Hidden
Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{26BDE7D8-93F0-4A07-AD47-1707DB417941}) (Version: 7.0.3.20 - Canon)
Canon Camera Window for ZoomBrowser EX (HKLM-x32\...\InstallShield_{B34BE30D-A759-4EC2-B58F-19FE2DEBF651}) (Version: 4.6.2 - Canon)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\InstallShield_{2F81FBFC-9A37-431F-9050-14B55485DF5A}) (Version: 1.3.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{DE286975-ACF1-45B8-9EF7-34E162B2C817}) (Version: 1.1.1.41 - Canon)
Canon PhotoRecord (HKLM-x32\...\{0878E100-C0BB-41E8-B4C6-C486B61FDA7B}) (Version: 02.01.00069 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{68E7E8BD-2233-49BE-81D6-1A1FAF1B5196}) (Version: 1.1 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{CF2C1A86-5A98-4862-A3AE-9992E3A6427D}) (Version: 1.0.3 - Canon)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{EF4C7EB0-D71B-43A3-9552-8053DE4B0401}) (Version: 3.1.13 - Canon)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 04.06.00135 - CISRA)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
HL-2130 (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
Hornil StylePix (HKCU\...\Hornil StylePix) (Version: 1.12.2.0 - Hornil Co.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2869 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Library (x32 Version: 1.3.3 - Canon Inc.) Hidden
Java(TM) 6 Update 14 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216014FF}) (Version: 6.0.140 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite)
LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2000 Premium (HKLM-x32\...\{00000407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MovieEdit Task (x32 Version: 1.1.1.41 - Canon) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden
Nero StartSmart OEM (x32 Version: 9.4.10.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
OpenOffice.org 3.2 (HKLM-x32\...\{2217B0B4-35CB-48C6-B640-864DF2F30F99}) (Version: 3.2.9483 - OpenOffice.org)
PhotoStitch (x32 Version: 3.1.13 - Canon) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
RAW Image Task 1.1 (x32 Version: 1.1 - Canon) Hidden
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
RemoteCapture Task 1.0.3 (x32 Version: 1.0.3 - Canon) Hidden
Secunia PSI (2.0.0.3001) (HKLM-x32\...\Secunia PSI) (Version:  - )
SmootherWeb (HKCU Version: 1.0 - SmootherWeb LLC) Hidden
Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.09 - TOSHIBA)
TOSHIBA Bulletin Board (Version: 1.0.04.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.1.10.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (Version: 1.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA eco Utility (x32 Version: 1.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version:  - )
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.4C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.0 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.0 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.0 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}) (Version: 1.0.04.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.0.04.64 - TOSHIBA Corporation) Hidden
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.9.1.12 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.33 - TOSHIBA)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.7C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
Toshiba TEMPRO (HKLM-x32\...\{9E4FF410-471F-49E3-9358-74FF0D5E9901}) (Version: 3.05 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.25.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.2.25.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.2.25.64 - TOSHIBA Corporation) Hidden
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
TRORMCLauncher (Version: 1.0.0.7 - TOSHIBA) Hidden
Utility Common Driver (x32 Version: 1.0.50.27C - TOSHIBA) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.0.71 - WildTangent)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-10-2014 15:20:05 Windows Update
05-10-2014 17:27:20 Windows Update
06-10-2014 08:13:59 Windows Update
06-10-2014 08:21:40 Windows Update
06-10-2014 10:00:14 Windows Update
06-10-2014 12:09:47 Windows Update
06-10-2014 12:18:09 Windows Update
06-10-2014 12:24:43 Windows Update
07-10-2014 14:50:35 Windows Update
07-10-2014 14:58:08 Windows Update
07-10-2014 15:30:40 Windows Update
10-10-2014 05:07:59 Windows Update
13-10-2014 07:29:38 Windows Update
13-10-2014 10:47:52 Windows Update
13-10-2014 10:59:49 Windows Update
