AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64

Jackomo · 20.08.2014, 00:12

Hallo, ich brauche wieder mal Eure Hilfe.

Bevor ich jedoch mit defogger, FRST, GMER & Co beginne, folgende Info:
Der möglicherweise infizierte PC ist nicht mein eigener, sondern der eines guten Freundes, der damit seine kleine Einzelfirma (Bäckerei) führt. Ich hab Ihm in der Vergangenheit oft geholfen, daher hat mich sein Hilferuf heute Nacht erreicht.
Die Frage ist, ob Ihr mich hier unterstützen könnt, dürft, wollt. Mir ist klar, dass ich dafür verantwortlich bin keine sensiblen Informationen zu posten, dafür sorge ich.

Würde mich freuen wenn Ihr unterstützen würdet, denke sicher, dass auch eine Spende drin sein wird.

Zum Problem / Verhalten:
Der PC läuft seit Monaten wie immer rund um die Uhr, meist auch problemlos.
Heute ist meinem Freund aufgefallen, dass AVIRA professional nicht mehr startet, auch das control center lässt sich nicht starten. Die AV Services lassen sich auch nicht manuell starten.

Dachte ich versuch mal einen eset online scan oder eine avast free installation.
Beide setups werden nach download angestartet, bis zur Abfrage ob ich installieren will, dann passiert nach "OK" einfach nichts mehr.
Das Einzige was durchlief war TrendMicro HouseCall. Hat eine Bedrohung "ADW NEXTLIVE" gefunden, sonst nix.

Danke schon mal im Voraus

Gruss Karl-Heinz

Bootsektor · 20.08.2014, 00:43

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Der Grund, warum wir zuest bei gewerblich genutzen Rechnern nachfragen ist abgesehen von sensiblen Informationen auch der eventuell vorhandene IT-Suppport in der Firma. Ich denke nicht, dass einer vorhanden ist?

Mach bitte erstmal nur FRST
Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Jackomo · 20.08.2014, 07:38

Hallo Sandra Vielen Dank !
Dann poste ich gleich mal die Logs

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Cheffe at 2014-08-20 08:26:28
Running from C:\Users\Cheffe\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AddExcel2007 (HKLM-x32\...\{409A5B89-0C37-4E72-98A0-021C89F1654D}) (Version: 1.7.2 - ADDISON Software und Service GmbH)
AddWord2007 (HKLM-x32\...\{28E4BDD0-7B3D-48DC-ACA1-594C73B6EF58}) (Version: 1.7.1 - ADDISON Software und Service GmbH)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Amadeus (HKLM-x32\...\{CDD74363-EC31-4924-A224-E287ADEBC9F6}) (Version: 3.0 - Amadeus Software, Research & Development GmbH)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Avira Professional Security (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.1.9.1580 - Avira)
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Biet-O-Matic v2.12.0 (HKLM-x32\...\Biet-O-Matic v2.12.0) (Version: Biet-O-Matic v2.12.0 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother P-touch Editor 5.0 (HKLM-x32\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2002 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (x32 Version: 5.0.2002 - Brother Industries, Ltd.) Hidden
Brother P-touch Editor Etikettenvorlagen - Arztpraxis #1 [DEU] (HKLM-x32\...\{98EBF604-98F9-4EF3-A53F-1E5A337578FD}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Arztpraxis #2 [DEU] (HKLM-x32\...\{E0E9C868-D080-4082-B0F6-97A6484BA40A}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Büroschilder [DEU] (HKLM-x32\...\{99050100-9321-4C31-854B-87E2B251AC64}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Dateien [DEU] (HKLM-x32\...\{7BE5BE58-24F1-43E3-BF05-7A2B734ED61B}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Halloween [DEU] (HKLM-x32\...\{1F61DE24-8817-4448-8699-85476867ADBF}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Ökologie [DEU] (HKLM-x32\...\{28D68CB9-053B-4C12-8748-E7A6E6B69DB6}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Persönlich #3 [DEU] (HKLM-x32\...\{38F9BADC-91BB-48E2-8CD3-4C71FE623FF8}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Persönlich [DEU] (HKLM-x32\...\{43A1F65B-6566-47D2-B18A-BB27260CD2DD}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Versand [DEU] (HKLM-x32\...\{B039E2DF-803B-4616-8992-6DB4EFF7C362}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Vertrieb #3 [DEU] (HKLM-x32\...\{8CCE5E3D-7574-4451-84F6-3C902855C6E8}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Vertrieb [DEU] (HKLM-x32\...\{F29A877C-4657-4D8F-B480-0BC1607A0447}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Vorsicht [DEU] (HKLM-x32\...\{A7BC48DE-53A4-4482-999C-280D7839EE6C}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Weihnachten [DEU] (HKLM-x32\...\{9ACF534D-2290-4333-AB0D-3AB02A6BBB41}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{A598BEC3-4F02-413E-9649-C5A1879DB558}) (Version: 1.0.0010 - Brother Industries, Ltd.)
Canon iP4600 series Benutzerregistrierung (HKLM-x32\...\Canon iP4600 series Benutzerregistrierung) (Version:  - )
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CAO-Faktura 1.4 (HKLM-x32\...\{2121BEF3-F102-4B7F-B5CF-A5299DAADA25}_is1) (Version: 1.4.1.10 - JP-Soft/AVE-Raßmann)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dsdminst (x32 Version: 1.01.0002 - Brother Industries, Ltd.) Hidden
Estlcam (HKLM-x32\...\Estlcam) (Version:  - )
EXPERTool 7.8 (HKLM-x32\...\EXPERTool_is1) (Version:  - Gainward Co., Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 23 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416023FF}) (Version: 6.0.230 - Oracle)
JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MX050 v7.4.1 (HKLM-x32\...\{86130655-2C2A-488D-8CC7-B7EDD19876D0}) (Version: 7.4.1 - Avery Berkel)
MX050 v7.4.1 (x32 Version: 7.4.1 - Avery Berkel) Hidden
MySQL Servers and Clients 3.23.58 (HKLM-x32\...\MySQL Servers and Clients 3.23.58) (Version:  - )
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.r - Runtime Games Ltd)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Profili 2 Professional (HKLM-x32\...\Profili 2 Professional) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
softonic-de3 Toolbar (HKLM-x32\...\softonic-de3 Toolbar) (Version: 6.2.3.0 - softonic-de3) <==== ATTENTION
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
windata SOHO (HKLM-x32\...\{AFF25BBF-6398-4E86-9858-A160E9E52FB7}) (Version: 08.08.0000 - windata GmbH & Co.KG)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

02-08-2014 09:47:52 Windows Update
03-08-2014 22:00:37 Windows-Sicherung
05-08-2014 15:07:12 Windows Update
08-08-2014 21:58:51 Windows Update
10-08-2014 22:00:40 Windows-Sicherung
12-08-2014 08:54:21 Windows Update
14-08-2014 01:00:25 Windows Update
17-08-2014 04:08:28 Windows Update
17-08-2014 22:00:28 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {272078CC-58FF-4A34-AE7B-1B340C5161C8} - System32\Tasks\{6FD0C562-E59B-44C3-B13E-D8F84D4675C6} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2012-05-14] (Avira Operations GmbH & Co. KG)
Task: {3FC9FE9C-70C5-47D0-A5F0-5B35050481CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {429C3946-4703-42C6-A2DB-D96447276C2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {5051ABF5-4536-4E42-802B-A62ED19CFD5A} - System32\Tasks\{15D162A9-0175-4521-86BE-E11865EFE1D4} => C:\Program Files\HP\HP LaserJet M1210 MFP Series\Scan To\hppscan0.exe [2009-11-18] (Hewlett-Packard Co.)
Task: {5CA8AFBA-6456-45DF-9A95-D3F28D2B9F31} - System32\Tasks\{C1CD7D87-1EF1-4277-9A79-C828BB95C49C} => D:\Battery Charger Monitor\usb-drv\slabunin.exe
Task: {5F1C588D-0AAE-4529-BBE8-56C695F186BB} - System32\Tasks\{69BE94DE-C51F-4D36-81C6-1BA9240971ED} => D:\Battery Charger Monitor\usb-drv\install.exe
Task: {78C146C9-4B74-4F4D-9B0F-EFEE3DD28604} - System32\Tasks\{71D86000-85D9-478D-B24C-43A6D5702E6F} => C:\Program Files\HP\HP LaserJet M1210 MFP Series\Scan To\hppscan0.exe [2009-11-18] (Hewlett-Packard Co.)
Task: {79623DFF-1664-49BE-BA3B-BD1BC2EBFB1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {97F8BC25-1CD4-4ACA-AFC7-3E016F96773E} - System32\Tasks\{15658220-8E35-4EC5-A127-32A16C571919} => C:\Program Files (x86)\CAO-Faktura\cao_faktura.exe [2014-08-13] (T.Strunk EDV-Dienstleistung)
Task: {A0F20FC6-E88D-4881-87BF-51F340225835} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AA338160-A2D3-4BA6-83B2-50DB56F752F2} - System32\Tasks\{482B56D0-D519-4AC9-8F90-A7D5D6FF18D4} => C:\Program Files\HP\HP LaserJet M1210 MFP Series\Scan To\hppscan0.exe [2009-11-18] (Hewlett-Packard Co.)
Task: {C19F60BB-CA02-4081-9DFD-F2CA19796DA6} - System32\Tasks\{8127CB92-E427-4CFD-87C2-91D5819058DB} => C:\Program Files (x86)\1&amp;1\1&amp;1 EasyLogin\EasyLogin.exe
Task: {C5271A02-BAC6-4851-B5D2-0B2D1B95583B} - System32\Tasks\{1D9269CD-D7BB-4689-8982-5075366E1DC0} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2012-05-14] (Avira Operations GmbH & Co. KG)
Task: {D310F913-8296-44E0-977A-CF73F7791BD7} - System32\Tasks\{56E4DBD7-41E9-458A-9CCB-B2C0CFC6D816} => D:\Battery Charger Monitor\usb-drv\slabuninme.exe
Task: {FFFF2D25-2D4A-4DBA-A0AA-E46B69FF61A3} - System32\Tasks\{02A371A2-2DBF-4C3D-9AA4-015AE6B0BF39} => C:\Program Files (x86)\1&amp;1\1&amp;1 EasyLogin\EasyLogin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-18 04:03 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2007-01-15 11:52 - 2007-01-15 11:52 - 00022016 _____ () C:\Windows\System32\cx21sl6.dll
2010-11-21 10:26 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2010-11-21 10:26 - 2006-02-22 11:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-03-15 14:57 - 2009-11-20 14:43 - 00405504 _____ () C:\Windows\System32\HPM1210LM.DLL
2011-02-12 19:08 - 2008-06-04 08:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2011-03-15 14:58 - 2009-11-20 14:43 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.DLL
2011-03-15 14:57 - 2009-11-20 14:43 - 03092480 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2011-03-15 14:57 - 2009-11-20 15:06 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2007-12-12 10:29 - 2007-12-12 10:29 - 00036864 _____ () C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
2010-11-20 19:07 - 2003-09-14 23:08 - 01142784 _____ () C:\mysql\bin\mysqld-nt.exe
2010-11-13 12:40 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2010-11-13 12:40 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-11-13 12:40 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2010-11-13 12:40 - 2009-06-05 08:18 - 47581696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2011-03-15 14:55 - 2009-12-04 01:01 - 00212480 _____ () C:\Windows\system32\m1210wia.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-20 19:07 - 2003-09-14 23:08 - 00233472 _____ () C:\mysql\bin\LIBMYSQL.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: AVM ISDN CoNDIS WAN CAPI Driver
Description: AVM ISDN CoNDIS WAN CAPI Driver
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AVM GmbH
Service: AVMCOWAN
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2014 07:25:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 15.4.3538.513, Zeitstempel: 0x4dcdb2b3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x026f8788
ID des fehlerhaften Prozesses: 0x808
Startzeit der fehlerhaften Anwendung: 0xmsnmsgr.exe0
Pfad der fehlerhaften Anwendung: msnmsgr.exe1
Pfad des fehlerhaften Moduls: msnmsgr.exe2
Berichtskennung: msnmsgr.exe3

