Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus

DJ_Chris · 23.08.2014, 20:12

Hallo in die Runde,

ich wende mich an Euch, da mein Rechner (Laptop) mit Vista 32-bit fortlaufend "beschäftigt" ist.

Dies macht sich folgendermaßen bemerkbar:
- die CPU hat eine Systemlast zwischen 5% und 100% - es wechselt ständig
- die HDD-LED flackert fortlaufend und es herrscht ein ein hohes Laufgeräusch
- Beim Abspielen von youtube- oder sonstigen Flash-Videos gibt es Abspielschwierigkeiten (Aussetzer, lange Ladezeiten) - Update des Adobe Flash-Player wird stets durchgeführt und ist auf dem aktuellen Stand
- beim Aufrufen von mehreren Websiten im Firefox kann es zur der Meldung "keine Rückmeldung" kommen und Firefox reagiert nicht mehr
- die Belastung ist zeitweise so hoch, dass laufende Programme (Outlook, Firefox oder aktuell Traktor) beeinträchtigt werden - so gibt es unter Traktor Aussetzer oder Nebengeräusche bei der Audio-Ausgabe
- es kam schon vor dass der Rechner heiß läuft (trotz Coolpad mit zwei Lüftern darunter :-( ) und sogar ausgeht (ohne Vorwarnung - ich nehme an aus Sicherheitsgründen, da er zu heiß war) - das Einschalten ist dann erst wieder möglich wenn der Rechner abgekühlt ist
- ich habe verschiedene Antiviren - und Internet-Security-Tools getestet, um die Belastung des Systems hierdurch auszuschließen. Die Last war unterschiedlich hoch und haben das System zusätzlich gebremst (Norton und GData, Kaspersky war extrem von der Belastung) - aktuell nutze ich Avira Free Antivirus - hier ist die Systemlast noch passabel
- es gab vor kurzem unter Avira Virenfunde (siehe Logfile)
- malwarebytes Anti-Malware hat nichts gefunden (siehe Logfile)
- ich habe die "Anleitung für Hilfesuchende bei Trojaner- und Virenbefall" http://www.trojaner-board.de/69886-a...-beachten.html durchgearbeitet und habe die Logfiles angehängt
- noch etwas: meiner Usernamens gibt keinen Hinweis auf eine gewerbliche Nutzung - bin einfach nur "musikverrückt" ;-)

Ich freue mich auf Eure Rückmeldung/en und sage vielen Dank im Voraus.
DJ_Chris

Ergebnis Defogger:

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:09 on 23/08/2014 (admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read SafeBoot.sys