13-10-2014 11:25:38 Windows Update
14-10-2014 06:26:40 Entfernt Motorola Phone Tools
14-10-2014 06:26:59 Entfernt Motorola Phone Tools
14-10-2014 06:27:20 Entfernt Motorola Phone Tools
14-10-2014 06:32:38 Entfernt DesignPro 5
14-10-2014 07:10:32 Windows Update
14-10-2014 10:00:23 Windows Update
14-10-2014 10:53:33 Windows Update
14-10-2014 11:02:04 Windows Update
14-10-2014 11:04:37 Windows Update
14-10-2014 11:15:42 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2013-08-31 00:06 - 00000859 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 google-analytics.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1E76D8E1-258C-4D16-9E54-8240599B1DFE} - System32\Tasks\{3B6BDD1A-5255-42A2-8079-2D91E40937E2} => C:\Program Files (x86)\Adobe\Adobe Digital Editions\digitaleditions.exe [2012-01-27] (Adobe Systems, Inc.)
Task: {29034F6B-A207-4F9D-BBA4-1EFC49CC641E} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2ED4F30F-A071-4112-8C22-A7F51661B67F} - System32\Tasks\Smart Driver Updater Schedule => C:\Program Files (x86)\Smart Driver Updater\SDUTray.exe
Task: {4168023D-A4B4-4BFF-80E3-CAEA6A148D4C} - System32\Tasks\{3D558DA9-8333-4503-93DF-27E9AE2019E5} => C:\Program Files (x86)\Surf &amp; E-Mail-Stick\Surf &amp; E-Mail-Stick.exe
Task: {4EF28346-21A9-4A0D-95DB-E9CD22D47CFF} - System32\Tasks\{717B7381-7216-427F-B3A7-0795C94B9CD2} => E:\Büro\DesignPro 5.5\DE_de_DP5_DL_20100525.exe
Task: {50759F89-6726-46A2-85CD-6815DA483B07} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {52D68E52-A5FF-4596-82DC-F6B6DFF094FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {5381C131-BD5F-463B-AAF2-D01B894AB0D0} - System32\Tasks\{FB15A4F0-88F3-4175-BE2C-1A2DD6F1AD46} => C:\Program Files (x86)\Surf &amp; E-Mail-Stick\Surf &amp; E-Mail-Stick.exe
Task: {546AAD84-DEB5-4A2B-89F7-82D33BCB6F9C} - System32\Tasks\{3D035816-AAB8-4343-A9C7-CDB6C73E08ED} => C:\Users\vinzelberg\Documents\GData\GER_R_ESD_CBE_IS.exe
Task: {5738184A-BEB4-45CE-B14F-2A2A8CF620D4} - System32\Tasks\{5C4F73EB-B912-421E-85E2-B21B0D079E02} => C:\Program Files (x86)\Surf &amp; E-Mail-Stick\Surf &amp; E-Mail-Stick.exe
Task: {58278DBD-5075-46CF-BBF1-32B6650741D3} - System32\Tasks\{8E5F7D97-8D65-4FFF-A2D7-773CB715106E} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2012-03-08] (Microsoft Corporation)
Task: {60F98C76-F5F4-4E58-8E26-CBE42B3FCBB0} - System32\Tasks\Driver Booster SkipUAC (vinzelberg) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {766D0044-D0AB-407C-AD94-17CDEB85E2A5} - System32\Tasks\{A30E8342-C1B7-4450-8613-A045A6D1181E} => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe [2013-05-08] (Adobe Systems Incorporated)
Task: {96A1E8F3-16E3-4BC6-9653-23C846B6780D} - System32\Tasks\{CFF000D3-08A3-4E16-9C95-1CACDF0F3FBC} => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
Task: {993E6AF0-D0B1-4862-81D6-E2C32C79034E} - System32\Tasks\{E2123D7E-4833-4116-92EF-DA51E6C26E5F} => C:\Users\vinzelberg\Documents\GData\GER_R_ESD_CBE_IS.exe
Task: {A747E7D9-12EE-46C1-9601-6595B6565F12} - System32\Tasks\{83D6B850-9B25-452C-A0A1-EDFE1F4282C7} => E:\Heft_CD\Testversionen\FarmingSimulator2011DemoDE.exe
Task: {A89CCF32-61FD-42FE-AACD-1AAD00F5265C} - System32\Tasks\{29B035DF-3C3B-4BFA-9D39-2BE5F5BD1C7B} => C:\Program Files (x86)\Microsoft Works\MSWorks.exe
Task: {B2F46C17-1F8B-4614-8E71-45F71C4C5044} - System32\Tasks\{6EF64A0F-6358-437E-884A-7C6C4C77B6A3} => C:\Program Files (x86)\Adobe\Adobe Digital Editions\digitaleditions.exe [2012-01-27] (Adobe Systems, Inc.)
Task: {BFB6D2BC-B47C-4B45-9E06-943EFE00FE4A} - System32\Tasks\{A9DA5293-2A0A-40E5-AD93-9BB2BC3D4C58} => C:\Program Files (x86)\Surf &amp; E-Mail-Stick\Surf &amp; E-Mail-Stick.exe
Task: {C516C5DE-7CFB-4F38-B480-980938C43535} - System32\Tasks\{9842F3EE-72B0-4407-B23C-0783B7EB0D28} => C:\Program Files (x86)\Motorola Phone Tools\mPhonetools.exe
Task: {CD9347DC-6F4C-4A92-8339-85199B4063A6} - System32\Tasks\{55211FB3-E543-4B0F-929C-589102EF06D1} => C:\Program Files (x86)\Microsoft Office Suite Activation Assistant\OAA.exe
Task: {D9C30E87-77D5-4B5C-9642-05DF896920A8} - System32\Tasks\{DC4F3699-6B74-4162-917C-04D6D1807688} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-24] (SEIKO EPSON CORP.)
Task: {E2FAD2AD-9D4C-4EA8-9C37-CF92DB1F22A1} - System32\Tasks\{577ECA4D-E83E-49C9-9D46-455996DC0BF4} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
Task: {E3898CFF-E37C-4574-A174-42165CDFBF6B} - System32\Tasks\{949E5207-59B4-400B-8957-B66CE782A74D} => Firefox.exe 