Error: (08/20/2014 02:22:16 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (08/20/2014 02:22:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "CoFIS,type="win32",version="1.4.2.0"1". Fehler in Manifest- oder Richtliniendatei "CoFIS,type="win32",version="1.4.2.0"2" in Zeile  CoFIS,type="win32",version="1.4.2.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: CoFIS,type="win32",version="1.4.2.0".
Definition: CoFIS,type="win32",version="1.4.3.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (08/20/2014 02:21:28 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (08/20/2014 00:43:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17239, Zeitstempel: 0x53d22946
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x80000003
Fehleroffset: 0x00013226
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (08/20/2014 00:18:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2014 00:16:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2014 00:16:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2014 00:16:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/18/2014 09:33:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17239, Zeitstempel: 0x53d22946
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000002c
ID des fehlerhaften Prozesses: 0x18d4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3


System errors:
=============
Error: (08/20/2014 07:30:59 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (08/20/2014 07:27:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/20/2014 07:27:35 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/20/2014 07:24:23 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Email Schutz" ist vom Dienst "Avira Echtzeit Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (08/20/2014 07:23:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (08/20/2014 07:23:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser Schutz" ist vom Dienst "Avira Echtzeit Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (08/20/2014 07:23:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/20/2014 07:23:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit Scanner erreicht.