-=E.O.F=-

Ergebnis FRST.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-08-2014
Ran by admin (administrator) on HP-MOBILE on 23-08-2014 19:11:31
Running from C:\Users\admin\Desktop
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AuthenTec, Inc.) C:\Program Files\Fingerprint Sensor\AtService.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ActivIdentity) C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\acevents.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(McAfee, Inc.) C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
(Avid Technology, Inc.) C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(AN-Soft) D:\Program Files\AN QuickNote\QuickNote.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ZONER software) D:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Bartels Media GmbH) D:\Program Files\PhraseExpress\phraseexpress.exe
(Avira Operations GmbH & Co. KG) D:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2008-04-04] (Analog Devices, Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-13] (Greenshot)
HKLM\...\Run: [SoundMax] => C:\Program Files\Analog Devices\SoundMAX\SoundMAX.exe [3842048 2008-03-19] (Analog Devices, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => D:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => D:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\Run: [QuickNote] => D:\Program Files\AN QuickNote\QuickNote.exe [819200 2010-10-13] (AN-Soft)
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\Run: [ShowBatteryBar] => C:\Program Files\BatteryBar\ShowBatteryBar.exe [90624 2013-04-11] ()
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\Run: [UpdateStar Drivers] => D:\Program Files\UpdateStar Drivers\drivers.exe
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\Run: [Zoner Photo Studio Autoupdate] => D:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTRAY.EXE [774680 2013-06-07] (ZONER software)
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\MountPoints2: {13412b00-eefd-11e1-a4a0-00226476e7c8} - J:\LaunchU3.exe -a
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\MountPoints2: {24bc1c4d-dddf-11e3-a298-00226476e7c8} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\MountPoints2: {643986e9-a8ee-11e1-b1b0-00226476e7c8} - I:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\MountPoints2: {64398700-a8ee-11e1-b1b0-001e101fb4df} - I:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-1794854254-3813751068-1490861199-1004\...\MountPoints2: {a521b77a-82fa-11e0-9a46-00226476e7c8} - J:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~1\HEWLET~1\IAM\bin\APSHook.dll => C:\Program Files\Hewlett-Packard\IAM\Bin\APSHook.dll [89872 2009-07-28] (Bioscrypt Inc.)
IFEO\backitup.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\cdspeed.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\coverdes.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\drivespeed.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\express.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\freemakevideodownloader.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\hpbc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\hphc.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\hpsi.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\hpwucli.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\infotool.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\lightscribecontrolpanel.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\lslauncher.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\nero.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\neroburnrights.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\neroupgrade.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\setupx.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\trueimage.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe"
Lsa: [Authentication Packages] msv1_0 relog_ap
Lsa: [Notification Packages] scecli ASWLNPkg
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk
ShortcutTarget: PhraseExpress.lnk -> D:\Program Files\PhraseExpress\phraseexpress.exe (Bartels Media GmbH)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.coke.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=83&bd=all&pf=cmnb
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {FD42C198-9A08-4A7D-B0D2-8E438C8BA079} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcmnbie7-de-de
SearchScopes: HKCU - DefaultScope {FD42C198-9A08-4A7D-B0D2-8E438C8BA079} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcmnbie7-de-de
SearchScopes: HKCU - {FD42C198-9A08-4A7D-B0D2-8E438C8BA079} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcmnbie7-de-de
BHO: BHO_Startup Class -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Avira Savings Advisor BHO -> {A18A516C-AA41-46A9-92DB-60208917E442} -> C:\Program Files\avira\Internet Explorer\avira32.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> C:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
BHO: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0vi8kg0.default-1390420239619
FF NewTab: about:blank
FF Homepage: about:blank
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
FF Plugin HKCU: opencandy.com/Ignite -> C:\Users\admin\AppData\Local\Ignite\npOCDM.1.1.4.0.dll No File
FF Extension: Avira Browser Safety - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0vi8kg0.default-1390420239619\Extensions\abs@avira.com [2014-08-18]
FF Extension: CacheViewer - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\k0vi8kg0.default-1390420239619\Extensions\{71328583-3CA7-4809-B4BA-570A85818FBB}.xpi [2014-05-12]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-21]
FF HKLM\...\Firefox\Extensions: [fmdownloader@gmail.com] - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com
FF Extension: Freemake Video Downloader Plugin - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2013-08-04]
FF HKLM\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com
FF Extension: Freemake Youtube Download Button - D:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2013-08-04]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2013-09-26]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [207400 2009-06-03] (ActivIdentity)
S4 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [427288 2007-12-03] (Acronis)
R2 AntiVirSchedulerService; D:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-14] (Avira Operations GmbH & Co. KG)
R2 ASBroker; C:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-28] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-28] (Bioscrypt Inc.)
R2 ATService; C:\Program Files\Fingerprint Sensor\AtService.exe [1201400 2009-07-29] (AuthenTec, Inc.)
S2 DymoPnpService; D:\Program Files\DYMO\DYMO Label Software\DymoPnpService.exe [33072 2014-03-20] (Sanford, L.P.)
S4 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-07-08] (Macrovision Europe Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-07-31] (Freemake) [File not signed]
S4 FreemakeVideoCapture; D:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-07-31] (Ellora Assets Corp.) [File not signed]
R2 FsUsbExService; C:\windows\system32\FsUsbExService.Exe [233472 2013-10-30] (Teruten) [File not signed]
S4 Garmin Core Update Service; D:\Program Files\Garmin\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-10-09] (Hewlett-Packard) [File not signed]
S3 HP ProtectTools Service; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-08-07] (Hewlett-Packard Development Company, L.P) [File not signed]