==================== Loaded Modules (whitelisted) =============

2009-08-06 14:14 - 2009-08-06 14:14 - 03002728 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2009-08-26 18:58 - 2009-08-26 18:58 - 00553984 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2009-08-03 18:18 - 2009-08-03 18:18 - 00081752 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\.mpg Detlef u manne:TOC.WMV

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: Secunia PSI Agent => 2
MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TraXEx PC-Putzer.lnk => C:\Windows\pss\TraXEx PC-Putzer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^vinzelberg^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: Teco => "%PROGRAMFILES%\TOSHIBA\TECO\Teco.exe" /r

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 31%
Total physical RAM: 3932.88 MB
Available physical RAM: 2695.38 MB
Total Pagefile: 7863.93 MB
Available Pagefile: 6556.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:175.41 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:225.9 GB) NTFS
Drive f: (STICK_FLO) (Removable) (Total:14.42 GB) (Free:2.36 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4F73061C)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.4 GB) (Disk ID: 55E40784)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)

==================== End Of Log ============================
         

Alt 15.10.2014, 09:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows startet nach ADW-Cleaner mit lautem Piepen - Standard

Windows startet nach ADW-Cleaner mit lautem Piepen



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Alt 15.10.2014, 13:17   #3
mÖre
 
Windows startet nach ADW-Cleaner mit lautem Piepen - Standard

Windows startet nach ADW-Cleaner mit lautem Piepen



Hallo
Combofix lief durch, nach Neustart habe ich jedoch immer noch dieses Piepen.