Error: (08/20/2014 07:23:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TBPanel" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/20/2014 07:23:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (03/14/2014 06:59:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/08/2013 11:14:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 531 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (02/24/2013 07:45:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/27/2012 09:34:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 71 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (04/19/2012 09:19:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/28/2011 10:50:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1539 seconds with 900 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 38%
Total physical RAM: 4095.18 MB
Available physical RAM: 2511.57 MB
Total Pagefile: 8190.36 MB
Available Pagefile: 6658.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:362.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Backup) (Fixed) (Total:153.38 GB) (Free:5.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0009F47E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 153.4 GB) (Disk ID: CB8FCB8F)
Partition 1: (Active) - (Size=153.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Cheffe (administrator) on HEINZ-PC on 20-08-2014 08:25:14
Running from C:\Users\Cheffe\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Marvell) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
() C:\mysql\bin\mysqld-nt.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MySQL AB) C:\mysql\bin\winmysqladmin.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVM Berlin) C:\Program Files (x86)\FRITZ!\FriFax32.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2171904 2009-06-05] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKU\S-1-5-21-772363471-3089734635-3031877523-1004\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-772363471-3089734635-3031877523-1004\...\MountPoints2: {39b63b38-0b42-11e1-803e-404e57434401} - F:\LaunchU3.exe -a
HKU\S-1-5-21-772363471-3089734635-3031877523-1004\...\MountPoints2: {fde4338a-5bab-11e2-8ee8-404e57434401} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk
ShortcutTarget: ISDNWatch.lnk -> C:\Program Files (x86)\FRITZ!\IWatch.exe (AVM Berlin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata 7 Zahlungserinnerung.lnk
ShortcutTarget: windata 7 Zahlungserinnerung.lnk -> C:\windata\professional 7\win-data pro Zahlungserinnerung.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata Zahlungserinnerung.lnk
ShortcutTarget: windata Zahlungserinnerung.lnk -> C:\windata\SOHO\windataZahlungserinnerung.exe (windata GmbH & Co.KG)
Startup: C:\Users\Cheffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinMySQLadmin.lnk
ShortcutTarget: WinMySQLadmin.lnk -> C:\mysql\bin\winmysqladmin.exe (MySQL AB)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84E7375ECC88CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites1202&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0EtDtB0DtByBtC0FyDtN0D0Tzu0SyBtByEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=742838032&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites1202&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0EtDtB0DtByBtC0FyDtN0D0Tzu0SyBtByEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=742838032&ir=
URLSearchHook: HKLM-x32 - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
URLSearchHook: HKCU - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - DefaultScope {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE542
SearchScopes: HKCU - {9B4FF9CF-A872-425A-8EC9-D1A4B64B65F6} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE542
SearchScopes: HKCU - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {DA9E649B-6494-42A1-881C-160C4B71CCE2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8E96DB4F-0289-4C39-9F7A-BC0DBD516725&apn_sauid=9DA201EE-0633-4D7F-A727-58720B6A8E2A
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Conduit Engine -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: softonic-de3 Toolbar -> {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} -> C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - softonic-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files (x86)\softonic-de3\tbsoft.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-15]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=a8d171f500000000000020cf308e02d2
CHR StartupUrls: "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=a8d171f500000000000020cf308e02d2"
CHR NewTab: "chrome-extension://pflphaooapbgpeakohlggbpidpppgdff/content/newtab/newtab.html"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=a8d171f500000000000020cf308e02d2
CHR DefaultSuggestURL: 
CHR Extension: (Google Wallet) - C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (MySearchDial Neuer Tab) - C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-08-20]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Cheffe\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Cheffe\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Cheffe\AppData\Local\mysearchdial-speeddial.crx [2013-12-24]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [375760 2012-05-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [355840 2009-11-18] (Marvell) [File not signed]
R2 Megatech-Software-Protection; C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE [36864 2007-12-12] () [File not signed]
R2 MySql; C:/mysql/bin/mysqld-nt.exe [1142784 2003-09-14] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 auusb; C:\Windows\System32\DRIVERS\auusb.sys [206896 2009-09-21] (Auerswald GmbH & Co.KG                         )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2007-01-19] (Samsung Electronics)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2007-01-17] (Samsung Electronics Co., Ltd.) [File not signed]
R1 ElRawDisk; C:\Windows\system32\drivers\NTFS2832298485.sys [31432 2014-08-13] (EldoS Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2009-12-04] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2009-12-04] (Marvell Semiconductor, Inc.)
S2 TBPanel; No ImagePath
S3 BS2832298485; \??\C:\Users\Cheffe\AppData\Local\Temp\NTFS.sys [X]
S3 nmwcdx64; system32\drivers\ccdcmbx64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 08:25 - 2014-08-20 08:26 - 00018816 _____ () C:\Users\Cheffe\Desktop\FRST.txt
2014-08-20 08:25 - 2014-08-20 08:25 - 00000000 ____D () C:\FRST
2014-08-20 08:24 - 2014-08-20 00:45 - 02101760 _____ (Farbar) C:\Users\Cheffe\Desktop\FRST64.exe
2014-08-20 01:12 - 2014-08-20 01:12 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-08-20 00:58 - 2014-08-20 00:58 - 00246410 _____ () C:\Users\Cheffe\AppData\Local\census.cache
2014-08-20 00:58 - 2014-08-20 00:58 - 00112796 _____ () C:\Users\Cheffe\AppData\Local\ars.cache
2014-08-20 00:57 - 2014-08-20 00:57 - 00380416 _____ () C:\Users\Cheffe\Downloads\Gmer-19357.exe
2014-08-20 00:56 - 2014-08-20 00:56 - 00050477 _____ () C:\Users\Cheffe\Downloads\Defogger.exe
2014-08-20 00:45 - 2014-08-20 00:45 - 02101760 _____ (Farbar) C:\Users\Cheffe\Downloads\FRST64.exe
2014-08-20 00:34 - 2014-08-20 00:34 - 00000036 _____ () C:\Users\Cheffe\AppData\Local\housecall.guid.cache
2014-08-20 00:29 - 2014-08-20 00:29 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{B7AFD2AA-1080-46A2-9CBF-CD975842E4BB}
2014-08-20 00:20 - 2014-08-20 00:20 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\QuickScan
2014-08-20 00:15 - 2014-08-20 00:16 - 91906368 _____ (AVAST Software) C:\Users\Cheffe\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-20 00:14 - 2014-08-20 00:14 - 02347384 _____ (ESET) C:\Users\Cheffe\Downloads\esetsmartinstaller_enu.exe
2014-08-19 09:53 - 2014-08-19 09:53 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{1911538F-6CBF-488F-AE99-78FF7A2D41F0}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{6FD0C562-E59B-44C3-B13E-D8F84D4675C6}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{1D9269CD-D7BB-4689-8982-5075366E1DC0}
2014-08-14 07:47 - 2014-08-14 07:47 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{E19A3B48-5BFF-40D7-A5F2-9C263F4D5D44}
2014-08-14 03:02 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:02 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:02 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:02 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:02 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:02 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 03:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:49 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 02:49 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 02:49 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 02:49 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 02:49 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 02:49 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 02:49 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 02:49 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 02:49 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 02:49 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 02:49 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 02:49 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 02:49 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 02:49 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 02:49 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 02:49 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 02:49 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 02:48 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 02:48 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 02:48 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 02:48 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 02:48 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 02:48 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 02:48 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 02:48 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 02:48 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 02:48 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 02:48 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 02:48 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 02:48 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 02:48 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 02:48 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 02:48 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 02:48 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 02:48 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 02:48 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 02:48 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 02:48 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 02:48 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 02:48 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 02:48 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 02:48 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 02:48 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 02:48 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 02:48 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 02:48 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 02:48 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 02:48 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 02:48 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 02:48 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 02:48 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 02:48 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 02:48 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 02:48 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 02:48 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 02:48 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 02:48 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 02:48 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 02:48 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 02:48 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 02:48 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 02:48 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 02:48 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 02:48 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 02:48 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 02:48 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 02:48 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 02:48 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 02:48 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 02:48 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 02:48 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 02:48 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 02:48 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 02:46 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 02:46 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 02:46 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 02:46 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 19:38 - 2014-08-13 19:38 - 00003415 _____ () C:\Users\Cheffe\Downloads\Download.htm
2014-08-13 13:55 - 2014-08-13 13:55 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{19FB1524-7BA5-4D0B-83DC-A0370D79A24F}
2014-08-13 13:53 - 2014-08-13 13:53 - 00291352 _____ () C:\Windows\Minidump\081314-36831-01.dmp
2014-08-13 13:53 - 2014-08-13 13:53 - 00140812 _____ () C:\Windows\system32\CFG2832298485
2014-08-13 13:52 - 2014-08-13 13:52 - 543898272 _____ () C:\Windows\MEMORY.DMP
2014-08-13 13:51 - 2014-08-13 13:51 - 00031432 _____ (EldoS Corporation) C:\Windows\system32\Drivers\NTFS2832298485.sys
2014-08-13 13:50 - 2014-08-13 13:50 - 00000020 ___SH () C:\Users\kasse\ntuser.ini
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Vorlagen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Startmenü
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Netzwerkumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Lokale Einstellungen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Eigene Dateien
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Druckumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Musik
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Bilder
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Verlauf
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\kasse
2014-08-13 13:50 - 2010-11-20 23:21 - 00000000 ____D () C:\Users\kasse\AppData\Local\Microsoft Help
2014-08-13 13:50 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-13 13:50 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-13 13:48 - 2014-08-13 13:48 - 00000000 ____D () C:\Users\Cheffe\Downloads\Bestellen
2014-08-12 07:58 - 2014-08-12 07:58 - 00000000 _____ () C:\Users\Cheffe\Documents\PhoenixUninstaller.log
2014-08-11 13:43 - 2014-08-11 13:43 - 00066344 _____ () C:\Users\Cheffe\Documents\PhoenixUpdateInstaller.log
2014-08-11 13:42 - 2014-08-13 14:22 - 00000563 _____ () C:\Users\Cheffe\Documents\PhoenixLauncher.log
2014-08-11 13:41 - 2014-08-11 13:41 - 00000826 _____ () C:\Users\Public\Desktop\Phoenix Builder.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000766 _____ () C:\Users\Public\Desktop\PhoenixRC.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoenixRC
2014-08-11 13:40 - 2014-08-12 07:38 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixBuilder
2014-08-11 13:40 - 2014-08-11 13:43 - 00000000 ____D () C:\Program Files (x86)\PhoenixBuilder
2014-08-11 13:40 - 2014-08-11 13:42 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixTemp
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixRC_backup
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\PhoenixRC
2014-08-11 13:21 - 2014-08-11 13:42 - 00499885 _____ () C:\Users\Cheffe\Documents\PhoenixOnlineInstaller.log
2014-08-02 11:49 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 11:49 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 11:49 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 11:49 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 11:48 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 11:48 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 11:48 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 11:48 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 11:48 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 11:48 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 08:26 - 2014-08-20 08:25 - 00018816 _____ () C:\Users\Cheffe\Desktop\FRST.txt
2014-08-20 08:25 - 2014-08-20 08:25 - 00000000 ____D () C:\FRST
2014-08-20 07:54 - 2012-10-17 06:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-20 07:52 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 07:52 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 07:42 - 2013-12-10 18:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 07:33 - 2010-11-20 22:42 - 00000000 ____D () C:\Users\Cheffe\Documents\khx
2014-08-20 07:32 - 2010-11-13 12:01 - 01273428 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 07:26 - 2011-04-04 19:58 - 00000000 ____D () C:\Users\Cheffe\Tracing
2014-08-20 07:24 - 2014-07-20 05:58 - 00018480 _____ () C:\Windows\setupact.log
2014-08-20 07:24 - 2010-11-21 10:26 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\FRITZ!
2014-08-20 07:23 - 2012-10-17 06:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-20 07:23 - 2010-11-13 12:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-20 07:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-20 01:12 - 2014-08-20 01:12 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-08-20 01:12 - 2013-12-24 16:05 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\newnext.me
2014-08-20 00:58 - 2014-08-20 00:58 - 00246410 _____ () C:\Users\Cheffe\AppData\Local\census.cache
2014-08-20 00:58 - 2014-08-20 00:58 - 00112796 _____ () C:\Users\Cheffe\AppData\Local\ars.cache
2014-08-20 00:57 - 2014-08-20 00:57 - 00380416 _____ () C:\Users\Cheffe\Downloads\Gmer-19357.exe
2014-08-20 00:56 - 2014-08-20 00:56 - 00050477 _____ () C:\Users\Cheffe\Downloads\Defogger.exe
2014-08-20 00:45 - 2014-08-20 08:24 - 02101760 _____ (Farbar) C:\Users\Cheffe\Desktop\FRST64.exe
2014-08-20 00:45 - 2014-08-20 00:45 - 02101760 _____ (Farbar) C:\Users\Cheffe\Downloads\FRST64.exe
2014-08-20 00:34 - 2014-08-20 00:34 - 00000036 _____ () C:\Users\Cheffe\AppData\Local\housecall.guid.cache
2014-08-20 00:29 - 2014-08-20 00:29 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{B7AFD2AA-1080-46A2-9CBF-CD975842E4BB}
2014-08-20 00:26 - 2010-11-13 12:30 - 00632408 _____ () C:\Windows\PFRO.log
2014-08-20 00:26 - 2009-07-14 06:45 - 00527096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-20 00:20 - 2014-08-20 00:20 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\QuickScan
2014-08-20 00:16 - 2014-08-20 00:15 - 91906368 _____ (AVAST Software) C:\Users\Cheffe\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-20 00:14 - 2014-08-20 00:14 - 02347384 _____ (ESET) C:\Users\Cheffe\Downloads\esetsmartinstaller_enu.exe
2014-08-19 21:05 - 2010-11-20 22:45 - 00000000 ____D () C:\Users\Cheffe\Documents\Heinz
2014-08-19 18:03 - 2012-03-08 08:10 - 00001994 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-08-19 09:53 - 2014-08-19 09:53 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{1911538F-6CBF-488F-AE99-78FF7A2D41F0}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{6FD0C562-E59B-44C3-B13E-D8F84D4675C6}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{1D9269CD-D7BB-4689-8982-5075366E1DC0}
2014-08-19 09:16 - 2011-03-29 15:40 - 00000000 ____D () C:\Users\Cheffe\Documents\Wochen- für Speisekarte
2014-08-17 00:00 - 2013-11-15 13:01 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\CAO-FAKTURA
2014-08-14 08:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 07:47 - 2014-08-14 07:47 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{E19A3B48-5BFF-40D7-A5F2-9C263F4D5D44}
2014-08-14 03:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 03:14 - 2010-11-20 22:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:08 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:06 - 2010-11-13 12:15 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 03:01 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 19:38 - 2014-08-13 19:38 - 00003415 _____ () C:\Users\Cheffe\Downloads\Download.htm
2014-08-13 14:22 - 2014-08-11 13:42 - 00000563 _____ () C:\Users\Cheffe\Documents\PhoenixLauncher.log
2014-08-13 13:57 - 2011-04-01 21:40 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\BOM
2014-08-13 13:55 - 2014-08-13 13:55 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{19FB1524-7BA5-4D0B-83DC-A0370D79A24F}
2014-08-13 13:53 - 2014-08-13 13:53 - 00291352 _____ () C:\Windows\Minidump\081314-36831-01.dmp
2014-08-13 13:53 - 2014-08-13 13:53 - 00140812 _____ () C:\Windows\system32\CFG2832298485
2014-08-13 13:53 - 2010-11-21 09:13 - 00000000 ____D () C:\Windows\Minidump
2014-08-13 13:52 - 2014-08-13 13:52 - 543898272 _____ () C:\Windows\MEMORY.DMP
2014-08-13 13:51 - 2014-08-13 13:51 - 00031432 _____ (EldoS Corporation) C:\Windows\system32\Drivers\NTFS2832298485.sys
2014-08-13 13:51 - 2010-11-20 17:55 - 00000000 ____D () C:\Users\Cheffe
2014-08-13 13:50 - 2014-08-13 13:50 - 00000020 ___SH () C:\Users\kasse\ntuser.ini
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Vorlagen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Startmenü
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Netzwerkumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Lokale Einstellungen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Eigene Dateien
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Druckumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Musik
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Bilder
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Verlauf
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\kasse
2014-08-13 13:48 - 2014-08-13 13:48 - 00000000 ____D () C:\Users\Cheffe\Downloads\Bestellen
2014-08-13 07:27 - 2010-11-20 19:12 - 00000000 ____D () C:\Program Files (x86)\CAO-Faktura
2014-08-12 07:59 - 2010-11-20 22:42 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixRC
2014-08-12 07:58 - 2014-08-12 07:58 - 00000000 _____ () C:\Users\Cheffe\Documents\PhoenixUninstaller.log
2014-08-12 07:51 - 2011-01-24 12:25 - 00000000 ____D () C:\Program Files (x86)\PhoenixRC
2014-08-12 07:38 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixBuilder
2014-08-11 13:43 - 2014-08-11 13:43 - 00066344 _____ () C:\Users\Cheffe\Documents\PhoenixUpdateInstaller.log
2014-08-11 13:43 - 2014-08-11 13:40 - 00000000 ____D () C:\Program Files (x86)\PhoenixBuilder
2014-08-11 13:42 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixTemp
2014-08-11 13:42 - 2014-08-11 13:21 - 00499885 _____ () C:\Users\Cheffe\Documents\PhoenixOnlineInstaller.log
2014-08-11 13:41 - 2014-08-11 13:41 - 00000826 _____ () C:\Users\Public\Desktop\Phoenix Builder.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000766 _____ () C:\Users\Public\Desktop\PhoenixRC.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoenixRC
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixRC_backup
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\PhoenixRC
2014-08-11 13:40 - 2010-12-13 21:29 - 02807296 _____ (Runtime Games Ltd) C:\Users\Cheffe\Desktop\phoenixRC.exe
2014-08-09 06:20 - 2014-04-14 15:33 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-09 06:20 - 2014-04-14 15:33 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-07 04:06 - 2014-08-14 02:46 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 02:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 07:51 - 2010-11-13 08:36 - 00098706 _____ () C:\Users\Cheffe\Documents\FritzAdr.dbf
2014-08-06 07:51 - 2010-11-13 08:36 - 00009216 _____ () C:\Users\Cheffe\Documents\FritzAdr.mdx
2014-08-02 18:48 - 2010-11-20 22:42 - 00000000 ____D () C:\Users\Cheffe\Documents\Rechnungen
2014-08-01 01:41 - 2014-08-14 02:48 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 02:48 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 11:48 - 2009-07-14 19:58 - 00702320 _____ () C:\Windows\system32\perfh007.dat
2014-07-27 11:48 - 2009-07-14 19:58 - 00150400 _____ () C:\Windows\system32\perfc007.dat
2014-07-27 11:48 - 2009-07-14 07:13 - 01628440 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 16:52 - 2014-08-14 02:48 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 02:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 02:48 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 02:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 02:48 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 02:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 02:48 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 02:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 02:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 02:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 02:48 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 02:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 02:48 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 02:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 02:48 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 02:48 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 02:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 02:48 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 02:48 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 02:48 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 02:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 02:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 02:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 02:48 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 02:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 02:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 02:48 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 02:48 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 02:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 02:48 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 02:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 02:48 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 02:48 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 02:48 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 02:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 02:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 02:48 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 02:48 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 02:48 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 02:48 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 02:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 02:48 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 02:48 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 02:48 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 02:48 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 02:48 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 02:48 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 02:48 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\Users\Cheffe\slabunin.exe
C:\Users\Cheffe\slabunin2k.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 02:43

