Ja, genau...
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2014 (ATTENTION: ====> FRST version is 27 days old and could be outdated)
Ran by Deborah (administrator) on DEBORAH-PC on 07-04-2014 13:54:06
Running from C:\Users\Deborah\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Andrea Electronics Corporation) C:\Windows\system32\aestsrv.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Windows\system32\PSIService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(SoftThinks SAS) C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE
(IDT, Inc.) C:\Windows\system32\STacSV.exe
(Tlapia) C:\Program Files\sysTPL\sysTPLMonitor.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Tlapia) C:\Program Files\sysTPL\sysTPLService.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(Krzysztof Kowalczyk) C:\Program Files\SumatraPDF\SumatraPDF.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [emsisoft anti-malware] - c:\program files\emsisoft anti-malware\a2guard.exe [4330432 2014-02-15] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2149206082-1999033392-3024870327-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-2149206082-1999033392-3024870327-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8877
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {F81D1984-6882-482E-A665-32E324487CAC} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {93E9486C-FB64-49F6-924C-E5F79C113695} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=642886&p={searchTerms}
SearchScopes: HKCU - {F81D1984-6882-482E-A665-32E324487CAC} URL = hxxp://ixquick.com/do/metasearch.pl?query={searchTerms}&cat=web&pl=ie&language=deutsch
BHO: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No File
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} hxxp://support.microsoft.com/mats/DiagWebControl.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: livecall - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - No CLSID Value -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5A104C92-2E6D-4F97-A200-8BAD45123FDA}: [NameServer]8.8.8.8
FireFox:
========
FF ProfilePath: C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\fjbgpya6.default-1396517039629
FF Keyword.URL: hxxp://www.google.com/search?sourceid=navclient&hl=de&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ghostery - C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\fjbgpya6.default-1396517039629\Extensions\firefox@ghostery.com.xpi [2014-04-03]
FF Extension: Adblock Plus - C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\fjbgpya6.default-1396517039629\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-03]
FF Extension: DownThemAll! - C:\Users\Deborah\AppData\Roaming\Mozilla\Firefox\Profiles\fjbgpya6.default-1396517039629\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-04-03]
========================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-15] (Emsisoft GmbH)
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
S2 ICM_UpdaterService; C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [204883 2011-03-18] ()
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [174656 2006-11-02] ()
R2 SftService; C:\Program Files\Dell DataSafe Local Backup\sftservice.EXE [689472 2010-08-20] (SoftThinks SAS)
R2 sysTPLMonitor.exe; C:\Program Files\sysTPL\sysTPLMonitor.exe [399640 2014-01-24] (Tlapia)
R2 sysTPLService.exe; C:\Program Files\sysTPL\sysTPLService.exe [400664 2014-01-24] (Tlapia)
S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [X]
S2 sprtsvc_dellsupportcenter; No ImagePath
==================== Drivers (Whitelisted) ====================
R3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [58200 2014-03-31] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys [38248 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files\Emsisoft Anti-Malware\a2util32.sys [14432 2013-03-28] (Emsisoft GmbH)
R3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [50376 2013-09-19] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6637056 2010-08-16] (Intel Corporation)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
S3 sscebus; C:\Windows\System32\DRIVERS\sscebus.sys [98560 2010-12-21] (MCCI Corporation)
S3 sscemdfl; C:\Windows\System32\DRIVERS\sscemdfl.sys [14848 2010-12-21] (MCCI Corporation)