R2 HpFkCryptService; C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256544 2009-07-29] (McAfee, Inc.)
R2 HPFSService; C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [77824 2008-05-14] (Hewlett-Packard) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 InCDsrv; D:\Program Files\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2011-06-20] (Hewlett-Packard Company) [File not signed]
R2 MA_CMIDI_InstallerService; C:\Program Files\M-Audio\M-Audio Series II MIDI\MA_CMIDI_Inst.exe [86016 2007-06-11] (Avid Technology, Inc.) [File not signed]
S4 NBService; D:\Program Files\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
R2 Net Driver HPZ12; C:\windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 Pml Driver HPZ12; C:\windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
S4 TryAndDecideService; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498792 2007-12-03] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1731896 2014-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ak1avs; C:\windows\System32\Drivers\ak1avs.sys [35408 2009-10-08] (Native Instruments GmbH)
S3 ak1usb; C:\windows\System32\Drivers\ak1usb.sys [276432 2009-10-08] (Native Instruments GmbH)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [97648 2014-07-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [136216 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [37352 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 FsUsbExDisk; C:\windows\system32\FsUsbExDisk.SYS [37344 2013-10-30] () [File not signed]
R4 InCDfs; C:\windows\System32\drivers\InCDFs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\windows\System32\drivers\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\windows\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\windows\System32\drivers\InCDRm.sys [38440 2007-11-26] (Nero AG)
S3 MA_CMIDI; C:\windows\System32\drivers\ma_cmidi.sys [21888 2006-08-16] (M-Audio)
R2 npf; C:\windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
S3 NuidFltr; C:\windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12528 2009-07-29] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [109216 2009-07-29] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51408 2009-07-29] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12960 2009-07-29] (SafeBoot International)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1810992 2009-03-27] ()
S3 Spyder3; C:\windows\System32\DRIVERS\Spyder3.sys [12288 2007-12-12] ()
R1 ssmdrv; C:\windows\System32\DRIVERS\ssmdrv.sys [28520 2014-05-09] (Avira GmbH)
S3 ssudserd; C:\windows\System32\DRIVERS\ssudserd.sys [181344 2012-09-20] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 SynasUSB; C:\windows\System32\drivers\SynasUSB.sys [18432 2006-11-23] (SIA Syncrosoft) [File not signed]
R0 tdrpman; C:\windows\System32\DRIVERS\tdrpman.sys [368480 2012-11-19] (Acronis)
R2 tifsfilter; C:\windows\System32\DRIVERS\tifsfilt.sys [44384 2012-11-19] (Acronis)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
U4 eabfiltr; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 ntcdrdrv; system32\DRIVERS\ntcdrdrv.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PcaSp50; System32\Drivers\PcaSp50.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
S0 wkegye; System32\drivers\rfopv.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-23 19:11 - 2014-08-23 19:11 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-08-23 19:10 - 2014-08-23 19:11 - 01095168 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2014-08-23 19:10 - 2014-08-23 19:10 - 01095168 _____ (Farbar) C:\Users\admin\Downloads\FRST(1).exe
2014-08-23 19:09 - 2014-08-23 19:09 - 00000530 _____ () C:\Users\admin\Desktop\defogger_disable.log
2014-08-23 19:09 - 2014-08-23 19:09 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-08-23 19:08 - 2014-08-23 19:07 - 00050477 _____ () C:\Users\admin\Desktop\Defogger.exe
2014-08-23 19:07 - 2014-08-23 19:07 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-08-15 00:27 - 2014-06-27 00:17 - 00619664 _____ (Microsoft Corporation) C:\windows\system32\icardagt.exe
2014-08-15 00:27 - 2014-06-27 00:17 - 00099480 _____ (Microsoft Corporation) C:\windows\system32\infocardapi.dll
2014-08-15 00:27 - 2014-06-27 00:17 - 00008856 _____ (Microsoft Corporation) C:\windows\system32\icardres.dll
2014-08-15 00:27 - 2014-06-06 06:28 - 00035480 _____ (Microsoft Corporation) C:\windows\system32\TsWpfWrp.exe
2014-08-14 23:59 - 2014-07-08 02:46 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2014-08-14 23:59 - 2014-06-14 02:44 - 00638400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2014-08-14 23:59 - 2014-06-14 02:33 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
2014-08-14 23:59 - 2014-06-02 12:31 - 02263552 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
2014-08-14 23:59 - 2014-06-02 12:31 - 00332800 _____ (Microsoft Corporation) C:\windows\system32\msihnd.dll
2014-08-14 23:59 - 2014-06-02 12:30 - 01993728 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2014-08-14 23:59 - 2014-06-02 12:30 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
2014-08-14 23:59 - 2014-06-02 10:56 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
2014-08-14 23:58 - 2014-07-25 06:26 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-08-14 23:58 - 2014-07-25 04:53 - 02054656 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-08-14 23:58 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-08-14 23:58 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-08-14 23:58 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-08-14 23:58 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-08-14 23:58 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-08-14 23:58 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-08-14 23:58 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-08-14 23:58 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-08-14 23:58 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-08-14 23:58 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-08-14 23:58 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-08-14 23:58 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-08-14 23:58 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-08-14 23:58 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-08-14 23:58 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-08-14 23:58 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-08-14 23:58 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-08-14 23:58 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-08-14 23:58 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-08-14 23:58 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-08-14 23:58 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-08-10 16:21 - 2014-08-10 16:21 - 13567995 _____ () C:\Users\admin\Downloads\dender_ep_2013.zip
2014-08-06 21:52 - 2014-08-06 21:52 - 06660088 _____ () C:\Users\admin\Downloads\TV-20140806-1558-4001.webl.webm
2014-08-03 01:32 - 2014-08-23 19:11 - 00022981 _____ () C:\Users\admin\Desktop\FRST.txt
2014-08-03 01:28 - 2014-08-03 01:36 - 00047610 _____ () C:\Users\admin\Downloads\Addition.txt
2014-08-03 01:25 - 2014-08-23 19:11 - 00000000 ____D () C:\FRST
2014-08-03 01:25 - 2014-08-03 01:36 - 00037625 _____ () C:\Users\admin\Downloads\FRST.txt
2014-08-03 01:23 - 2014-08-03 01:23 - 01084928 _____ (Farbar) C:\Users\admin\Downloads\FRST.exe
2014-08-01 18:54 - 2014-08-01 18:54 - 00349976 _____ () C:\Users\admin\Downloads\walimex_pro_logo.zip
2014-07-30 15:10 - 2014-07-30 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-07-30 15:09 - 2014-07-30 15:09 - 02672432 _____ () C:\Users\admin\Downloads\mp3tagv261asetup.exe