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Bootsektor · 20.08.2014, 22:32

Hallo,

Schritt 1
Bitte deinstalliere folgende Programme (falls vorhanden) :

Conduit Engine
Java 7 Update 25
Java(TM) 6 Update 23
softonic-de3 Toolbar

Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Deinstalliere bitte einmal Avira und lade es erneut herunter,teste, ob es sich nun starten lässt.
Benutze zur Deinstallation bitte folgendes Tool.
Avira Registry Cleaner

Schritt 4
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

Jackomo · 21.08.2014, 21:30

Hallo Sandra,
Danke für die Instruktionen.

Folgender "report"

conduit engine deinstalliert --> OK
Java7 Update 25 deinstalliert -> OK (zeigte beim uninstall Java7 update 17 an )
Java (TM) 6 Update 23 (64bit) deinstalliert --> OK
Softonic -de3 Toolbar deinstalliert --> OK
ADWCLEANER 3.308 clean --> erfolgreich
AVira registry cleaner --> nur kurzes Aufblitzen
AVIRA Professional Security immer noch in Systemsteuerung als installiert sichtbar
Neuinstallation klappt nicht

Nachfolgend die Logs

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.308 - Bericht erstellt am 21/08/2014 um 22:05:00
# Aktualisiert 20/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Cheffe - HEINZ-PC
# Gestartet von : C:\Users\Cheffe\Downloads\adwcleaner_3.308.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Program Files (x86)\Allin1Convert_8hEI
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\ConduitEngine
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Users\Cheffe\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Cheffe\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Cheffe\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Cheffe\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Cheffe\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Cheffe\AppData\Roaming\newnext.me
Ordner Gelöscht : C:\Users\Cheffe\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Cheffe\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Cheffe\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Cheffe\daemonprocess.txt
Datei Gelöscht : C:\Users\Cheffe\AppData\Local\mysearchdial-speeddial.crx
Datei Gelöscht : C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\wajam.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17239

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v36.0.1985.143

[ Datei : C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=a8d171f500000000000020cf308e02d2
Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ORJ&o=100000027&locale=de_DE&apn_uid=8E96DB4F-0289-4C39-9F7A-BC0DBD516725&apn_ptnrs=U3&apn_sauid=9DA201EE-0633-4D7F-A727-58720B6A8E2A&apn_dtid=OSJ000YYDE&q={searchTerms}
Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites1202&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDzz0EtDtB0DtByBtC0FyDtN0D0Tzu0SyBtByEtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=742838032&ir=
Gelöscht [Startup_urls] : hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=a8d171f500000000000020cf308e02d2
Gelöscht [Homepage] : hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=a8d171f500000000000020cf308e02d2
Gelöscht [Extension] : elchiiiejkobdbblfejjkbphbddgmljf
Gelöscht [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
Gelöscht [Extension] : pflphaooapbgpeakohlggbpidpppgdff

*************************

AdwCleaner[R0].txt - [12132 octets] - [21/08/2014 22:03:24]
AdwCleaner[S0].txt - [11112 octets] - [21/08/2014 22:05:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11173 octets] ##########