S3 sscemdm; C:\Windows\System32\DRIVERS\sscemdm.sys [123648 2010-12-21] (MCCI Corporation)
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-22] (AnchorFree Inc)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-04-24] (Anchorfree Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; No ImagePath
S4 iaNvStor; \SystemRoot\system32\drivers\ianvstor.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-03 11:20 - 2014-04-03 11:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-03 11:17 - 2014-04-03 11:17 - 00283192 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox Setup Stub 28.0.exe
2014-04-02 18:36 - 2014-04-02 18:36 - 00124661 _____ () C:\Users\Deborah\Desktop\bookmarks-2014-04-02.json
2014-04-02 18:36 - 2014-04-02 18:36 - 00086971 _____ () C:\Users\Deborah\Desktop\bookmarks.html
2014-04-02 17:56 - 2014-04-02 17:57 - 00000000 ____D () C:\Users\Deborah\Desktop\hELM
2014-03-31 13:06 - 2014-03-31 14:03 - 00000000 ____D () C:\Users\Deborah\Desktop\Masterarbeit
2014-03-31 11:47 - 2008-07-28 21:56 - 00001027 _____ () C:\Users\Deborah\Downloads\d_e10_025.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00003284 _____ () C:\Users\Deborah\Downloads\d_e10_019.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00002322 _____ () C:\Users\Deborah\Downloads\d_e10_022.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00002211 _____ () C:\Users\Deborah\Downloads\d_e10_018.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00002063 _____ () C:\Users\Deborah\Downloads\d_e10_023.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00001989 _____ () C:\Users\Deborah\Downloads\d_e10_013.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00001804 _____ () C:\Users\Deborah\Downloads\d_e10_016.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00001656 _____ () C:\Users\Deborah\Downloads\d_e10_017.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00001508 _____ () C:\Users\Deborah\Downloads\d_e10_015.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00001471 _____ () C:\Users\Deborah\Downloads\d_e10_021.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00000990 _____ () C:\Users\Deborah\Downloads\d_e10_014.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00000879 _____ () C:\Users\Deborah\Downloads\d_e10_024.tk
2014-03-31 11:47 - 2008-07-28 21:55 - 00000731 _____ () C:\Users\Deborah\Downloads\d_e10_020.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00002729 _____ () C:\Users\Deborah\Downloads\d_e10_007.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00002433 _____ () C:\Users\Deborah\Downloads\d_e10_010.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00002396 _____ () C:\Users\Deborah\Downloads\d_e10_008.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00002396 _____ () C:\Users\Deborah\Downloads\d_e10_006.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00002137 _____ () C:\Users\Deborah\Downloads\d_e10_012.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00001619 _____ () C:\Users\Deborah\Downloads\d_e10_011.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00001471 _____ () C:\Users\Deborah\Downloads\d_e10_009.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00001434 _____ () C:\Users\Deborah\Downloads\d_e10_005.tk
2014-03-31 11:47 - 2008-07-28 21:54 - 00001360 _____ () C:\Users\Deborah\Downloads\d_e10_004.tk
2014-03-31 11:47 - 2008-07-28 21:53 - 00002248 _____ () C:\Users\Deborah\Downloads\d_e10_002.tk
2014-03-31 11:47 - 2008-07-28 21:53 - 00001989 _____ () C:\Users\Deborah\Downloads\d_e10_001.tk
2014-03-31 11:47 - 2008-07-28 21:53 - 00001249 _____ () C:\Users\Deborah\Downloads\d_e10_003.tk
2014-03-31 11:46 - 2014-03-31 11:46 - 00014853 _____ () C:\Users\Deborah\Downloads\d_e10_tk.zip
2014-03-23 12:39 - 2014-03-23 12:39 - 00023184 _____ () C:\Users\Deborah\Desktop\FRST 5.txt
2014-03-21 00:32 - 2014-03-21 00:32 - 00043940 _____ () C:\Users\Deborah\Desktop\Addition4.txt
2014-03-21 00:32 - 2014-03-21 00:32 - 00028973 _____ () C:\Users\Deborah\Desktop\FRST4.txt
2014-03-17 15:35 - 2014-03-17 15:35 - 00029688 _____ () C:\Users\Deborah\Desktop\FRST3.txt
2014-03-17 15:34 - 2014-03-17 15:34 - 00044464 _____ () C:\Users\Deborah\Desktop\Addition3.txt