Code:
ATTFilter
ComboFix 14-10-15.01 - vinzelberg 15.10.2014  10:49:45.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3933.2742 [GMT 2:00]
ausgeführt von:: f:\viren\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DSC_0687.jpg
c:\program files (x86)\PriceLess
c:\program files (x86)\PriceLess\Uf.dat
c:\program files (x86)\PriceLess\Uf.tlb
c:\programdata\PriceLess
c:\programdata\PriceLess\Cko.dat
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\vinzelberg\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\vinzelberg\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\vinzelberg\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\vinzelberg\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\vinzelberg\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\vinzelberg\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\vinzelberg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\vinzelberg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\vinzelberg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\vinzelberg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\vinzelberg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\vinzelberg\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj
c:\users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\background.html
c:\users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\content.js
c:\users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\GtXz0qj.js
c:\users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\lsdb.js
c:\users\vinzelberg\AppData\Local\Google\Chrome\User Data\Default\Extensions\egppalejglgnodakjglepgajmlbdminj\5.2\manifest.json
c:\users\vinzelberg\AppData\Local\nsp4C11.tmp
c:\users\vinzelberg\AppData\Roaming\2433f433
c:\users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\extensions\iea-30@ewfrkcbyjjmb.co.uk
c:\users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\extensions\iea-30@ewfrkcbyjjmb.co.uk\bootstrap.js
c:\users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\extensions\iea-30@ewfrkcbyjjmb.co.uk\chrome.manifest
c:\users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\extensions\iea-30@ewfrkcbyjjmb.co.uk\content\bg.js
c:\users\vinzelberg\AppData\Roaming\Mozilla\Firefox\Profiles\5bnvv592.default\extensions\iea-30@ewfrkcbyjjmb.co.uk\install.rdf
c:\users\vinzelberg\IE11-Windows6.1-x64-de-de (1).exe
c:\users\vinzelberg\Setup.exe
c:\windows\security\Database\tmp.edb
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-09-15 bis 2014-10-15  ))))))))))))))))))))))))))))))
.
.
2014-10-15 08:55 . 2014-10-15 08:55	--------	d-----w-	c:\users\Gast\AppData\Local\temp
2014-10-15 08:55 . 2014-10-15 08:55	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-10-15 08:54 . 2014-10-15 08:54	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{330EF92F-CD56-43A6-AD41-DE9FF82D1898}\offreg.dll
2014-10-15 08:09 . 2014-10-15 08:10	--------	d-----w-	C:\FRST
2014-10-15 06:50 . 2014-10-15 06:50	--------	d-----w-	c:\windows\ERUNT
2014-10-15 06:33 . 2014-10-15 06:33	--------	d-----w-	c:\windows\SysWow64\wbem\Logs
2014-10-14 14:46 . 2014-10-15 07:59	--------	d---a-w-	C:\Kaspersky Rescue Disk 10.0
2014-10-14 10:58 . 2014-09-09 02:05	11578928	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{330EF92F-CD56-43A6-AD41-DE9FF82D1898}\mpengine.dll
2014-10-05 13:31 . 2013-12-10 23:48	38200	----a-w-	c:\windows\system32\uxt4568.tmp
2014-10-05 13:28 . 2014-10-05 13:28	--------	d-----w-	c:\users\vinzelberg\AppData\Roaming\TuneUp Software
2014-10-05 13:25 . 2014-10-15 08:00	--------	d-----w-	c:\programdata\TuneUp Software
2014-10-05 13:25 . 2014-10-05 13:37	--------	d-sh--w-	c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2014-10-05 13:06 . 2014-10-05 13:06	--------	d-----w-	c:\users\vinzelberg\AppData\Roaming\COMPUTER BILD PC-Aufräumer 2014