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Cheffe (administrator) on HEINZ-PC on 21-08-2014 22:22:41
Running from C:\Users\Cheffe\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Marvell) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
(HP) C:\Windows\System32\HPSIsvc.exe
() C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
() C:\mysql\bin\mysqld-nt.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(MySQL AB) C:\mysql\bin\winmysqladmin.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (CANON INC.)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2171904 2009-06-05] (VIA)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
HKU\S-1-5-21-772363471-3089734635-3031877523-1004\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4283256 2011-05-13] (Microsoft Corporation)
HKU\S-1-5-21-772363471-3089734635-3031877523-1004\...\MountPoints2: {39b63b38-0b42-11e1-803e-404e57434401} - F:\LaunchU3.exe -a
HKU\S-1-5-21-772363471-3089734635-3031877523-1004\...\MountPoints2: {fde4338a-5bab-11e2-8ee8-404e57434401} - F:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk
ShortcutTarget: ISDNWatch.lnk -> C:\Program Files (x86)\FRITZ!\IWatch.exe (AVM Berlin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata 7 Zahlungserinnerung.lnk
ShortcutTarget: windata 7 Zahlungserinnerung.lnk -> C:\windata\professional 7\win-data pro Zahlungserinnerung.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\windata Zahlungserinnerung.lnk
ShortcutTarget: windata Zahlungserinnerung.lnk -> C:\windata\SOHO\windataZahlungserinnerung.exe (windata GmbH & Co.KG)
Startup: C:\Users\Cheffe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinMySQLadmin.lnk
ShortcutTarget: WinMySQLadmin.lnk -> C:\mysql\bin\winmysqladmin.exe (MySQL AB)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84E7375ECC88CB01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM-x32 - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {9B4FF9CF-A872-425A-8EC9-D1A4B64B65F6} URL = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7AURU_deDE542
SearchScopes: HKCU - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {DA9E649B-6494-42A1-881C-160C4B71CCE2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8E96DB4F-0289-4C39-9F7A-BC0DBD516725&apn_sauid=9DA201EE-0633-4D7F-A727-58720B6A8E2A
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-03-15]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR NewTab: "chrome-extension://pflphaooapbgpeakohlggbpidpppgdff/content/newtab/newtab.html"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=a8d171f500000000000020cf308e02d2
CHR DefaultSuggestURL: 
CHR Extension: (Google Wallet) - C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-02]
CHR Extension: (No Name) - C:\Users\Cheffe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-08-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [375760 2012-05-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [355840 2009-11-18] (Marvell) [File not signed]
R2 Megatech-Software-Protection; C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE [36864 2007-12-12] () [File not signed]
R2 MySql; C:/mysql/bin/mysqld-nt.exe [1142784 2003-09-14] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 auusb; C:\Windows\System32\DRIVERS\auusb.sys [206896 2009-09-21] (Auerswald GmbH & Co.KG                         )
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [54072 2007-01-19] (Samsung Electronics)
S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2007-01-17] (Samsung Electronics Co., Ltd.) [File not signed]
R1 ElRawDisk; C:\Windows\system32\drivers\NTFS2832298485.sys [31432 2014-08-13] (EldoS Corporation)
R3 FPCIBASE; C:\Windows\System32\DRIVERS\fpcibase.sys [899328 2009-06-10] (AVM Berlin)
R3 HP1210FAX; C:\Windows\System32\Drivers\HPM1210FAX.sys [16384 2009-12-04] ()
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2009-12-04] (Marvell Semiconductor, Inc.)
S2 TBPanel; No ImagePath
S3 BS2832298485; \??\C:\Users\Cheffe\AppData\Local\Temp\NTFS.sys [X]
S3 nmwcdx64; system32\drivers\ccdcmbx64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 22:22 - 2014-08-21 22:23 - 00015101 _____ () C:\Users\Cheffe\Desktop\FRST.txt
2014-08-21 22:16 - 2014-08-21 22:17 - 170918088 _____ () C:\Users\Cheffe\Downloads\avira_professional_security_de.exe
2014-08-21 22:11 - 2014-08-21 22:11 - 00227096 _____ () C:\Users\Cheffe\Downloads\avira_registry_cleaner_de.exe
2014-08-21 22:08 - 2014-08-21 22:09 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{51BC36CA-CF80-4E82-8656-10EBF0620D3D}
2014-08-21 22:08 - 2014-08-21 22:08 - 00011430 _____ () C:\Users\Cheffe\Desktop\AdwCleaner[S0].txt
2014-08-21 22:04 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-21 22:03 - 2014-08-21 22:05 - 00000000 ____D () C:\AdwCleaner
2014-08-21 22:02 - 2014-08-21 22:02 - 01364531 _____ () C:\Users\Cheffe\Downloads\adwcleaner_3.308.exe
2014-08-21 21:56 - 2014-08-21 22:22 - 00000379 _____ () C:\Users\Cheffe\Desktop\Neues Textdokument.txt
2014-08-20 08:25 - 2014-08-21 22:22 - 00000000 ____D () C:\FRST
2014-08-20 08:24 - 2014-08-20 00:45 - 02101760 _____ (Farbar) C:\Users\Cheffe\Desktop\FRST64.exe
2014-08-20 01:12 - 2014-08-20 01:12 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-08-20 00:58 - 2014-08-20 00:58 - 00246410 _____ () C:\Users\Cheffe\AppData\Local\census.cache
2014-08-20 00:58 - 2014-08-20 00:58 - 00112796 _____ () C:\Users\Cheffe\AppData\Local\ars.cache
2014-08-20 00:57 - 2014-08-20 00:57 - 00380416 _____ () C:\Users\Cheffe\Downloads\Gmer-19357.exe
2014-08-20 00:56 - 2014-08-20 00:56 - 00050477 _____ () C:\Users\Cheffe\Downloads\Defogger.exe
2014-08-20 00:45 - 2014-08-20 00:45 - 02101760 _____ (Farbar) C:\Users\Cheffe\Downloads\FRST64.exe
2014-08-20 00:34 - 2014-08-20 00:34 - 00000036 _____ () C:\Users\Cheffe\AppData\Local\housecall.guid.cache
2014-08-20 00:29 - 2014-08-20 00:29 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{B7AFD2AA-1080-46A2-9CBF-CD975842E4BB}
2014-08-20 00:20 - 2014-08-20 00:20 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\QuickScan
2014-08-20 00:15 - 2014-08-20 00:16 - 91906368 _____ (AVAST Software) C:\Users\Cheffe\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-20 00:14 - 2014-08-20 00:14 - 02347384 _____ (ESET) C:\Users\Cheffe\Downloads\esetsmartinstaller_enu.exe
2014-08-19 09:53 - 2014-08-19 09:53 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{1911538F-6CBF-488F-AE99-78FF7A2D41F0}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{6FD0C562-E59B-44C3-B13E-D8F84D4675C6}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{1D9269CD-D7BB-4689-8982-5075366E1DC0}
2014-08-14 07:47 - 2014-08-14 07:47 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{E19A3B48-5BFF-40D7-A5F2-9C263F4D5D44}
2014-08-14 03:02 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:02 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:02 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:02 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:02 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:02 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 03:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 02:49 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 02:49 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 02:49 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 02:49 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 02:49 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 02:49 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 02:49 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 02:49 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 02:49 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 02:49 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 02:49 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 02:49 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 02:49 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 02:49 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 02:49 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 02:49 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 02:49 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 02:49 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 02:49 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-14 02:48 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-14 02:48 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 02:48 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 02:48 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 02:48 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-14 02:48 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 02:48 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-14 02:48 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 02:48 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-14 02:48 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 02:48 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-14 02:48 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 02:48 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-14 02:48 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 02:48 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 02:48 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 02:48 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-14 02:48 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-14 02:48 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-14 02:48 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 02:48 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 02:48 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-14 02:48 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-14 02:48 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-14 02:48 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 02:48 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-14 02:48 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 02:48 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-14 02:48 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 02:48 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 02:48 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-14 02:48 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 02:48 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 02:48 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 02:48 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-14 02:48 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 02:48 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 02:48 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 02:48 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-14 02:48 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-14 02:48 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 02:48 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-14 02:48 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-14 02:48 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 02:48 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 02:48 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 02:48 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 02:48 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 02:48 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-14 02:48 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 02:48 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 02:48 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 02:48 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-14 02:48 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-14 02:48 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 02:48 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 02:46 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 02:46 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 02:46 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 02:46 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 19:38 - 2014-08-13 19:38 - 00003415 _____ () C:\Users\Cheffe\Downloads\Download.htm
2014-08-13 13:55 - 2014-08-13 13:55 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{19FB1524-7BA5-4D0B-83DC-A0370D79A24F}
2014-08-13 13:53 - 2014-08-20 09:24 - 00128260 _____ () C:\Windows\system32\CFG2832298485
2014-08-13 13:53 - 2014-08-13 13:53 - 00291352 _____ () C:\Windows\Minidump\081314-36831-01.dmp
2014-08-13 13:52 - 2014-08-13 13:52 - 543898272 _____ () C:\Windows\MEMORY.DMP
2014-08-13 13:51 - 2014-08-13 13:51 - 00031432 _____ (EldoS Corporation) C:\Windows\system32\Drivers\NTFS2832298485.sys
2014-08-13 13:50 - 2014-08-13 13:50 - 00000020 ___SH () C:\Users\kasse\ntuser.ini
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Vorlagen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Startmenü
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Netzwerkumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Lokale Einstellungen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Eigene Dateien
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Druckumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Musik
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Bilder
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Verlauf
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\kasse
2014-08-13 13:50 - 2010-11-20 23:21 - 00000000 ____D () C:\Users\kasse\AppData\Local\Microsoft Help
2014-08-13 13:50 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-13 13:50 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-13 13:48 - 2014-08-13 13:48 - 00000000 ____D () C:\Users\Cheffe\Downloads\Bestellen
2014-08-11 13:41 - 2014-08-11 13:41 - 00000826 _____ () C:\Users\Public\Desktop\Phoenix Builder.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000766 _____ () C:\Users\Public\Desktop\PhoenixRC.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoenixRC
2014-08-11 13:40 - 2014-08-12 07:38 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixBuilder
2014-08-11 13:40 - 2014-08-11 13:43 - 00000000 ____D () C:\Program Files (x86)\PhoenixBuilder
2014-08-11 13:40 - 2014-08-11 13:42 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixTemp
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixRC_backup
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\PhoenixRC
2014-08-02 11:49 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 11:49 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 11:49 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 11:49 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 11:48 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 11:48 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 11:48 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 11:48 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 11:48 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 11:48 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 11:48 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-21 22:23 - 2014-08-21 22:22 - 00015101 _____ () C:\Users\Cheffe\Desktop\FRST.txt
2014-08-21 22:22 - 2014-08-21 21:56 - 00000379 _____ () C:\Users\Cheffe\Desktop\Neues Textdokument.txt
2014-08-21 22:22 - 2014-08-20 08:25 - 00000000 ____D () C:\FRST
2014-08-21 22:17 - 2014-08-21 22:16 - 170918088 _____ () C:\Users\Cheffe\Downloads\avira_professional_security_de.exe
2014-08-21 22:15 - 2010-11-13 12:01 - 01359331 _____ () C:\Windows\WindowsUpdate.log
2014-08-21 22:14 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-21 22:14 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-21 22:11 - 2014-08-21 22:11 - 00227096 _____ () C:\Users\Cheffe\Downloads\avira_registry_cleaner_de.exe
2014-08-21 22:09 - 2014-08-21 22:08 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{51BC36CA-CF80-4E82-8656-10EBF0620D3D}
2014-08-21 22:08 - 2014-08-21 22:08 - 00011430 _____ () C:\Users\Cheffe\Desktop\AdwCleaner[S0].txt
2014-08-21 22:08 - 2014-07-20 05:58 - 00018872 _____ () C:\Windows\setupact.log
2014-08-21 22:08 - 2011-04-04 19:58 - 00000000 ____D () C:\Users\Cheffe\Tracing
2014-08-21 22:07 - 2012-10-17 06:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-21 22:07 - 2010-11-13 12:31 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-21 22:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-21 22:07 - 2009-07-14 06:45 - 00527488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 22:06 - 2010-11-13 12:30 - 00634132 _____ () C:\Windows\PFRO.log
2014-08-21 22:05 - 2014-08-21 22:03 - 00000000 ____D () C:\AdwCleaner
2014-08-21 22:05 - 2010-11-20 17:55 - 00000000 ____D () C:\Users\Cheffe
2014-08-21 22:02 - 2014-08-21 22:02 - 01364531 _____ () C:\Users\Cheffe\Downloads\adwcleaner_3.308.exe
2014-08-21 21:54 - 2012-10-17 06:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-21 21:42 - 2013-12-10 18:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-21 16:13 - 2010-11-20 22:45 - 00000000 ____D () C:\Users\Cheffe\Documents\Heinz
2014-08-21 07:40 - 2013-11-15 13:01 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\CAO-FAKTURA
2014-08-20 13:20 - 2010-11-20 22:42 - 00000000 ____D () C:\Users\Cheffe\Documents\khx
2014-08-20 09:24 - 2014-08-13 13:53 - 00128260 _____ () C:\Windows\system32\CFG2832298485
2014-08-20 07:24 - 2010-11-21 10:26 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\FRITZ!
2014-08-20 01:12 - 2014-08-20 01:12 - 00238128 _____ () C:\Windows\RegBootClean64.exe
2014-08-20 00:58 - 2014-08-20 00:58 - 00246410 _____ () C:\Users\Cheffe\AppData\Local\census.cache
2014-08-20 00:58 - 2014-08-20 00:58 - 00112796 _____ () C:\Users\Cheffe\AppData\Local\ars.cache
2014-08-20 00:57 - 2014-08-20 00:57 - 00380416 _____ () C:\Users\Cheffe\Downloads\Gmer-19357.exe
2014-08-20 00:56 - 2014-08-20 00:56 - 00050477 _____ () C:\Users\Cheffe\Downloads\Defogger.exe
2014-08-20 00:45 - 2014-08-20 08:24 - 02101760 _____ (Farbar) C:\Users\Cheffe\Desktop\FRST64.exe
2014-08-20 00:45 - 2014-08-20 00:45 - 02101760 _____ (Farbar) C:\Users\Cheffe\Downloads\FRST64.exe
2014-08-20 00:34 - 2014-08-20 00:34 - 00000036 _____ () C:\Users\Cheffe\AppData\Local\housecall.guid.cache
2014-08-20 00:29 - 2014-08-20 00:29 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{B7AFD2AA-1080-46A2-9CBF-CD975842E4BB}
2014-08-20 00:20 - 2014-08-20 00:20 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\QuickScan
2014-08-20 00:16 - 2014-08-20 00:15 - 91906368 _____ (AVAST Software) C:\Users\Cheffe\Downloads\avast_free_antivirus_setup_9_0_2021.exe
2014-08-20 00:14 - 2014-08-20 00:14 - 02347384 _____ (ESET) C:\Users\Cheffe\Downloads\esetsmartinstaller_enu.exe
2014-08-19 18:03 - 2012-03-08 08:10 - 00001994 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-08-19 09:53 - 2014-08-19 09:53 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{1911538F-6CBF-488F-AE99-78FF7A2D41F0}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{6FD0C562-E59B-44C3-B13E-D8F84D4675C6}
2014-08-19 09:20 - 2014-08-19 09:20 - 00002982 _____ () C:\Windows\System32\Tasks\{1D9269CD-D7BB-4689-8982-5075366E1DC0}
2014-08-19 09:16 - 2011-03-29 15:40 - 00000000 ____D () C:\Users\Cheffe\Documents\Wochen- für Speisekarte
2014-08-14 08:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 07:47 - 2014-08-14 07:47 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{E19A3B48-5BFF-40D7-A5F2-9C263F4D5D44}
2014-08-14 03:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 03:14 - 2010-11-20 22:27 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-14 03:08 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 03:06 - 2010-11-13 12:15 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-14 03:01 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-13 19:38 - 2014-08-13 19:38 - 00003415 _____ () C:\Users\Cheffe\Downloads\Download.htm
2014-08-13 13:57 - 2011-04-01 21:40 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\BOM
2014-08-13 13:55 - 2014-08-13 13:55 - 00000000 ____D () C:\Users\Cheffe\AppData\Local\{19FB1524-7BA5-4D0B-83DC-A0370D79A24F}
2014-08-13 13:53 - 2014-08-13 13:53 - 00291352 _____ () C:\Windows\Minidump\081314-36831-01.dmp
2014-08-13 13:53 - 2010-11-21 09:13 - 00000000 ____D () C:\Windows\Minidump
2014-08-13 13:52 - 2014-08-13 13:52 - 543898272 _____ () C:\Windows\MEMORY.DMP
2014-08-13 13:51 - 2014-08-13 13:51 - 00031432 _____ (EldoS Corporation) C:\Windows\system32\Drivers\NTFS2832298485.sys
2014-08-13 13:50 - 2014-08-13 13:50 - 00000020 ___SH () C:\Users\kasse\ntuser.ini
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Vorlagen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Startmenü
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Netzwerkumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Lokale Einstellungen
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Eigene Dateien
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Druckumgebung
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Musik
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Documents\Eigene Bilder
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Verlauf
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\AppData\Local\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 _SHDL () C:\Users\kasse\Anwendungsdaten
2014-08-13 13:50 - 2014-08-13 13:50 - 00000000 ____D () C:\Users\kasse
2014-08-13 13:48 - 2014-08-13 13:48 - 00000000 ____D () C:\Users\Cheffe\Downloads\Bestellen
2014-08-13 07:27 - 2010-11-20 19:12 - 00000000 ____D () C:\Program Files (x86)\CAO-Faktura
2014-08-12 07:59 - 2010-11-20 22:42 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixRC
2014-08-12 07:51 - 2011-01-24 12:25 - 00000000 ____D () C:\Program Files (x86)\PhoenixRC
2014-08-12 07:38 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixBuilder
2014-08-11 13:43 - 2014-08-11 13:40 - 00000000 ____D () C:\Program Files (x86)\PhoenixBuilder
2014-08-11 13:42 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixTemp
2014-08-11 13:41 - 2014-08-11 13:41 - 00000826 _____ () C:\Users\Public\Desktop\Phoenix Builder.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000766 _____ () C:\Users\Public\Desktop\PhoenixRC.lnk
2014-08-11 13:41 - 2014-08-11 13:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhoenixRC
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\Documents\PhoenixRC_backup
2014-08-11 13:40 - 2014-08-11 13:40 - 00000000 ____D () C:\Users\Cheffe\AppData\Roaming\PhoenixRC
2014-08-11 13:40 - 2010-12-13 21:29 - 02807296 _____ (Runtime Games Ltd) C:\Users\Cheffe\Desktop\phoenixRC.exe
2014-08-09 06:20 - 2014-04-14 15:33 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-09 06:20 - 2014-04-14 15:33 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-08-07 04:06 - 2014-08-14 02:46 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 02:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-06 07:51 - 2010-11-13 08:36 - 00098706 _____ () C:\Users\Cheffe\Documents\FritzAdr.dbf
2014-08-06 07:51 - 2010-11-13 08:36 - 00009216 _____ () C:\Users\Cheffe\Documents\FritzAdr.mdx
2014-08-02 18:48 - 2010-11-20 22:42 - 00000000 ____D () C:\Users\Cheffe\Documents\Rechnungen
2014-08-01 01:41 - 2014-08-14 02:48 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-14 02:48 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-27 11:48 - 2009-07-14 19:58 - 00702320 _____ () C:\Windows\system32\perfh007.dat
2014-07-27 11:48 - 2009-07-14 19:58 - 00150400 _____ () C:\Windows\system32\perfc007.dat
2014-07-27 11:48 - 2009-07-14 07:13 - 01628440 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-25 16:52 - 2014-08-14 02:48 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-14 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-14 02:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-14 02:48 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-14 02:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-14 02:48 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-14 02:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-14 02:48 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-14 02:48 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-14 02:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-14 02:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-14 02:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-14 02:48 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-14 02:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-14 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-14 02:48 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-14 02:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-14 02:48 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-14 02:48 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-14 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-14 02:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-14 02:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-14 02:48 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-14 02:48 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-14 02:48 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-14 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-14 02:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-14 02:48 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-14 02:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-14 02:48 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-14 02:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-14 02:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-14 02:48 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-14 02:48 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-14 02:48 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-14 02:48 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-14 02:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-14 02:48 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-14 02:48 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-14 02:48 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-14 02:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-14 02:48 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-14 02:48 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-14 02:48 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-14 02:48 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-14 02:48 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-14 02:48 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-14 02:48 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-14 02:48 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-14 02:48 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-14 02:48 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-14 02:48 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-14 02:48 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-14 02:48 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Files to move or delete:
====================
C:\Users\Cheffe\slabunin.exe
C:\Users\Cheffe\slabunin2k.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 02:43