2014-03-17 15:02 - 2014-04-03 11:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-14 14:02 - 2014-03-14 14:02 - 00031354 _____ () C:\Users\Deborah\Desktop\FRST2.txt
2014-03-14 13:43 - 2014-03-14 13:43 - 00283256 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-14 13:26 - 2014-03-14 13:26 - 00114742 _____ () C:\Users\Deborah\Desktop\bookmarks-2014-03-14.json
2014-03-14 13:10 - 2014-02-13 04:11 - 24490112 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox Setup 27.0.1.exe
2014-03-14 12:55 - 2014-03-21 00:07 - 00000000 ____D () C:\Users\Deborah\Desktop\Old Firefox Data
2014-03-14 12:49 - 2014-03-14 12:49 - 24654088 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox_Setup_27.0.1__1_.exe
2014-03-14 12:02 - 2014-03-14 12:02 - 00001099 _____ () C:\Users\Deborah\Desktop\checkup.txt
2014-03-14 11:54 - 2014-03-14 11:54 - 00987442 _____ () C:\Users\Deborah\Desktop\SecurityCheck.exe
2014-03-13 19:37 - 2014-03-13 19:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-13 00:18 - 2014-04-07 13:38 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-03-13 00:18 - 2014-03-13 00:18 - 00000000 ____D () C:\Users\Deborah\Documents\Anti-Malware
2014-03-13 00:04 - 2014-03-12 19:47 - 224731696 _____ (Emsisoft GmbH ) C:\Users\Deborah\Downloads\EmsisoftAntiMalwareSetup.exe
2014-03-12 23:33 - 2014-03-12 23:33 - 00227096 _____ () C:\Users\Deborah\Downloads\avira_registry_cleaner_de.exe
2014-03-12 22:07 - 2014-03-12 22:15 - 138607664 _____ () C:\Users\Deborah\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-12 20:02 - 2014-03-12 20:02 - 00001052 _____ () C:\Users\Deborah\Desktop\JRT.txt
2014-03-12 17:17 - 2014-03-12 16:55 - 00011192 _____ () C:\Users\Deborah\Desktop\AdwCleaner[S0].txt
2014-03-12 17:15 - 2014-03-12 17:15 - 00038274 _____ () C:\Users\Deborah\Desktop\FRST1.txt
2014-03-12 17:10 - 2014-03-12 17:10 - 01037734 _____ (Thisisu) C:\Users\Deborah\Desktop\JRT.exe
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 16:52 - 2014-03-12 22:04 - 00000000 ____D () C:\AdwCleaner
2014-03-12 16:52 - 2014-03-12 16:52 - 01949184 _____ () C:\Users\Deborah\Desktop\adwcleaner.exe
2014-03-12 15:25 - 2014-03-12 15:25 - 00000971 _____ () C:\Users\Deborah\Desktop\Kolleg - Verknüpfung.lnk
2014-03-12 11:04 - 2014-03-12 11:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Deborah\Downloads\revosetup95.exe
2014-03-12 11:04 - 2014-03-12 11:04 - 00001059 _____ () C:\Users\Deborah\Desktop\Revo Uninstaller.lnk
2014-03-12 11:04 - 2014-03-12 11:04 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-11 14:10 - 2014-04-07 13:54 - 00011945 _____ () C:\Users\Deborah\Desktop\FRST.txt
2014-03-11 14:10 - 2014-03-21 00:29 - 00043940 _____ () C:\Users\Deborah\Desktop\Addition.txt
2014-03-11 13:59 - 2014-03-11 14:11 - 00042557 _____ () C:\Users\Deborah\Downloads\Addition.txt
2014-03-11 13:58 - 2014-03-11 14:11 - 00039525 _____ () C:\Users\Deborah\Downloads\FRST.txt
2014-03-11 13:57 - 2014-04-07 13:54 - 00000000 ____D () C:\FRST
2014-03-11 13:56 - 2014-03-11 08:32 - 01145856 _____ (Farbar) C:\Users\Deborah\Desktop\FRST.exe
2014-03-11 11:43 - 2014-03-11 11:43 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Deborah\Downloads\avira_de_av___ws.exe
2014-03-10 20:34 - 2014-03-10 20:34 - 00004663 _____ () C:\Windows\system32\exception.txt
==================== One Month Modified Files and Folders =======
2014-04-07 13:54 - 2014-03-11 14:10 - 00011945 _____ () C:\Users\Deborah\Desktop\FRST.txt
2014-04-07 13:54 - 2014-03-11 13:57 - 00000000 ____D () C:\FRST
2014-04-07 13:52 - 2010-02-15 20:07 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 13:48 - 2008-03-13 19:05 - 01107563 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 13:39 - 2010-02-15 20:07 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 13:38 - 2014-03-13 00:18 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-04-07 13:37 - 2006-11-02 14:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 13:37 - 2006-11-02 14:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-06 19:49 - 2006-11-02 12:33 - 01596102 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 22:22 - 2014-01-31 22:04 - 00000000 ____D () C:\Program Files\sysTPL
2014-04-03 11:42 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 11:41 - 2008-03-13 19:06 - 00004268 _____ () C:\Windows\bthservsdp.dat