2014-10-02 09:46 . 2014-09-25 02:08	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-10-02 09:46 . 2014-09-25 01:40	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-25 09:41 . 2014-09-09 22:11	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-25 09:41 . 2014-09-09 21:47	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-09-22 10:27 . 2014-09-22 10:27	6144	----a-w-	c:\windows\system32\HdmiCoin.dll
2014-09-22 10:27 . 2014-09-22 10:27	145408	----a-w-	c:\windows\system32\drivers\IntcHdmi.sys
2014-09-22 09:51 . 2014-09-22 09:51	--------	d-----w-	c:\users\vinzelberg\AppData\Roaming\ProductData
2014-09-22 09:50 . 2014-09-22 09:50	--------	d-----w-	c:\users\vinzelberg\AppData\Roaming\Apple Computer
2014-09-22 09:49 . 2014-09-22 09:49	--------	d-----w-	c:\programdata\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-09-22 09:49 . 2014-09-22 09:49	--------	d-----w-	c:\programdata\ProductData
2014-09-22 09:49 . 2014-09-22 09:49	73800	----a-w-	c:\windows\system32\RtNicProp64.dll
2014-09-22 09:49 . 2014-09-22 09:49	941272	----a-w-	c:\windows\system32\drivers\Rt64win7.sys
2014-09-22 09:39 . 2014-09-22 09:39	14952	----a-w-	c:\windows\system32\RtkCoLDR64.dll
2014-09-22 09:29 . 2014-09-22 09:29	90112	----a-w-	c:\windows\system32\igfxCoIn_v2869.dll
2014-09-22 09:27 . 2014-09-22 09:27	--------	d-----w-	c:\program files\Synaptics
2014-09-22 09:27 . 2014-09-22 09:27	1795952	----a-w-	c:\windows\system32\WdfCoInstaller01011.dll
2014-09-22 09:27 . 2014-09-22 09:27	34544	----a-w-	c:\windows\system32\drivers\Smb_driver_Intel.sys
2014-09-22 09:21 . 2014-09-22 09:49	107552	----a-w-	c:\windows\system32\RTNUninst64.dll
2014-09-22 09:17 . 2014-09-23 07:51	--------	d-----w-	c:\programdata\IObit
2014-09-22 09:17 . 2014-09-22 09:49	--------	d-----w-	c:\users\vinzelberg\AppData\Roaming\IObit
2014-09-22 09:17 . 2014-10-04 08:19	--------	d-----w-	c:\program files (x86)\IObit
2014-09-21 19:50 . 2014-10-15 07:57	--------	d-----w-	c:\program files (x86)\HD-Quality-v3
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\programdata\532605f3fe317669
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\users\vinzelberg\AppData\Local\Comodo
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\users\Gast\AppData\Local\Comodo
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\users\Administrator\AppData\Local\Comodo
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\users\Gast\AppData\Local\Google
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\users\HomeGroupUser$
2014-09-20 07:54 . 2014-09-20 07:54	--------	d-----w-	c:\users\Administrator\AppData\Local\Google
2014-09-17 13:58 . 2014-09-20 08:08	--------	d--h--w-	c:\users\Public\Temp
2014-09-17 13:57 . 2014-10-04 08:31	--------	d-----w-	c:\program files (x86)\videos+ MediaPlayer+
2014-09-16 10:51 . 2014-09-17 09:19	--------	d-----w-	c:\programdata\Kaspersky Lab
2014-09-16 10:38 . 2014-09-16 10:40	176562784	----a-w-	c:\users\vinzelberg\kis15.0.0.463de_6508.exe
2014-09-15 08:59 . 2014-09-17 09:27	--------	d-----w-	c:\program files (x86)\G Data
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-22 09:29 . 2009-11-24 20:35	953912	----a-w-	c:\windows\SysWow64\igxpun.exe
2014-09-22 09:29 . 2009-08-27 06:53	4722176	----a-w-	c:\windows\system32\igd10umd64.dll
2014-09-15 07:06 . 2010-02-08 10:56	278152	------w-	c:\windows\system32\MpSigStub.exe
2014-09-12 07:43 . 2010-06-09 15:10	101694776	----a-w-	c:\windows\system32\MRT.exe
2014-09-05 02:10 . 2014-09-12 07:25	578048	----a-w-	c:\windows\system32\aepdu.dll
2014-09-05 02:05 . 2014-09-12 07:25	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-09-03 08:47 . 2011-03-28 16:36	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-09-01 12:03	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-09-01 12:03	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-09-01 12:03	3163648	----a-w-	c:\windows\system32\win32k.sys
2014-08-11 10:15 . 2010-03-24 11:58	737280	----a-w-	c:\windows\iun6002.exe