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Cheffe at 2014-08-21 22:23:57
Running from C:\Users\Cheffe\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AddExcel2007 (HKLM-x32\...\{409A5B89-0C37-4E72-98A0-021C89F1654D}) (Version: 1.7.2 - ADDISON Software und Service GmbH)
AddWord2007 (HKLM-x32\...\{28E4BDD0-7B3D-48DC-ACA1-594C73B6EF58}) (Version: 1.7.1 - ADDISON Software und Service GmbH)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Amadeus (HKLM-x32\...\{CDD74363-EC31-4924-A224-E287ADEBC9F6}) (Version: 3.0 - Amadeus Software, Research & Development GmbH)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Auerswald COMset 2.7.2 (HKLM-x32\...\{B1D2A138-D53E-4D3F-B547-EA2277007746}) (Version: 2.7.2 - Auerswald GmbH & Co.KG)
Avery Wizard 4.0 (HKLM-x32\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Avira Professional Security (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.1.9.1580 - Avira)
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Biet-O-Matic v2.12.0 (HKLM-x32\...\Biet-O-Matic v2.12.0) (Version: Biet-O-Matic v2.12.0 - BOM Development Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother P-touch Editor 5.0 (HKLM-x32\...\InstallShield_{DF9A6075-9308-4572-8932-A4316243C4D9}) (Version: 5.0.2002 - Brother Industries, Ltd.)
Brother P-touch Editor 5.0 (x32 Version: 5.0.2002 - Brother Industries, Ltd.) Hidden
Brother P-touch Editor Etikettenvorlagen - Arztpraxis #1 [DEU] (HKLM-x32\...\{98EBF604-98F9-4EF3-A53F-1E5A337578FD}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Arztpraxis #2 [DEU] (HKLM-x32\...\{E0E9C868-D080-4082-B0F6-97A6484BA40A}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Büroschilder [DEU] (HKLM-x32\...\{99050100-9321-4C31-854B-87E2B251AC64}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Dateien [DEU] (HKLM-x32\...\{7BE5BE58-24F1-43E3-BF05-7A2B734ED61B}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Halloween [DEU] (HKLM-x32\...\{1F61DE24-8817-4448-8699-85476867ADBF}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Ökologie [DEU] (HKLM-x32\...\{28D68CB9-053B-4C12-8748-E7A6E6B69DB6}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Persönlich #3 [DEU] (HKLM-x32\...\{38F9BADC-91BB-48E2-8CD3-4C71FE623FF8}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Persönlich [DEU] (HKLM-x32\...\{43A1F65B-6566-47D2-B18A-BB27260CD2DD}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Versand [DEU] (HKLM-x32\...\{B039E2DF-803B-4616-8992-6DB4EFF7C362}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Vertrieb #3 [DEU] (HKLM-x32\...\{8CCE5E3D-7574-4451-84F6-3C902855C6E8}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Vertrieb [DEU] (HKLM-x32\...\{F29A877C-4657-4D8F-B480-0BC1607A0447}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Vorsicht [DEU] (HKLM-x32\...\{A7BC48DE-53A4-4482-999C-280D7839EE6C}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Editor Etikettenvorlagen - Weihnachten [DEU] (HKLM-x32\...\{9ACF534D-2290-4333-AB0D-3AB02A6BBB41}) (Version: 1.0.001 - Brother Industries, Ltd.)
Brother P-touch Update Software (HKLM-x32\...\{A598BEC3-4F02-413E-9649-C5A1879DB558}) (Version: 1.0.0010 - Brother Industries, Ltd.)
Canon iP4600 series Benutzerregistrierung (HKLM-x32\...\Canon iP4600 series Benutzerregistrierung) (Version:  - )
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CAO-Faktura 1.4 (HKLM-x32\...\{2121BEF3-F102-4B7F-B5CF-A5299DAADA25}_is1) (Version: 1.4.1.10 - JP-Soft/AVE-Raßmann)
Corel Graphics Suite 11 (x32 Version: 11 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 11 (HKLM-x32\...\InstallShield_{1C63DD23-6554-4A1F-8D0D-B5A6B49D8015}) (Version: 11 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dsdminst (x32 Version: 1.01.0002 - Brother Industries, Ltd.) Hidden
Estlcam (HKLM-x32\...\Estlcam) (Version:  - )
EXPERTool 7.8 (HKLM-x32\...\EXPERTool_is1) (Version:  - Gainward Co., Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version:  - )
HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E65099C4-9110-4C31-BD03-5C17EFB5FE92}) (Version: 1.1.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)
JRE 1.6.1 (HKLM-x32\...\{B256C380-AC47-4681-8342-7F42E4F0F434}) (Version: 1.6.1 - Auerswald GmbH & Co.KG)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MX050 v7.4.1 (HKLM-x32\...\{86130655-2C2A-488D-8CC7-B7EDD19876D0}) (Version: 7.4.1 - Avery Berkel)
MX050 v7.4.1 (x32 Version: 7.4.1 - Avery Berkel) Hidden
MySQL Servers and Clients 3.23.58 (HKLM-x32\...\MySQL Servers and Clients 3.23.58) (Version:  - )
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Phoenix R/C® (HKLM-x32\...\PhoenixRC) (Version: 5.0.r - Runtime Games Ltd)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
Profili 2 Professional (HKLM-x32\...\Profili 2 Professional) (Version:  - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version:  - )
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
windata SOHO (HKLM-x32\...\{AFF25BBF-6398-4E86-9858-A160E9E52FB7}) (Version: 08.08.0000 - windata GmbH & Co.KG)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