2014-07-29 00:05 - 2014-07-29 00:05 - 02365840 _____ () C:\Users\admin\Downloads\SecurityTaskManager_Setup.exe
2014-07-26 16:55 - 2014-07-26 16:55 - 00000939 _____ () C:\Users\admin\Desktop\NetObjects Fusion 9.0.lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-23 19:12 - 2014-08-03 01:32 - 00022981 _____ () C:\Users\admin\Desktop\FRST.txt
2014-08-23 19:11 - 2014-08-23 19:11 - 00000000 ____D () C:\Users\admin\Desktop\FRST-OlderVersion
2014-08-23 19:11 - 2014-08-23 19:10 - 01095168 _____ (Farbar) C:\Users\admin\Desktop\FRST.exe
2014-08-23 19:11 - 2014-08-03 01:25 - 00000000 ____D () C:\FRST
2014-08-23 19:10 - 2014-08-23 19:10 - 01095168 _____ (Farbar) C:\Users\admin\Downloads\FRST(1).exe
2014-08-23 19:09 - 2014-08-23 19:09 - 00000530 _____ () C:\Users\admin\Desktop\defogger_disable.log
2014-08-23 19:09 - 2014-08-23 19:09 - 00000000 _____ () C:\Users\admin\defogger_reenable
2014-08-23 19:09 - 2009-03-21 19:11 - 00000000 ____D () C:\Users\admin
2014-08-23 19:07 - 2014-08-23 19:08 - 00050477 _____ () C:\Users\admin\Desktop\Defogger.exe
2014-08-23 19:07 - 2014-08-23 19:07 - 00050477 _____ () C:\Users\admin\Downloads\Defogger.exe
2014-08-23 18:39 - 2006-11-02 14:58 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-08-23 18:39 - 2006-11-02 14:45 - 00003216 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-23 18:39 - 2006-11-02 14:45 - 00003216 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-23 18:38 - 2009-03-21 17:57 - 02072683 _____ () C:\windows\WindowsUpdate.log
2014-08-23 18:38 - 2009-03-21 17:57 - 00000012 _____ () C:\windows\bthservsdp.dat
2014-08-23 18:38 - 2006-11-02 14:58 - 00032530 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-08-23 18:33 - 2014-04-01 18:22 - 01845864 _____ () C:\windows\system32\FNTCACHE.DAT
2014-08-23 00:08 - 2013-08-24 19:57 - 00000000 ____D () C:\Users\admin\Documents\PhraseExpress
2014-08-22 23:55 - 2010-06-13 18:10 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps
2014-08-21 22:14 - 2012-04-14 10:30 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 21:21 - 2014-05-26 14:50 - 00000878 _____ () C:\windows\setupact.log
2014-08-19 21:49 - 2008-04-16 17:33 - 01652078 _____ () C:\windows\system32\PerfStringBackup.INI
2014-08-15 22:08 - 2013-03-04 16:40 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Mp3tag
2014-08-15 21:33 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\rescache
2014-08-15 21:29 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\Microsoft.NET
2014-08-15 21:11 - 2014-06-28 00:54 - 00000000 ____D () C:\Program Files\avira
2014-08-15 21:11 - 2014-06-28 00:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-15 21:11 - 2014-06-28 00:51 - 00000000 ____D () C:\ProgramData\Avira
2014-08-15 21:11 - 2013-04-30 17:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-15 01:35 - 2014-05-26 09:06 - 00920172 _____ () C:\windows\PFRO.log
2014-08-15 01:33 - 2006-11-02 13:18 - 00000000 ____D () C:\windows\system32\de-DE
2014-08-15 00:38 - 2008-07-23 15:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-15 00:36 - 2013-08-14 16:53 - 00000000 ____D () C:\windows\system32\MRT
2014-08-15 00:31 - 2006-11-02 12:24 - 96303304 _____ (Microsoft Corporation) C:\windows\system32\mrt.exe
2014-08-10 20:42 - 2012-01-01 21:26 - 00002631 _____ () C:\Users\admin\Desktop\Word.lnk
2014-08-10 18:36 - 2011-10-02 15:36 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc
2014-08-10 16:21 - 2014-08-10 16:21 - 13567995 _____ () C:\Users\admin\Downloads\dender_ep_2013.zip
2014-08-08 20:34 - 2012-01-01 21:26 - 00002735 _____ () C:\Users\admin\Desktop\Outlook.lnk
2014-08-06 21:52 - 2014-08-06 21:52 - 06660088 _____ () C:\Users\admin\Downloads\TV-20140806-1558-4001.webl.webm
2014-08-05 21:02 - 2012-01-01 21:26 - 00002633 _____ () C:\Users\admin\Desktop\Excel.lnk
2014-08-05 20:09 - 2014-02-15 20:11 - 00000000 ____D () C:\Users\admin\AppData\Local\Greenshot
2014-08-03 01:36 - 2014-08-03 01:28 - 00047610 _____ () C:\Users\admin\Downloads\Addition.txt
2014-08-03 01:36 - 2014-08-03 01:25 - 00037625 _____ () C:\Users\admin\Downloads\FRST.txt
2014-08-03 01:23 - 2014-08-03 01:23 - 01084928 _____ (Farbar) C:\Users\admin\Downloads\FRST.exe
2014-08-03 01:19 - 2014-05-20 22:30 - 00110296 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-01 18:54 - 2014-08-01 18:54 - 00349976 _____ () C:\Users\admin\Downloads\walimex_pro_logo.zip
2014-07-30 15:10 - 2014-07-30 15:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-07-30 15:10 - 2013-03-04 16:40 - 00000619 _____ () C:\Users\Public\Desktop\Mp3tag.lnk
2014-07-30 15:09 - 2014-07-30 15:09 - 02672432 _____ () C:\Users\admin\Downloads\mp3tagv261asetup.exe
2014-07-29 23:48 - 2010-05-02 16:07 - 00007680 _____ () C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-29 20:32 - 2014-06-17 21:15 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2014-07-29 01:49 - 2013-04-15 08:47 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-07-29 00:15 - 2014-05-20 22:29 - 00000921 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-29 00:15 - 2014-05-20 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-29 00:15 - 2014-05-20 22:29 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-29 00:05 - 2014-07-29 00:05 - 02365840 _____ () C:\Users\admin\Downloads\SecurityTaskManager_Setup.exe
2014-07-26 16:55 - 2014-07-26 16:55 - 00000939 _____ () C:\Users\admin\Desktop\NetObjects Fusion 9.0.lnk
2014-07-25 06:26 - 2014-08-14 23:58 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-07-25 04:53 - 2014-08-14 23:58 - 02054656 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-24 20:07 - 2014-08-14 23:58 - 12356608 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-24 19:58 - 2014-08-14 23:58 - 01810432 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-24 19:57 - 2014-08-14 23:58 - 09739264 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-24 19:52 - 2014-08-14 23:58 - 01137664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-24 19:51 - 2014-08-14 23:58 - 01427968 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-24 19:51 - 2014-08-14 23:58 - 01129472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-24 19:50 - 2014-08-14 23:58 - 00231936 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2014-07-24 19:50 - 2014-08-14 23:58 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-24 19:49 - 2014-08-14 23:58 - 01802240 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-24 19:49 - 2014-08-14 23:58 - 00717824 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-24 19:49 - 2014-08-14 23:58 - 00607744 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 23:58 - 00421376 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-24 19:49 - 2014-08-14 23:58 - 00142848 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 23:58 - 02382848 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-24 19:48 - 2014-08-14 23:58 - 00353792 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 23:58 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 23:58 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 23:58 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 23:58 - 00011776 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2014-07-24 19:48 - 2014-08-14 23:58 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2014-07-24 19:47 - 2014-08-14 23:58 - 00176640 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\admin\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\admin\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-23 18:47