2014-04-03 11:41 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-03 11:24 - 2014-02-10 21:35 - 00000000 ____D () C:\Users\Deborah\MOBAC
2014-04-03 11:20 - 2014-04-03 11:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-03 11:20 - 2014-03-17 15:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-03 11:17 - 2014-04-03 11:17 - 00283192 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 10:53 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-04-03 10:45 - 2014-03-02 14:44 - 00224906 _____ () C:\Windows\PFRO.log
2014-04-02 18:36 - 2014-04-02 18:36 - 00124661 _____ () C:\Users\Deborah\Desktop\bookmarks-2014-04-02.json
2014-04-02 18:36 - 2014-04-02 18:36 - 00086971 _____ () C:\Users\Deborah\Desktop\bookmarks.html
2014-04-02 18:35 - 2014-01-19 18:48 - 00000000 ____D () C:\Users\Deborah\Desktop\Tickets
2014-04-02 17:57 - 2014-04-02 17:56 - 00000000 ____D () C:\Users\Deborah\Desktop\hELM
2014-03-31 19:10 - 2010-02-15 20:03 - 00000294 _____ () C:\Windows\Tasks\Defraggler Volume D Task.job
2014-03-31 14:03 - 2014-03-31 13:06 - 00000000 ____D () C:\Users\Deborah\Desktop\Masterarbeit
2014-03-31 11:46 - 2014-03-31 11:46 - 00014853 _____ () C:\Users\Deborah\Downloads\d_e10_tk.zip
2014-03-31 08:40 - 2013-11-15 16:29 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-23 12:39 - 2014-03-23 12:39 - 00023184 _____ () C:\Users\Deborah\Desktop\FRST 5.txt
2014-03-23 11:17 - 2012-12-04 20:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 01:52 - 2008-05-02 18:46 - 00000000 ____D () C:\Users\Deborah\AppData\Local\Adobe
2014-03-23 01:51 - 2012-10-16 20:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-23 01:51 - 2012-02-16 22:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-21 00:32 - 2014-03-21 00:32 - 00043940 _____ () C:\Users\Deborah\Desktop\Addition4.txt
2014-03-21 00:32 - 2014-03-21 00:32 - 00028973 _____ () C:\Users\Deborah\Desktop\FRST4.txt
2014-03-21 00:29 - 2014-03-11 14:10 - 00043940 _____ () C:\Users\Deborah\Desktop\Addition.txt
2014-03-21 00:07 - 2014-03-14 12:55 - 00000000 ____D () C:\Users\Deborah\Desktop\Old Firefox Data
2014-03-19 10:19 - 2008-08-16 17:05 - 00001356 _____ () C:\Users\Deborah\AppData\Local\d3d9caps.dat
2014-03-18 18:47 - 2008-05-02 14:37 - 00000000 ____D () C:\Users\Deborah\AppData\Roaming\Skype
2014-03-17 15:35 - 2014-03-17 15:35 - 00029688 _____ () C:\Users\Deborah\Desktop\FRST3.txt
2014-03-17 15:34 - 2014-03-17 15:34 - 00044464 _____ () C:\Users\Deborah\Desktop\Addition3.txt
2014-03-14 14:02 - 2014-03-14 14:02 - 00031354 _____ () C:\Users\Deborah\Desktop\FRST2.txt
2014-03-14 13:43 - 2014-03-14 13:43 - 00283256 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-14 13:26 - 2014-03-14 13:26 - 00114742 _____ () C:\Users\Deborah\Desktop\bookmarks-2014-03-14.json
2014-03-14 12:49 - 2014-03-14 12:49 - 24654088 _____ (Mozilla) C:\Users\Deborah\Downloads\Firefox_Setup_27.0.1__1_.exe
2014-03-14 12:36 - 2010-02-15 17:03 - 00000000 ____D () C:\Program Files\IObit
2014-03-14 12:02 - 2014-03-14 12:02 - 00001099 _____ () C:\Users\Deborah\Desktop\checkup.txt
2014-03-14 11:54 - 2014-03-14 11:54 - 00987442 _____ () C:\Users\Deborah\Desktop\SecurityCheck.exe
2014-03-13 19:37 - 2014-03-13 19:37 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-13 01:41 - 2013-08-17 03:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-13 01:34 - 2006-11-02 12:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-13 00:18 - 2014-03-13 00:18 - 00000000 ____D () C:\Users\Deborah\Documents\Anti-Malware
2014-03-12 23:33 - 2014-03-12 23:33 - 00227096 _____ () C:\Users\Deborah\Downloads\avira_registry_cleaner_de.exe
2014-03-12 23:12 - 2008-05-02 10:54 - 00000000 ____D () C:\Users\Deborah
2014-03-12 22:15 - 2014-03-12 22:07 - 138607664 _____ () C:\Users\Deborah\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-03-12 22:04 - 2014-03-12 16:52 - 00000000 ____D () C:\AdwCleaner
2014-03-12 20:02 - 2014-03-12 20:02 - 00001052 _____ () C:\Users\Deborah\Desktop\JRT.txt
2014-03-12 19:47 - 2014-03-13 00:04 - 224731696 _____ (Emsisoft GmbH ) C:\Users\Deborah\Downloads\EmsisoftAntiMalwareSetup.exe
2014-03-12 17:15 - 2014-03-12 17:15 - 00038274 _____ () C:\Users\Deborah\Desktop\FRST1.txt