08-08-2014 21:58:51 Windows Update
10-08-2014 22:00:40 Windows-Sicherung
12-08-2014 08:54:21 Windows Update
14-08-2014 01:00:25 Windows Update
17-08-2014 04:08:28 Windows Update
17-08-2014 22:00:28 Windows-Sicherung
20-08-2014 14:21:17 Windows Update
21-08-2014 19:57:01 Removed Java 7 Update 25
21-08-2014 19:58:37 Removed Java(TM) 6 Update 23 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {272078CC-58FF-4A34-AE7B-1B340C5161C8} - System32\Tasks\{6FD0C562-E59B-44C3-B13E-D8F84D4675C6} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2012-05-14] (Avira Operations GmbH & Co. KG)
Task: {3FC9FE9C-70C5-47D0-A5F0-5B35050481CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {429C3946-4703-42C6-A2DB-D96447276C2E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {5051ABF5-4536-4E42-802B-A62ED19CFD5A} - System32\Tasks\{15D162A9-0175-4521-86BE-E11865EFE1D4} => C:\Program Files\HP\HP LaserJet M1210 MFP Series\Scan To\hppscan0.exe [2009-11-18] (Hewlett-Packard Co.)
Task: {5CA8AFBA-6456-45DF-9A95-D3F28D2B9F31} - System32\Tasks\{C1CD7D87-1EF1-4277-9A79-C828BB95C49C} => D:\Battery Charger Monitor\usb-drv\slabunin.exe
Task: {5F1C588D-0AAE-4529-BBE8-56C695F186BB} - System32\Tasks\{69BE94DE-C51F-4D36-81C6-1BA9240971ED} => D:\Battery Charger Monitor\usb-drv\install.exe
Task: {78C146C9-4B74-4F4D-9B0F-EFEE3DD28604} - System32\Tasks\{71D86000-85D9-478D-B24C-43A6D5702E6F} => C:\Program Files\HP\HP LaserJet M1210 MFP Series\Scan To\hppscan0.exe [2009-11-18] (Hewlett-Packard Co.)
Task: {79623DFF-1664-49BE-BA3B-BD1BC2EBFB1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {97F8BC25-1CD4-4ACA-AFC7-3E016F96773E} - System32\Tasks\{15658220-8E35-4EC5-A127-32A16C571919} => C:\Program Files (x86)\CAO-Faktura\cao_faktura.exe [2014-08-13] (T.Strunk EDV-Dienstleistung)
Task: {A0F20FC6-E88D-4881-87BF-51F340225835} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {AA338160-A2D3-4BA6-83B2-50DB56F752F2} - System32\Tasks\{482B56D0-D519-4AC9-8F90-A7D5D6FF18D4} => C:\Program Files\HP\HP LaserJet M1210 MFP Series\Scan To\hppscan0.exe [2009-11-18] (Hewlett-Packard Co.)
Task: {C19F60BB-CA02-4081-9DFD-F2CA19796DA6} - System32\Tasks\{8127CB92-E427-4CFD-87C2-91D5819058DB} => C:\Program Files (x86)\1&amp;1\1&amp;1 EasyLogin\EasyLogin.exe
Task: {C5271A02-BAC6-4851-B5D2-0B2D1B95583B} - System32\Tasks\{1D9269CD-D7BB-4689-8982-5075366E1DC0} => C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe [2012-05-14] (Avira Operations GmbH & Co. KG)
Task: {D310F913-8296-44E0-977A-CF73F7791BD7} - System32\Tasks\{56E4DBD7-41E9-458A-9CCB-B2C0CFC6D816} => D:\Battery Charger Monitor\usb-drv\slabuninme.exe
Task: {FFFF2D25-2D4A-4DBA-A0AA-E46B69FF61A3} - System32\Tasks\{02A371A2-2DBF-4C3D-9AA4-015AE6B0BF39} => C:\Program Files (x86)\1&amp;1\1&amp;1 EasyLogin\EasyLogin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-18 04:03 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2007-01-15 11:52 - 2007-01-15 11:52 - 00022016 _____ () C:\Windows\System32\cx21sl6.dll
2010-11-21 10:26 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2010-11-21 10:26 - 2006-02-22 11:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-03-15 14:57 - 2009-11-20 14:43 - 00405504 _____ () C:\Windows\System32\HPM1210LM.DLL
2011-02-12 19:08 - 2008-06-04 08:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2011-03-15 14:58 - 2009-11-20 14:43 - 00074240 ____N () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.DLL
2011-03-15 14:57 - 2009-11-20 14:43 - 03092480 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2011-03-15 14:57 - 2009-11-20 15:06 - 01038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2007-12-12 10:29 - 2007-12-12 10:29 - 00036864 _____ () C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
2010-11-20 19:07 - 2003-09-14 23:08 - 01142784 _____ () C:\mysql\bin\mysqld-nt.exe
2011-03-15 14:55 - 2009-12-04 01:01 - 00212480 _____ () C:\Windows\system32\m1210wia.dll
2010-11-13 12:40 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2010-11-13 12:40 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2010-11-13 12:40 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2010-11-13 12:40 - 2009-06-05 08:18 - 47581696 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-20 19:07 - 2003-09-14 23:08 - 00233472 _____ () C:\mysql\bin\LIBMYSQL.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: AVM ISDN CoNDIS WAN CAPI Driver
Description: AVM ISDN CoNDIS WAN CAPI Driver
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: AVM GmbH
Service: AVMCOWAN
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/20/2014 07:25:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: msnmsgr.exe, Version: 15.4.3538.513, Zeitstempel: 0x4dcdb2b3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x026f8788
ID des fehlerhaften Prozesses: 0x808
Startzeit der fehlerhaften Anwendung: 0xmsnmsgr.exe0
Pfad der fehlerhaften Anwendung: msnmsgr.exe1
Pfad des fehlerhaften Moduls: msnmsgr.exe2
Berichtskennung: msnmsgr.exe3

Error: (08/20/2014 02:22:16 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (08/20/2014 02:22:00 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "CoFIS,type="win32",version="1.4.2.0"1". Fehler in Manifest- oder Richtliniendatei "CoFIS,type="win32",version="1.4.2.0"2" in Zeile  CoFIS,type="win32",version="1.4.2.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: CoFIS,type="win32",version="1.4.2.0".
Definition: CoFIS,type="win32",version="1.4.3.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (08/20/2014 02:21:28 AM) (Source: SideBySide) (EventID: 72) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "asmv2:clrClassInvocation1". Fehler in Manifest- oder Richtliniendatei "asmv2:clrClassInvocation2" in Zeile asmv2:clrClassInvocation3.
Das asmv2:clrClassInvocation-Element wird als untergeordnetes Element des urn:schemas-microsoft-com:asm.v1^entryPoint-Elements angezeigt, das von dieser Windows-Version nicht unterstützt wird.