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Ergebnis Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by admin at 2014-08-03 01:28:09
Running from C:\Users\admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
Acronis*True*Image*Home (HKLM\...\{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}) (Version: 11.0.8064 - Acronis)
ActivClient x86 (Version: 6.2 - ActivIdentity) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AN QuickNote Version 5 (HKLM\...\AN QuickNote_is1) (Version: 5.0.0.00 - AN-Soft A. Neumann)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{32D95F2D-17A3-9457-667D-DC603227295F}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
AuthenTec Fingerprint System (Version: 8.0.202.0 - AuthenTec, Inc.) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Avira Savings Advisor (HKLM\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
BIOS Configuration for HP ProtectTools (HKLM\...\{9CDB5063-D699-42BA-9135-7B8C4ECAC856}) (Version: 4.00 B1 - Hewlett-Packard)
Bonjour (HKLM\...\{0CB9668D-F979-4F31-B8B8-67FE90F929F8}) (Version: 2.0.2.0 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0521.920.14728 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Czech (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Danish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Dutch (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help English (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Finnish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help French (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help German (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Greek (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Italian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Japanese (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Korean (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Polish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Russian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Spanish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Swedish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Thai (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Turkish (Version: 2008.0521.0919.14728 - ATI) Hidden
ccc-core-static (Version: 2008.0521.920.14728 - ATI) Hidden
ccc-utility (Version: 2008.0521.920.14728 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Credential Manager for HP ProtectTools (Version: 4.1.6.1484 - Hewlett-Packard Company) Hidden
CrystalDiskInfo 4.2.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 4.2.0a - Crystal Dew World)
Drive Encryption for HP ProtectTools (Version: 4.0.24 - Hewlett-Packard) Hidden
Elevated Installer (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
ESU for Microsoft Vista SP1 (HKLM\...\{01F81577-D786-49D7-BAAF-B8A8B44CE251}) (Version: 1.00.3.1 - Hewlett-Packard)
Exif-Viewer 2.50  (HKLM\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
File Sanitizer For HP ProtectTools (HKLM\...\{789C97CE-9E17-4126-BDF4-11FF458BF705}) (Version: 1.0.0.19 - Hewlett-Packard)
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
Firebird SQL Server - MAGIX Edition (HKLM\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.3.1.514 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.5.3 - Ellora Assets Corporation)
Garmin Express (HKLM\...\{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version:  - )
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
HP 3D DriveGuard (HKLM\...\{2ACA66D0-7C67-4235-90B5-7AB382FF8633}) (Version: 3.10 A8 - Hewlett-Packard)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{420BBA1D-B275-4891-838C-EA88FE87A632}) (Version: 5.4.0.2423 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{8BB128BE-2670-485D-A221-B00715BCEBCF}) (Version: 5.4.0.2423 - Hewlett-Packard)
HP Help and Support (HKLM\...\{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}) (Version: 2.0.9.0 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6202 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6202 - HP)
HP JavaCard for HP ProtectTools (Version: 04.10.10.0003 - Hewlett-Packard) Hidden
HP ProtectTools Security Manager (Version: 04.10.10.0003 - Hewlett-Packard) Hidden
HP ProtectTools Security Manager Suite (HKLM\...\{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}) (Version: 04.10.10.0003 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Software Setup 5.00.A.7 (HKLM\...\{70CEFEBA-F757-4DBE-8A21-027C326137CE}) (Version: 5.00.A.7 - Hewlett-Packard Company)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HP User Guides 0108 (HKLM\...\{B79DB290-9F72-4B20-9776-848D7832705B}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.4 - Hewlett-Packard)
HP Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.39004.0 - Sonix)
HP Webcam Application (HKLM\...\{154E4F71-DFC0-4B31-8D99-F97615031B02}) (Version: 1.0.020.0418 - Chicony Electronics Co.,Ltd.)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.1.0 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version:  - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1251 - InterVideo Inc.)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kabel Deutschland Installations-Software (Version: 3.6.0.0 - Kabel Deutschland Vertrieb und Services GmbH) Hidden
LightScribe System Software (HKLM\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Lupas Rename 2000 v5.0 Release (HKLM\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
MAGIX Speed burnR (MSI) (HKLM\...\{8544556F-92C9-478E-9ABC-BC2823E39577}) (Version: 7.0.2.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
M-Audio Series II MIDI (HKLM\...\{379BD39E-F13E-458F-96D8-56BD7F2CC516}) (Version: 4.2.03v8 - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKCU\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Firefox 8.0.1 (x86 de) (HKLM\...\Mozilla Firefox 8.0.1 (x86 de)) (Version: 8.0.1 - Mozilla)
Mp3tag v2.61a (HKLM\...\Mp3tag) (Version: v2.61a - Florian Heidenreich)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Audio Kontrol 1 (HKLM\...\Native Instruments Audio Kontrol 1) (Version:  - )
Native Instruments Audio Kontrol 1 Driver (Version: 2.0.15.007 - Native Instruments) Hidden
Native Instruments Audio Kontrol 1 Support Files (Version:  - Native Instruments) Hidden
Native Instruments Controller Editor (Version: 1.2.5.409 - Native Instruments) Hidden
Native Instruments Service Center (Version: 2.2.3.537 - Native Instruments) Hidden
Native Instruments Traktor (Version: 1.2.6.8491 - Native Instruments) Hidden
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51031}) (Version: 7.03.0920 - Nero AG)
NetObjects Fusion 9.0 (HKLM\...\{BF42D245-9AD6-4149-A091-1D6C4790AB31}) (Version: 9.0 - )
NWZ-B160 WALKMAN Guide (HKLM\...\{B1A8A5D7-0613-4373-BB0C-2AA428C935BD}) (Version: 2.1.0.24141 - Sony Corporation)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PhraseExpress v10.1.24 (HKLM\...\PhraseExpress_is1) (Version: 10.1.24 - Bartels Media GmbH)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Skins (Version: 2008.0521.920.14728 - ATI) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5820 - Analog Devices)
Spyder3Pro (HKLM\...\Spyder3Pro) (Version:  - )
Steinberg Cubase LE 4 (HKLM\...\{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}) (Version: 4.1.3.853 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Essential Set (HKLM\...\{C04D5974-F528-4347-A494-EAF56124CC1A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Syncrosoft Lizenz Kontrolle (HKLM\...\Syncrosoft License Control) (Version:  - SIA Syncrosoft)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Textbausteinverwaltung Outlook Add-In v9.0.2 (HKLM\...\Textbausteinverwaltung Outlook Add-In_is1) (Version: 9.0.2 - Bartels Media GmbH)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.271 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.271 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.271 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Vista Default Settings (HKLM\...\{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}) (Version: 1.0.7.1 - Hewlett-Packard)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_DE_is1) (Version: 15.0.1.7 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1794854254-3813751068-1490861199-1004_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-1794854254-3813751068-1490861199-1004_Classes\CLSID\{6fc9af94-39ee-5a57-935c-17c37e34e33b}\InprocServer32 -> C:\Users\admin\AppData\Local\Ignite\npOCDM.1.1.4.0.dll No File