2014-03-12 17:10 - 2014-03-12 17:10 - 01037734 _____ (Thisisu) C:\Users\Deborah\Desktop\JRT.exe
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-12 17:06 - 2013-10-12 18:49 - 00000000 ____D () C:\Users\Deborah\AppData\Roaming\Tyre
2014-03-12 16:55 - 2014-03-12 17:17 - 00011192 _____ () C:\Users\Deborah\Desktop\AdwCleaner[S0].txt
2014-03-12 16:52 - 2014-03-12 16:52 - 01949184 _____ () C:\Users\Deborah\Desktop\adwcleaner.exe
2014-03-12 15:25 - 2014-03-12 15:25 - 00000971 _____ () C:\Users\Deborah\Desktop\Kolleg - Verknüpfung.lnk
2014-03-12 11:04 - 2014-03-12 11:04 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Deborah\Downloads\revosetup95.exe
2014-03-12 11:04 - 2014-03-12 11:04 - 00001059 _____ () C:\Users\Deborah\Desktop\Revo Uninstaller.lnk
2014-03-12 11:04 - 2014-03-12 11:04 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-03-11 19:55 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-03-11 14:11 - 2014-03-11 13:59 - 00042557 _____ () C:\Users\Deborah\Downloads\Addition.txt
2014-03-11 14:11 - 2014-03-11 13:58 - 00039525 _____ () C:\Users\Deborah\Downloads\FRST.txt
2014-03-11 11:43 - 2014-03-11 11:43 - 04051048 _____ (Avira Operations GmbH & Co. KG) C:\Users\Deborah\Downloads\avira_de_av___ws.exe
2014-03-11 08:32 - 2014-03-11 13:56 - 01145856 _____ (Farbar) C:\Users\Deborah\Desktop\FRST.exe
2014-03-10 20:35 - 2010-02-15 20:03 - 00000294 _____ () C:\Windows\Tasks\Defraggler Volume C Task.job
2014-03-10 20:34 - 2014-03-10 20:34 - 00004663 _____ () C:\Windows\system32\exception.txt
2014-03-10 19:30 - 2011-02-09 22:54 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
Some content of TEMP:
====================
C:\Users\Deborah\AppData\Local\temp\avgnt.exe
C:\Users\Deborah\AppData\Local\temp\Quarantine.exe
C:\Users\Deborah\AppData\Local\temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-03 23:58
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2014
Ran by Deborah at 2014-04-07 13:54:39
Running from C:\Users\Deborah\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
==================== Installed Programs ======================
AccelerateTab (HKLM\...\AccelerateTab_is1) (Version: 2.0 - AccelerateTab)
Add or Remove Adobe Creative Suite 3 Design Premium (HKLM\...\Adobe_c14ac4070fd9614ffe63f4bb533db2c) (Version: 1.0 - Adobe Systems Incorporated)
Adobe BridgeTalk Plugin CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe MotionPicture Color Files (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.7) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.1.0 - IObit)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
Benutzerhandbuch (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MG5200 series Benutzerregistrierung (HKLM\...\Canon MG5200 series Benutzerregistrierung) (Version: - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version: - )
Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - )
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
Card Reader Software (HKLM\...\{CFA9C1EE-8D76-477E-9E26-D24C26F11F47}) (Version: 2.5.0.0 - Standard Microsystems Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Snapfire (HKLM\...\{3C569633-C8DE-46E2-BB8F-F65198681C2F}) (Version: 2.100.0000 - Corel Corporation)
Defraggler (HKLM\...\Defraggler) (Version: 1.17 - Piriform)
Dell DataSafe Local Backup - Support Software (HKLM\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: - Dell)
Dell DataSafe Local Backup (HKLM\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.48 - Dell)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Handbuch zum Einstieg (HKLM\...\{FD023F61-65E9-465C-B558-7C64EB2B97E6}) (Version: 1.00.0000 - Dell Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Driver Booster (HKLM\...\Driver Booster_is1) (Version: 1.2 - IObit)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
f4 2012 (HKLM\...\f42012) (Version: - audiotranskription.de)
f4analyse (HKLM\...\f4analyse) (Version: - audiotranskription.de)
Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free Audio Converter version 2.2 (HKLM\...\Free Audio Converter_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube to MP3 Converter version 3.12.23.219 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.23.219 - DVDVideoSoft Ltd.)