Error: (08/20/2014 00:43:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17239, Zeitstempel: 0x53d22946
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x53159a86
Ausnahmecode: 0x80000003
Fehleroffset: 0x00013226
ID des fehlerhaften Prozesses: 0x122c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (08/20/2014 00:18:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2014 00:16:54 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2014 00:16:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/20/2014 00:16:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (08/18/2014 09:33:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17239, Zeitstempel: 0x53d22946
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000002c
ID des fehlerhaften Prozesses: 0x18d4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3


System errors:
=============
Error: (08/21/2014 10:09:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/21/2014 10:09:27 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/21/2014 10:07:17 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Email Schutz" ist vom Dienst "Avira Echtzeit Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (08/21/2014 10:07:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (08/21/2014 10:07:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Avira Browser Schutz" ist vom Dienst "Avira Echtzeit Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1053

Error: (08/21/2014 10:07:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/21/2014 10:07:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit Scanner erreicht.

Error: (08/21/2014 10:07:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TBPanel" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/21/2014 10:07:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (08/21/2014 10:07:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.


Microsoft Office Sessions:
=========================
Error: (03/14/2014 06:59:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/08/2013 11:14:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 531 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (02/24/2013 07:45:21 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/27/2012 09:34:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 71 seconds with 60 seconds of active time.  This session ended with a crash.

Error: (04/19/2012 09:19:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 47 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/28/2011 10:50:01 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1539 seconds with 900 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 42%
Total physical RAM: 4095.18 MB
Available physical RAM: 2368.11 MB
Total Pagefile: 8190.36 MB
Available Pagefile: 6511.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:363.77 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Backup) (Fixed) (Total:153.38 GB) (Free:5.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0009F47E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 153.4 GB) (Disk ID: CB8FCB8F)
Partition 1: (Active) - (Size=153.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Bootsektor · 21.08.2014, 23:37

Entschuldige,
da habe ich mich nicht klar ausgedrückt.

Du musst natürlich Avira zuerst über die Systemsteuerung entfernen, am besten schaltest du es dafür vorher aus und danach verwendest du dann das Cleaning Tool.

Jackomo · 22.08.2014, 06:33

Hallo,
das hab ich schon versucht, es passiert aber Nichts wenn ich in der Systemsteuerung Deinstallieren anwähle.
Ich kann es auch nicht ausschalten, denn es startet ja gar nicht.
Sollte ich es vielleicht auch mit dem Revo-uninstaller versuchen?
Gruss Karl-Heinz

Bootsektor · 22.08.2014, 12:07

Hallo,

Ja. Probiere mal den Revo-uninstaller. Wenn das nicht geht, lösche Avira im abgesicherten Modus.

Jackomo · 22.08.2014, 12:49

Hallo,
hab ich gemacht, im "moderate mode".
Hat jede Menge Registry keys, 1.800 files und fast 500MB gefunden, die ich dann habe löschen lassen.
Trotzdem geht eine Neuinstallation von AVIRA nicht.
AVIRA Setup startet, extrahiert die Dateien, und schliesst das Fenster, das wars.
Wenn ich dann nochmal Revo starte, findet der aber kein Avira/keine Einträge.

Andere Frage...kann ich denn aktuell schon davon ausgehen dass der PC an sich clean ist?
Der Besitzer möchte ohnehin demnächst einen neuen anschaffen und alle Programme bzw eigentlich deren Daten auf den neuen PC übertragen haben.
Wenn ich davon ausgehen kann, dass der PC clean ist, würde ich in AVIRA gar nicht mehr viel Aufwand reinstecken, sondern die Daten übertragen und den PC dann komplett neu aufsetzen.
Falls es aber noch Unsicherheiten gibt mach ich das natürlich nicht.
Gruss Jackomo

Bootsektor · 22.08.2014, 13:08

Die Logs sehen soweit gut aus. Lass uns Kontrollscans machen um das zu untermauern.

Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Klicke im Anschluss auf Suchlauf, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf jetzt starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Aktionen anwenden.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Wähle Exportieren auf Textdatei (.txt) und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 2
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Jackomo · 22.08.2014, 13:35

Es lässt sich weder Der MBAM stup noch der ESET ausführen.
MBAM setup fragt noch ob ich ausfühern möchte, wobei im Prozessmonitor dann kurz eine instanz svchost aufblitzt, das wars aber.

ESET kan man anklicken, es passiert Nichts...

Offenbar werden irgendwie die Installationen geblockt, wobei es schon seltsam ist, dass der Revo problemlos ging. Ist aber auch kein malware-/Virenkiller. Obs daran liegt?

Jackomo

PS: Ich besorge mir glaube ich das ultimative Werkzeug den H-A-M-M-E-R

)

Bootsektor · 22.08.2014, 22:28

Nein, ich denke, das hat was mit dem Service Control Manager von Windows zu tun.

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

SearchScopes: HKLM-x32 - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {DA9E649B-6494-42A1-881C-160C4B71CCE2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8E96DB4F-0289-4C39-9F7A-BC0DBD516725&apn_sauid=9DA201EE-0633-4D7F-A727-58720B6A8E2A
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Gehe in deinem Chrome Browser auf Einstellungen (das ist das Symbol rechts neben der Adresszeile im Browser was aus drei horizontalen Linien besteht)
Klicke dort auf Einstellungen
Gehe zu dem Punkt Suche -> Suchmaschinen verwalten
Lösche dort Searchtheweb und softonic
Klicke auf Fertig

Schritt 3

Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.

[/QUOTE]

Schritt 4
Teste danach, ob du Malwarebytes und Eset installieren und ausführen kannst

Jackomo · 23.08.2014, 10:08

Die Searchanbieter waren nicht eingetragen in Chrome.

Da Windows Repair complete power off, Kabel raus etc. erfordert muss ich erst mal zum Standort des PCs hinfahren...mach ich später (Bin ansonsten nur remote drauf)

hier schon mal das Fixlog

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-08-2014
Ran by Cheffe at 2014-08-23 11:01:46 Run:1
Running from C:\Users\Cheffe\Desktop\khb only
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
SearchScopes: HKLM-x32 - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - DefaultScope {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {acbd5593-e5ee-4c15-b48f-1823ce819dec} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZU^xpt195^YY^de&si=CMiV9aWX6rYCFS7KtAodiCkAhA&ptb=FE2413CA-E362-42F3-813E-738BBD0F3DAF&ind=2013042702&n=77fc980e&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKCU - {CB5A61AE-F4BB-4D8A-AF0E-669C824853D0} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8d171f500000000000020cf308e02d2&r=529
SearchScopes: HKCU - {DA9E649B-6494-42A1-881C-160C4B71CCE2} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=8E96DB4F-0289-4C39-9F7A-BC0DBD516725&apn_sauid=9DA201EE-0633-4D7F-A727-58720B6A8E2A
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
         
*****************

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{acbd5593-e5ee-4c15-b48f-1823ce819dec}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{acbd5593-e5ee-4c15-b48f-1823ce819dec}" => Key deleted successfully.
"HKCR\CLSID\{acbd5593-e5ee-4c15-b48f-1823ce819dec}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CB5A61AE-F4BB-4D8A-AF0E-669C824853D0}" => Key deleted successfully.
"HKCR\CLSID\{CB5A61AE-F4BB-4D8A-AF0E-669C824853D0}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DA9E649B-6494-42A1-881C-160C4B71CCE2}" => Key deleted successfully.
"HKCR\CLSID\{DA9E649B-6494-42A1-881C-160C4B71CCE2}" => Key not found.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.

==== End of Fixlog ====

Bootsektor · 23.08.2014, 11:47

Ok.

Jackomo · 24.08.2014, 09:48

Alles durchgelaufen, in den ziemlich kurz aufpoppenden Fenstern hab ich einiges an Error Messages gesehn.
Am Ende ist das Ergebnis dasselbe.
Weder MBAM, noch ESET lassen sich installeren, AVIRA auch nicht.

Habe überlegt ob es eine Option wäre, dass ich die Disk einfach ausbau, an meinen Laptop extern, über USB to SATA anschliesse und dem Malwarbyte Scan dort starte.
Klar, dass dann keine Windows Dienste auf der externen Disk laufen, aber rein die Datenstruktur würe ja gescannt werden.
Denkst Du das wäre sicher bzw aussagekräftig genug?

Evtl geht ja eset da auch ?

Gruss Karl-Heinz

21.08.2014, 23:37	#6
Bootsektor Ruhe in Frieden † 2019	AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64 Entschuldige, da habe ich mich nicht klar ausgedrückt. Du musst natürlich Avira zuerst über die Systemsteuerung entfernen, am besten schaltest du es dafür vorher aus und danach verwendest du dann das Cleaning Tool. __________________ --> AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64

22.08.2014, 12:07	#8
Bootsektor Ruhe in Frieden † 2019	AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64 Hallo, Ja. Probiere mal den Revo-uninstaller. Wenn das nicht geht, lösche Avira im abgesicherten Modus. __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

23.08.2014, 11:47	#14
Bootsektor Ruhe in Frieden † 2019	AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64 Ok. __________________ Grüße stolzes Mitglied von UNITE Du hast Lob oder Verbesserungsvorschläge? Du findest unsere Arbeit gut und möchtest uns finanziell unterstützen? -> Spende

AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64

Log-Analyse und Auswertung: AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64