==================== Restore Points  =========================

13-07-2014 14:55:14 Geplanter Prüfpunkt
14-07-2014 16:10:11 Geplanter Prüfpunkt
16-07-2014 21:03:57 Geplanter Prüfpunkt
21-07-2014 17:17:54 Geplanter Prüfpunkt
22-07-2014 18:39:42 Installed QuickTime 7
23-07-2014 17:55:23 Geplanter Prüfpunkt
25-07-2014 22:09:45 Geplanter Prüfpunkt
27-07-2014 20:19:43 Geplanter Prüfpunkt
28-07-2014 15:07:27 Geplanter Prüfpunkt
30-07-2014 09:33:21 Geplanter Prüfpunkt
31-07-2014 19:54:28 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {012C4FE0-059C-42BF-A5F2-E8071E842788} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files\avira\Internet Explorer\swu.vbs"
Task: {1145C7FA-9D1D-4D02-8188-921CA3358FC2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1B92FA73-3FF3-48F4-B463-4E8A242FE530} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {1CC9D87E-9461-4237-AB88-237B340C4920} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {2B034243-4021-444A-88CF-DD651C05B084} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {38727862-101B-4C19-A5AE-9212F2AD9B55} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {413335FC-0E49-40F9-95C8-A6CA1DEE5B20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {57E905F1-A279-4DB4-8158-EF1D6A136B03} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12] (Hewlett-Packard)
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7D0FCFBF-24A2-400E-820E-0569051219E9} - System32\Tasks\Hewlett-Packard-Online-Aktualisierungsprogramm => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {9FA5C236-82BC-402A-8C80-1B10073C4B3C} - System32\Tasks\{F2086498-8117-4A3B-B515-1B3CF8961D23} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-18] (Skype Technologies S.A.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-06-18 21:52 - 2005-01-06 18:33 - 00116224 _____ () C:\windows\System32\redmonnt.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2011-05-20 17:26 - 2010-10-21 09:38 - 00962416 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-01-28 17:09 - 2014-01-28 17:09 - 00607032 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2008-05-21 11:38 - 2008-05-21 11:38 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-08-24 19:54 - 2014-03-10 18:41 - 00457000 _____ () D:\Program Files\PhraseExpress\pexlang.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2013-08-24 19:58 - 2013-04-04 12:57 - 04053504 _____ () D:\Program Files\PhraseExpress\pexmsol.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-07-30 11:23 - 2014-07-30 11:23 - 03800688 _____ () D:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-09 13:45 - 2014-07-09 13:45 - 17029808 _____ () C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk => C:\windows\pss\DVD Check.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Spyder3Utility.lnk => C:\windows\pss\Spyder3Utility.lnk.CommonStartup
MSCONFIG\startupreg: GarminExpressTrayApp => "D:\Program Files\Garmin\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: InCD => D:\Program Files\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: KiesAirMessage => D:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => D:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => D:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============

Name: Wacom Virtual Hid Driver
Description: Wacom Virtual Hid Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Wacom
Service: wacomvhid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2014 01:03:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2014 01:02:11 AM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/02/2014 11:13:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2014 11:12:36 AM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/01/2014 06:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2014 06:24:22 PM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/31/2014 05:06:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2014 05:05:33 PM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/31/2014 11:25:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2014 11:25:03 AM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (08/03/2014 01:12:49 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/03/2014 01:03:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ntcdrdrv
wkegye

Error: (08/03/2014 01:03:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/03/2014 01:01:58 AM) (Source: Dhcpv6) (EventID: 1000) (User: )
Description: Die Lease dieses Computers zu der IP-Adresse *ü└P über die Netzwerkkarte mit der Netzwerkadresse 00226476E7C8 ist verloren gegangen.

Error: (08/02/2014 11:17:18 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/02/2014 11:14:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ntcdrdrv
wkegye

Error: (08/02/2014 11:14:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0590AEC3-61EF-4C31-AAED-734A4E619247}

Error: (08/02/2014 11:13:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 11:12:22 AM) (Source: Dhcpv6) (EventID: 1000) (User: )
Description: Die Lease dieses Computers zu der IP-Adresse *ü└P über die Netzwerkkarte mit der Netzwerkadresse 00226476E7C8 ist verloren gegangen.

Error: (08/01/2014 06:34:57 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (04/22/2014 06:31:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 34 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/12/2014 00:58:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21458 seconds with 3060 seconds of active time.  This session ended with a crash.