GnuPG For Windows (HKLM\...\GPG4Win) (Version: 1.1.3 - The Gpg4win Project)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HP LaserJet P1000 series (HKLM\...\HP LaserJet P1000 series) (Version: - )
Intel(R) Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 11.01.0000 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216023FF}) (Version: 6.0.230 - Oracle)
K-Lite Codec Pack 6.4.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.4.0 - )
Laptop Integrated Webcam Driver (1.03.02.0719) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
mCore (Version: 9.24.0000 - Intel Corporation) Hidden
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
mHelp (Version: 9.24.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version: - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version: - )
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 2 (SP2) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Server Speech Platform Runtime (x86) (HKLM\...\{22CB8ED7-DF57-4864-BD04-F63B9CE4B494}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (de-DE, Hedda) (HKLM\...\{ACFCC7B5-C028-40AE-A5F5-9778B41F22A2}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Server Speech Text to Speech Voice (en-US, ZiraPro) (HKLM\...\{C7CDC27F-0952-4DF1-9E41-B75140933BC6}) (Version: 11.0.7400.335 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
mMHouse (Version: 9.24.0000 - Intel Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
mPfMgr (Version: 9.24.0000 - Intel Corporation) Hidden
Mplus Version 7 Demo (HKLM\...\{68578F04-9E39-473E-AEF9-B807DBD059D6}) (Version: 7.0.0000 - Muthen & Muthen)
MSVCRT (Version: " - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 5.0 (HKLM\...\{64367D02-ADA8-4FA0-B348-27F25C60BC7B}) (Version: 5.00.050 - muvee Technologies)
mWMI (Version: 9.24.0000 - Intel Corporation) Hidden
MWS Reader 5 (HKLM\...\MWS Reader 5_is1) (Version: 5.0.330 - directINNOVATION UG (haftungsbeschränkt))
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
NVIDIA Install Application (Version: 2.1002.109.706 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 314.07 (Version: 314.07 - NVIDIA Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenOffice.org 3.2 (HKLM\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
Paint.NET v3.5.5 (HKLM\...\{F0E2B312-D7FD-4349-A9B6-E90B36DB1BD0}) (Version: 3.55.0 - dotPDN LLC)
PDF24 Creator 5.4.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Pidgin (HKLM\...\Pidgin) (Version: 2.10.7 - )
pidgin-otr 3.2.0-1 (HKLM\...\pidgin-otr) (Version: 3.2.0-1 - Cypherpunks CA)
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 8.2.17 - Dell Inc.)
R for Windows 3.0.0 (HKLM\...\R for Windows 3.0.0_is1) (Version: 3.0.0 - R Core Team)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RStudio (HKLM\...\RStudio) (Version: 0.97.336 - RStudio)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Networking Wizard (HKLM\...\{0C485220-4029-48E7-9F27-965DA4A78D5E}) (Version: 1.1.11123.1 - Samsung Electronics Co., Ltd. )
Samsung PC Studio 3 (HKLM\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.2.80604 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (Version: 3.0.0.80604 - Samsung Electronics Co., Ltd.) Hidden
Samsung PC Studio 3 USB Driver Installer (HKLM\...\{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}) (Version: 3.2.0.70701 - Samsung Electronics Co., Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2000.0 - SAMSUNG Electronics Co., Ltd.)
ScummVM 1.0.0 (HKLM\...\ScummVM_is1) (Version: - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 1.3 - Krzysztof Kowalczyk)
Support und Treiber (HKLM\...\Support und Treiber 1.4.1) (Version: 1.4.1 - Tlapia)
Support und Treiber (Version: 1.4.1 - Tlapia) Hidden
sysTPL (HKLM\...\{4B74BC31-B353-4B8F-8CBE-DAB4FF326FF1}) (Version: 1.4.1.2 - Tlapia)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 6.2 - TrueCrypt Foundation)
Tyre (HKLM\...\Tyre_is1) (Version: 6.4.0.10 - 't Schrijverke)
UN.CO.VER. 2.0 (HKLM\...\{92D9E57D-73A5-4329-9888-FBBC16ED8944}_is1) (Version: - Sario Marketing GmbH, Inc.)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office OneNote 2007 (KB980729) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0 - DivX, Inc) Hidden
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
14-03-2014 02:00:20 Windows Update
14-03-2014 10:18:26 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
14-03-2014 10:30:57 Revo Uninstaller's restore point - IObit Malware Fighter
14-03-2014 10:45:46 Revo Uninstaller's restore point - Mozilla Maintenance Service
14-03-2014 10:47:40 Windows Update
14-03-2014 10:53:18 Windows Update
14-03-2014 11:27:55 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
14-03-2014 12:03:07 Windows Update
15-03-2014 10:28:18 Windows Update
17-03-2014 08:54:31 Windows Update
17-03-2014 12:23:16 Revo Uninstaller's restore point - Mozilla Maintenance Service
17-03-2014 12:43:50 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
18-03-2014 12:58:47 Windows Update
19-03-2014 15:24:00 Geplanter Prüfpunkt
20-03-2014 20:57:29 Windows Update
20-03-2014 21:14:01 Windows Update
22-03-2014 19:11:29 Windows Update
22-03-2014 21:35:51 Revo Uninstaller's restore point - Protector Suite 2011
22-03-2014 22:57:51 Windows Update
23-03-2014 00:23:29 Windows Update
31-03-2014 06:43:15 Windows Update
31-03-2014 07:35:18 Windows Update
02-04-2014 07:40:11 Windows Update
02-04-2014 17:43:16 Revo Uninstaller's restore point - Mozilla Firefox 28.0 (x86 en-US)
02-04-2014 17:53:14 Windows Update
03-04-2014 09:07:02 Windows Update
06-04-2014 17:04:51 Windows Update
07-04-2014 11:40:26 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 12:23 - 2011-04-13 16:36 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {09E083FB-63F1-439B-8E9D-95DB2A39ED16} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit)
Task: {14E2B5AB-92E0-47CD-B426-95F2DA1BC36C} - System32\Tasks\NoAutorun => C:\Users\Deborah\Desktop\NoAutorun.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1F508669-1B64-4EA6-B575-AE48BDAF1DC8} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {24DC161D-7B15-41A4-903C-5072A7DD35D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-15] (Google Inc.)