2014-08-01 11:53 . 2014-09-12 07:26	1031168	----a-w-	c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-12 07:26	793600	----a-w-	c:\windows\SysWow64\TSWorkspace.dll
2014-07-31 23:41 . 2014-08-14 06:21	348856	----a-w-	c:\windows\system32\iedkcs32.dll
2014-07-25 14:52 . 2014-08-14 06:21	23645696	----a-w-	c:\windows\system32\mshtml.dll
2014-07-25 14:02 . 2014-08-14 06:21	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2014-07-25 14:01 . 2014-08-14 06:21	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2014-07-25 13:30 . 2014-08-14 06:21	66048	----a-w-	c:\windows\system32\iesetup.dll
2014-07-25 13:28 . 2014-08-14 06:21	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-07-25 13:28 . 2014-08-14 06:21	548352	----a-w-	c:\windows\system32\vbscript.dll
2014-07-25 13:25 . 2014-08-14 06:21	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-07-25 13:25 . 2014-08-14 06:21	2774528	----a-w-	c:\windows\system32\iertutil.dll
2014-07-25 13:11 . 2014-08-14 06:21	51200	----a-w-	c:\windows\system32\jsproxy.dll
2014-07-25 13:10 . 2014-08-14 06:21	33792	----a-w-	c:\windows\system32\iernonce.dll
2014-07-25 13:04 . 2014-08-14 06:21	2724864	----a-w-	c:\windows\SysWow64\mshtml.tlb
2014-07-25 13:03 . 2014-08-14 06:21	598016	----a-w-	c:\windows\system32\ieui.dll
2014-07-25 13:00 . 2014-08-14 06:21	139264	----a-w-	c:\windows\system32\ieUnatt.exe
2014-07-25 13:00 . 2014-08-14 06:21	111616	----a-w-	c:\windows\system32\ieetwcollector.exe
2014-07-25 12:59 . 2014-08-14 06:21	758272	----a-w-	c:\windows\system32\jscript9diag.dll
2014-07-25 12:47 . 2014-08-14 06:21	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2014-07-25 12:40 . 2014-08-14 06:21	452096	----a-w-	c:\windows\system32\dxtmsft.dll
2014-07-25 12:34 . 2014-08-14 06:21	61952	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-07-25 12:34 . 2014-08-14 06:21	455168	----a-w-	c:\windows\SysWow64\vbscript.dll
2014-07-25 12:33 . 2014-08-14 06:21	51200	----a-w-	c:\windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30 . 2014-08-14 06:21	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28 . 2014-08-14 06:21	5824512	----a-w-	c:\windows\system32\jscript9.dll
2014-07-25 12:28 . 2014-08-14 06:21	72704	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 12:19 . 2014-08-14 06:21	195584	----a-w-	c:\windows\system32\msrating.dll
2014-07-25 12:17 . 2014-08-14 06:21	85504	----a-w-	c:\windows\system32\mshtmled.dll
2014-07-25 12:10 . 2014-08-14 06:21	292864	----a-w-	c:\windows\system32\dxtrans.dll
2014-07-25 12:10 . 2014-08-14 06:21	112128	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2014-07-25 12:08 . 2014-08-14 06:21	597504	----a-w-	c:\windows\SysWow64\jscript9diag.dll
2014-07-25 12:06 . 2014-08-14 06:21	4204032	----a-w-	c:\windows\SysWow64\jscript9.dll
2014-07-25 11:47 . 2014-08-14 06:21	631808	----a-w-	c:\windows\system32\msfeeds.dll
2014-07-25 11:43 . 2014-08-14 06:21	60416	----a-w-	c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:42 . 2014-08-14 06:21	692736	----a-w-	c:\windows\system32\ie4uinit.exe
2014-07-25 11:39 . 2014-08-14 06:21	2087936	----a-w-	c:\windows\system32\inetcpl.cpl
2014-07-25 11:39 . 2014-08-14 06:21	1249280	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-07-25 11:23 . 2014-08-14 06:21	13547008	----a-w-	c:\windows\system32\ieframe.dll
2014-07-25 11:07 . 2014-08-14 06:21	2001920	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2014-07-25 11:07 . 2014-08-14 06:21	1068032	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52 . 2014-08-14 06:21	2266624	----a-w-	c:\windows\system32\wininet.dll
2014-07-25 10:26 . 2014-08-14 06:21	1431040	----a-w-	c:\windows\system32\urlmon.dll
2014-07-25 10:17 . 2014-08-14 06:21	846336	----a-w-	c:\windows\system32\ieapfltr.dll
2014-07-25 10:05 . 2014-08-14 06:21	1792512	----a-w-	c:\windows\SysWow64\wininet.dll