Error: (02/02/2014 06:20:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 131 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (09/21/2013 02:47:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/14/2013 11:29:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 190 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (01/21/2013 07:52:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 83 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-07-29 00:25:14.330
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:13.536
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:12.696
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:11.880
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:05.511
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:04.735
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:03.933
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:03.209
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-28 18:08:45.982
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\verifier.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-10 21:15:45.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\Engine\21.3.0.12\asoehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 68%
Total physical RAM: 2811.89 MB
Available physical RAM: 898.55 MB
Total Pagefile: 5858.29 MB
Available Pagefile: 3770.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.23 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:145.17 GB) (Free:43.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Programme) (Fixed) (Total:74.56 GB) (Free:70.28 GB) NTFS
Drive e: (Daten) (Fixed) (Total:68.36 GB) (Free:18.79 GB) NTFS
Drive g: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.99 GB) FAT32
Drive h: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 80D2F3EE)
Partition 1: (Active) - (Size=145 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=1 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 23.08.2014, 20:12

hi,

Addition.txt fehlt. Aber das ist kein Malware Problem. HDD teste, RAM testen, Temps auslesen.

DJ_Chris · 23.08.2014, 20:25

Ergebnis gmer:

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-23 20:16:21
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 Hitachi_HTS543232L9A300 rev.FB4OC40F 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\admin\AppData\Local\Temp\uwtiipoc.sys


---- System - GMER 2.1 ----

SSDT            8BB9DE16                                                                                         ZwCreateSection
SSDT            8BB9DE20                                                                                         ZwRequestWaitReplyPort
SSDT            8BB9DE1B                                                                                         ZwSetContextThread
SSDT            8BB9DE25                                                                                         ZwSetSecurityObject
SSDT            8BB9DE2A                                                                                         ZwSystemDebugControl
SSDT            8BB9DDB7                                                                                         ZwTerminateProcess

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!KeSetEvent + 215                                                                    824FA860 4 Bytes  [16, DE, B9, 8B]
.text           ntkrnlpa.exe!KeSetEvent + 539                                                                    824FAB84 4 Bytes  [20, DE, B9, 8B]
.text           ntkrnlpa.exe!KeSetEvent + 56D                                                                    824FABB8 4 Bytes  [1B, DE, B9, 8B]
.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                                    824FAC1C 4 Bytes  [25, DE, B9, 8B]
.text           ntkrnlpa.exe!KeSetEvent + 619                                                                    824FAC64 4 Bytes  [2A, DE, B9, 8B]
.text           ...                                                                                              
?               C:\windows\System32\Drivers\SafeBoot.sys                                                         Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
.text           C:\windows\system32\DRIVERS\atikmdag.sys                                                         section is writeable [0x9EA0D000, 0x1FB97A, 0xE8000020]

---- Devices - GMER 2.1 ----

Device                                                                                                           Ntfs.sys
Device                                                                                                           fastfat.SYS
Device                                                                                                           InCDFs.sys

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                          Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                          Wdf01000.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                           tdrpman.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume1                                                           timntr.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                           tdrpman.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume2                                                           timntr.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                           tdrpman.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume3                                                           timntr.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                           tdrpman.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume4                                                           timntr.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                           tdrpman.sys
AttachedDevice  \Driver\volmgr \Device\HarddiskVolume5                                                           timntr.sys
AttachedDevice                                                                                                   fltmgr.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186d9bada                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186d9bada@d4206d174882         0x59 0x8E 0x8F 0xBF ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\002186d9bada@0018319fc2f7         0xBB 0x73 0xA3 0x9C ...
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002186d9bada (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002186d9bada@d4206d174882             0x59 0x8E 0x8F 0xBF ...
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\002186d9bada@0018319fc2f7             0xBB 0x73 0xA3 0x9C ...