Task: {2F0E4AF9-D377-4A2A-B601-23D0226E4E39} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Deborah => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4A9F7AAE-3E89-4670-95C4-D72ECD81727C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-15] (Google Inc.)
Task: {5426325B-4C82-468F-8635-12BA7AEB589D} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2014-01-16] (IObit)
Task: {5BE4D7CE-375E-41AE-8DB3-18A1C116A233} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df.exe [2010-02-12] (Piriform Ltd)
Task: {709965F0-8E8B-4D7F-8F23-A0F752F9260B} - System32\Tasks\{4CC0C81B-DC8E-40F6-BE16-93FC1D1257EF} => Firefox.exe hxxp://ui.skype.com/ui/0/4.2.0.169/de/abandoninstall?page=tsDownload&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-notinstalled
Task: {792AC392-C104-42D2-956C-86ADAD45DEB2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {849385C5-A793-4F74-8E2B-802B332AE4A8} - System32\Tasks\SmartDefrag => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
Task: {9266B79F-763C-44B9-A211-DA539037DF03} - System32\Tasks\PandaUSBVaccine => C:\Program Files\Panda USB Vaccine\RunInteractiveWin.exe
Task: {983DAF8A-3A3F-42D5-A220-6FF33F5CFA82} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)
Task: {9FC2A07D-6F6F-48A9-99FD-23FDB116E338} - System32\Tasks\ASC7_SkipUac_Deborah => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2013-12-10] (IObit)
Task: {A41C3FBD-99CF-40D3-8FD7-B9699E127CBA} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {A729061F-EB84-4A6D-A52C-475486E28A37} - System32\Tasks\{1107270C-5394-4480-8B7B-A96D2C39DCD6} => Firefox.exe hxxp://ui.skype.com/ui/0/5.1.0.112/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {AB88E379-74A8-424E-A7C9-F1196BEE9325} - System32\Tasks\{7E4851FB-E6CD-4F8D-99DD-1AF6887B80BC} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: {B5025570-9645-4B8F-A504-7299F4217C75} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {F8E6834C-E32A-4777-A81A-C79677009C11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-23] (Adobe Systems Incorporated)
Task: {FEC4F5BB-B0EF-4FB0-90D5-08F7B0802CA2} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df.exe [2010-02-12] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df.exe
Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SmartDefrag.job => C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
==================== Loaded Modules (whitelisted) =============
2013-11-15 16:28 - 2013-10-25 13:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2007-04-25 12:55 - 2007-04-25 12:55 - 01167360 _____ () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2007-07-25 18:25 - 2007-07-25 18:25 - 00118784 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2010-09-27 12:03 - 2010-09-27 12:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2006-11-02 20:40 - 2006-11-02 20:40 - 00174656 _____ () C:\Windows\system32\PSIService.exe
2010-11-18 22:54 - 2010-07-20 22:33 - 00058688 ____N () C:\Program Files\Dell DataSafe Local Backup\STCoreXml.dll
2010-11-18 22:54 - 2010-07-20 22:33 - 00116032 ____N () C:\Program Files\Dell DataSafe Local Backup\PSTVdsDisk.dll
2010-11-18 22:54 - 2010-07-20 22:33 - 00128320 ____N () C:\Program Files\Dell DataSafe Local Backup\STLog.dll
2008-08-04 18:22 - 2007-09-20 18:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2014-04-03 11:20 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk => C:\Windows\pss\BTTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VPN Client.lnk => C:\Windows\pss\VPN Client.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Deborah^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Advanced SystemCare 4 =>
MSCONFIG\startupreg: Advanced SystemCare 5 =>
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: DELL Webcam Manager => "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
MSCONFIG\startupreg: ECenter => C:\Dell\E-Center\EULALauncher.exe
MSCONFIG\startupreg: FlashPlayerUpdate => C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin
MSCONFIG\startupreg: Guard => C:\Users\Deborah\AppData\Local\Guard\Guard.exe
MSCONFIG\startupreg: IAAnotif => "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Malwarebytes' Anti-Malware => "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
MSCONFIG\startupreg: MWS Reader 5 => "C:\Program Files\MWS Reader 5\mwsr5.exe" /startup
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NVHotkey => rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: NvSvc => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
MSCONFIG\startupreg: OEM02Mon.exe => C:\Windows\OEM02Mon.exe
MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: Pidgin => C:\Program Files\Pidgin\pidgin.exe
MSCONFIG\startupreg: PSQLLauncher => "C:\Program Files\Protector Suite\launcher.exe" /startup
MSCONFIG\startupreg: SetIcon => \Program Files\SMSC\Seticon.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware =>
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/06/2014 07:03:00 PM) (Source: Windows Backup) (User: )
Description: Die Dateisicherung ist aufgrund eines Fehlers beim Schreiben in das Sicherungsziel F:\ fehlgeschlagen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und die Hardwarekonfiguration. (0x81000006)
Error: (04/02/2014 07:43:16 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {1a3b5448-7bc4-435d-afac-b569f118b05e}