2014-07-25 00:35 . 2014-07-25 00:35	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47	869544	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2014-07-21 16:07 . 2012-01-28 15:35	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-07-21 16:07 . 2012-01-28 15:35	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2009-12-26 21:43 . 2014-09-13 16:13	245760	----a-w-	c:\program files (x86)\Uninstall Ask Toolbar.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2009-08-12 352256]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2009-06-02 423936]
"KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2009-01-13 34088]
.
c:\users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
c:\users\vinzelberg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
TRDCReminder.lnk - c:\program files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe [2009-9-1 481184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys;c:\windows\SYSNATIVE\DRIVERS\Rts516xIR.sys [x]
R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R4 LiveUpdateSvc;LiveUpdate;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe;c:\program files (x86)\IObit\LiveUpdate\LiveUpdate.exe [x]
R4 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys;c:\windows\SYSNATIVE\DRIVERS\tos_sps64.sys [x]
S2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [x]
S2 ConfigFree Gadget Service;ConfigFree Gadget Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe [x]
S2 ConfigFree Service;ConfigFree Service;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe;c:\program files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [x]
S2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe;c:\program files (x86)\Toshiba TEMPRO\TemproSvc.exe [x]
S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe;c:\program files\TOSHIBA\TECO\TecoService.exe [x]
S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys;c:\windows\SYSNATIVE\DRIVERS\TVALZFL.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys;c:\windows\SYSNATIVE\drivers\IntcHdmi.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187B.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8187B.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [x]
S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2009-08-13 570680]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2009-08-05 497504]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2014-09-22 13672152]
"TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2009-08-03 709976]
"Toshiba TEMPRO"="c:\program files (x86)\Toshiba TEMPRO\TemproTray.exe" [2009-08-06 1050000]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaReminder.exe" [2009-07-30 134032]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-09-22 163384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-09-22 387640]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-09-22 418360]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mDefault_Page_URL = hxxp://www.google.com
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:14144;https=127.0.0.1:14144
uSearchAssistant = hxxp://www.google.com
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.192.241
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
BHO-{11111111-1111-1111-1111-110611421101} - (no file)
Toolbar-10 - (no file)
HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
AddRemove-Hornil StylePix - c:\program files\Hornil\StylePix\Uninstall.exe
AddRemove-SmootherWeb - c:\smootherweb\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,82,ad,b0,76,b4,f8,4f,a5,bc,60,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,46,82,ad,b0,76,b4,f8,4f,a5,bc,60,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-10-15  10:57:44
ComboFix-quarantined-files.txt  2014-10-15 08:57
.
Vor Suchlauf: 17 Verzeichnis(se), 188.204.580.864 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 187.799.412.736 Bytes frei
.
- - End Of File - - F3913521372F7AF8D1D407D0FA2E62B1
A36C5E4F47E84449FF07ED3517B43A31
         
Problem gelöst.

Scheinbar muss ADW Cleaner irgendwas im Soundtreiber gelöscht haben, bzw eine Schadsoftware hatte dort Wurzeln geschlagen.

Habe nun einfach den Soundtreiber deinstalliert und neu installiert und nun sind die Logs sauber und die Ohren tun nicht mehr weh

Dankesehr für die Hilfe
__________________

Alt 15.10.2014, 20:54   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows startet nach ADW-Cleaner mit lautem Piepen - Standard

Windows startet nach ADW-Cleaner mit lautem Piepen



Zitat:
und nun sind die Logs sauber
ja genau, sieht man ja am CF log



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows startet nach ADW-Cleaner mit lautem Piepen
adw-cleaner, adware.nsis.adwapper.au, adware.win32.agent.eqwb, adware.win32.eorezo.eid, anmeldefenster, canon, desktop, driver booster, fehlercode 0x5, fehlercode windows, installation, kaspersky, not-a-virus:adware.nsis.adwapper.au, not-a-virus:adware.win32.agent.eqwb, not-a-virus:adware.win32.eorezo.eid, not-a-virus:adware.win32.installcore.h, priceless, trojan.nsis.googupdate.dj, trojaner, windows



Ähnliche Themen: Windows startet nach ADW-Cleaner mit lautem Piepen


  1. Pc mit Windows 10 startet nach 5-25 min neu
    Alles rund um Windows - 05.09.2015 (21)
  2. Adw Cleaner zeigt immer noch in Scheduled tasks Daten an die der Cleaner nicht Löscht
    Log-Analyse und Auswertung - 23.08.2015 (5)
  3. Cleaner pro startet automatisch - Suchaschinen wurden geändert - Antivir lässt sich nicht öffnen ...
    Log-Analyse und Auswertung - 19.08.2015 (16)
  4. Windows startet ers nach einem reset und scrollt in allen Dokumenten dauerhaft nach unten
    Alles rund um Windows - 17.07.2015 (2)
  5. Windows 8.1 startet nach Defragmentierung nicht mehr
    Alles rund um Windows - 13.05.2015 (15)
  6. PC startet nach Windows Updates nicht mehr
    Alles rund um Windows - 17.03.2015 (10)
  7. Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus
    Log-Analyse und Auswertung - 30.11.2014 (9)
  8. Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus
    Alles rund um Windows - 28.11.2014 (27)
  9. Windows 7 Startet nicht/ hängt an der Pw Eingabe/ Bildschirm bleibt schwarz nach Windows Logo
    Plagegeister aller Art und deren Bekämpfung - 27.09.2014 (7)
  10. Taskmanager startet nicht nach Befall Windows 7
    Log-Analyse und Auswertung - 24.03.2014 (16)
  11. Windows 7: nation zoom nach cc cleaner Installation von dieser Seite: http://www.ccleaner.de/
    Log-Analyse und Auswertung - 05.01.2014 (14)
  12. Windows 7: Ununterbrochenes Piepen beim Hochfahren und Mauszeiger spinnt
    Plagegeister aller Art und deren Bekämpfung - 31.12.2013 (11)
  13. Windows 7 startet nach Update nicht mehr
    Alles rund um Windows - 29.10.2013 (10)
  14. deltasearch - Fortfahren nach ADW-Cleaner/OTL
    Log-Analyse und Auswertung - 05.08.2013 (3)
  15. Nach lautem Piepton geht nichts mehr
    Log-Analyse und Auswertung - 06.08.2011 (28)
  16. Windows XP startet nicht - nach Updateinstallation
    Alles rund um Windows - 23.04.2010 (3)
  17. Windows startet nicht nach Recovery CD anwendung
    Alles rund um Windows - 07.01.2010 (3)

Zum Thema Windows startet nach ADW-Cleaner mit lautem Piepen - Hiho EIn Kumpel hat mir mal wieder nen Rechner gebracht. Fehlerbeschriebung "alles langsamm, überall Werbung" Jedenfalls habe ich meinen normalen Workflow, der in 99% der Fälle (hier dank des Forums) - Windows startet nach ADW-Cleaner mit lautem Piepen...
Archiv
Du betrachtest: Windows startet nach ADW-Cleaner mit lautem Piepen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.