Error: (03/31/2014 09:25:22 AM) (Source: Windows Backup) (User: )
Description: Die Dateisicherung ist aufgrund eines Fehlers beim Schreiben in das Sicherungsziel F:\ fehlgeschlagen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und die Hardwarekonfiguration. (0x81000006)
Error: (03/31/2014 09:21:47 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\DEBORAH\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\R4R2F6OI.DEFAULT-1395353223328\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/31/2014 09:09:17 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung svchost.exe_wuauserv, Version 6.0.6001.18000, Zeitstempel 0x47918b89, fehlerhaftes Modul RPCRT4.dll, Version 6.0.6002.18024, Zeitstempel 0x49f05bcc, Ausnahmecode 0xc0000005, Fehleroffset 0x0002651a,
Prozess-ID 0x580, Anwendungsstartzeit svchost.exe_wuauserv0.
Error: (03/22/2014 11:35:50 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {7a140547-4ab6-4b94-a072-3ba782012def}
Error: (03/20/2014 11:06:52 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\DEBORAH\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\OOAKSQKT.DEFAULT-1395061465160\CACHE\9> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/20/2014 11:06:52 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\DEBORAH\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\OOAKSQKT.DEFAULT-1395061465160\CACHE\9> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/20/2014 11:06:45 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\DEBORAH\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\OOAKSQKT.DEFAULT-1395061465160\CACHE\8> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
Error: (03/20/2014 11:06:45 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\DEBORAH\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\OOAKSQKT.DEFAULT-1395061465160\CACHE\8> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (04/03/2014 10:11:57 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{040C94F1-8FC1-4A19-B71C-D89F9C2DFF-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (04/03/2014 11:52:08 AM) (Source: Service Control Manager) (User: )
Description: LiveUpdate1
Error: (04/03/2014 11:45:23 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (04/03/2014 11:43:44 AM) (Source: Service Control Manager) (User: )
Description: SupportSoft Sprocket Service (dellsupportcenter)%%3
Error: (04/03/2014 11:43:44 AM) (Source: Service Control Manager) (User: )
Description: SecureUpdate%%2
Error: (04/03/2014 11:43:24 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)
Error: (04/03/2014 11:42:21 AM) (Source: Microsoft-Windows-TaskScheduler) (User: NT-AUTORITÄT)
Description: 2147942402
Error: (04/03/2014 11:42:10 AM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (04/03/2014 11:41:53 AM) (Source: volmgr) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (04/03/2014 11:14:15 AM) (Source: Service Control Manager) (User: )
Description: LiveUpdate1
Microsoft Office Sessions:
=========================
Error: (05/21/2013 11:16:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.
Error: (05/21/2013 11:15:54 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 81 seconds with 60 seconds of active time. This session ended with a crash.
Error: (05/21/2013 11:14:04 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6440 seconds with 960 seconds of active time. This session ended with a crash.
Error: (05/21/2013 09:59:02 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1803 seconds with 1620 seconds of active time. This session ended with a crash.
Error: (02/13/2009 09:35:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 832 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/13/2009 04:30:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 119 seconds with 60 seconds of active time. This session ended with a crash.
Error: (06/04/2008 08:53:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 127 seconds with 60 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-04-03 12:49:17.774
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\msiltcfg.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-04-03 12:49:13.770
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\Emsisoft Anti-Malware\a2hooks32.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:17:56.354
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:17:56.266
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:17:56.173
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:17:56.083
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:17:55.995
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:17:55.906
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:14:03.391
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-12 15:14:03.291
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\fveapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 70%
Total physical RAM: 3581.14 MB
Available physical RAM: 1046.44 MB
Total Pagefile: 7351.29 MB
Available Pagefile: 4909.06 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.32 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:285.47 GB) (Free:61.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 40000000)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