---- EOF - GMER 2.1 ----

Hallo zurück,

hier nochmal die Addition.txt:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version:2-08-2014
Ran by admin at 2014-08-03 01:28:09
Running from C:\Users\admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
Acronis*True*Image*Home (HKLM\...\{633A06C3-B709-479A-AAB3-5EE94AD9EE4B}) (Version: 11.0.8064 - Acronis)
ActivClient x86 (Version: 6.2 - ActivIdentity) Hidden
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (HKLM\...\Adobe_5f143314a5d434c8511097393d17397) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.17 (HKLM\...\Amazon MP3-Downloader) (Version: 1.0.17 - Amazon Services LLC)
AN QuickNote Version 5 (HKLM\...\AN QuickNote_is1) (Version: 5.0.0.00 - AN-Soft A. Neumann)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM\...\ASIO4ALL) (Version:  - )
ATI Catalyst Install Manager (HKLM\...\{32D95F2D-17A3-9457-667D-DC603227295F}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)
AudioCon (HKLM\...\AudioCon) (Version: 1.0 - Basement Softworks)
AuthenTec Fingerprint System (Version: 8.0.202.0 - AuthenTec, Inc.) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.5.464 - Avira)
Avira Savings Advisor (HKLM\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
BIOS Configuration for HP ProtectTools (HKLM\...\{9CDB5063-D699-42BA-9135-7B8C4ECAC856}) (Version: 4.00 B1 - Hewlett-Packard)
Bonjour (HKLM\...\{0CB9668D-F979-4F31-B8B8-67FE90F929F8}) (Version: 2.0.2.0 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Czech (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Danish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Finnish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization German (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Greek (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Spanish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0521.920.14728 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0521.920.14728 - ATI) Hidden
CCC Help Chinese Standard (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Czech (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Danish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Dutch (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help English (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Finnish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help French (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help German (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Greek (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Hungarian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Italian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Japanese (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Korean (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Norwegian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Polish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Portuguese (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Russian (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Spanish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Swedish (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Thai (Version: 2008.0521.0919.14728 - ATI) Hidden
CCC Help Turkish (Version: 2008.0521.0919.14728 - ATI) Hidden
ccc-core-static (Version: 2008.0521.920.14728 - ATI) Hidden
ccc-utility (Version: 2008.0521.920.14728 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Credential Manager for HP ProtectTools (Version: 4.1.6.1484 - Hewlett-Packard Company) Hidden
CrystalDiskInfo 4.2.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 4.2.0a - Crystal Dew World)
Drive Encryption for HP ProtectTools (Version: 4.0.24 - Hewlett-Packard) Hidden
Elevated Installer (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
ESU for Microsoft Vista SP1 (HKLM\...\{01F81577-D786-49D7-BAAF-B8A8B44CE251}) (Version: 1.00.3.1 - Hewlett-Packard)
Exif-Viewer 2.50  (HKLM\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
File Sanitizer For HP ProtectTools (HKLM\...\{789C97CE-9E17-4126-BDF4-11FF458BF705}) (Version: 1.0.0.19 - Hewlett-Packard)
File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
Firebird SQL Server - MAGIX Edition (HKLM\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.3.1.514 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.5.3 - Ellora Assets Corporation)
Garmin Express (HKLM\...\{e47a5c85-88a2-47d2-b380-fc2e763c2e6d}) (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version:  - )
Greenshot 1.1.7.17 (HKLM\...\Greenshot_is1) (Version: 1.1.7.17 - Greenshot)
HP 3D DriveGuard (HKLM\...\{2ACA66D0-7C67-4235-90B5-7AB382FF8633}) (Version: 3.10 A8 - Hewlett-Packard)
HP Active Support Library (HKLM\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{420BBA1D-B275-4891-838C-EA88FE87A632}) (Version: 5.4.0.2423 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{8BB128BE-2670-485D-A221-B00715BCEBCF}) (Version: 5.4.0.2423 - Hewlett-Packard)
HP Help and Support (HKLM\...\{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}) (Version: 2.0.9.0 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6202 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6202 - HP)
HP JavaCard for HP ProtectTools (Version: 04.10.10.0003 - Hewlett-Packard) Hidden
HP ProtectTools Security Manager (Version: 04.10.10.0003 - Hewlett-Packard) Hidden
HP ProtectTools Security Manager Suite (HKLM\...\{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}) (Version: 04.10.10.0003 - Hewlett-Packard)
HP Quick Launch Buttons (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.14.1 - Hewlett-Packard Company)
HP Software Setup 5.00.A.7 (HKLM\...\{70CEFEBA-F757-4DBE-8A21-027C326137CE}) (Version: 5.00.A.7 - Hewlett-Packard Company)
HP Update (HKLM\...\{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}) (Version: 5.002.007.004 - Hewlett-Packard)
HP User Guides 0108 (HKLM\...\{B79DB290-9F72-4B20-9776-848D7832705B}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.4 - Hewlett-Packard)
HP Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.39004.0 - Sonix)
HP Webcam Application (HKLM\...\{154E4F71-DFC0-4B31-8D99-F97615031B02}) (Version: 1.0.020.0418 - Chicony Electronics Co.,Ltd.)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.1.0 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version:  - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1251 - InterVideo Inc.)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kabel Deutschland Installations-Software (Version: 3.6.0.0 - Kabel Deutschland Vertrieb und Services GmbH) Hidden
LightScribe System Software (HKLM\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
Lupas Rename 2000 v5.0 Release (HKLM\...\Lupas Rename 2000_is1) (Version:  - Ivan Anton Albarracin)
MAGIX Speed burnR (MSI) (HKLM\...\{8544556F-92C9-478E-9ABC-BC2823E39577}) (Version: 7.0.2.6 - MAGIX AG)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
M-Audio Series II MIDI (HKLM\...\{379BD39E-F13E-458F-96D8-56BD7F2CC516}) (Version: 4.2.03v8 - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.7 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.50330 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKCU\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Firefox 8.0.1 (x86 de) (HKLM\...\Mozilla Firefox 8.0.1 (x86 de)) (Version: 8.0.1 - Mozilla)
Mp3tag v2.61a (HKLM\...\Mp3tag) (Version: v2.61a - Florian Heidenreich)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Native Instruments Audio Kontrol 1 (HKLM\...\Native Instruments Audio Kontrol 1) (Version:  - )
Native Instruments Audio Kontrol 1 Driver (Version: 2.0.15.007 - Native Instruments) Hidden
Native Instruments Audio Kontrol 1 Support Files (Version:  - Native Instruments) Hidden
Native Instruments Controller Editor (Version: 1.2.5.409 - Native Instruments) Hidden
Native Instruments Service Center (Version: 2.2.3.537 - Native Instruments) Hidden
Native Instruments Traktor (Version: 1.2.6.8491 - Native Instruments) Hidden
Nero 7 Essentials (HKLM\...\{45B3A3BD-F90D-48FE-A147-D74878A51031}) (Version: 7.03.0920 - Nero AG)
NetObjects Fusion 9.0 (HKLM\...\{BF42D245-9AD6-4149-A091-1D6C4790AB31}) (Version: 9.0 - )
NWZ-B160 WALKMAN Guide (HKLM\...\{B1A8A5D7-0613-4373-BB0C-2AA428C935BD}) (Version: 2.1.0.24141 - Sony Corporation)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PhraseExpress v10.1.24 (HKLM\...\PhraseExpress_is1) (Version: 10.1.24 - Bartels Media GmbH)
QLBCASL (Version: 6.40.17.2 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.0.12094_28 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8g (HKLM\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Skins (Version: 2008.0521.920.14728 - ATI) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5820 - Analog Devices)
Spyder3Pro (HKLM\...\Spyder3Pro) (Version:  - )
Steinberg Cubase LE 4 (HKLM\...\{AB3C4AC6-C401-4132-A8B5-265899A9C0E8}) (Version: 4.1.3.853 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Essential Set (HKLM\...\{C04D5974-F528-4347-A494-EAF56124CC1A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
Syncrosoft Lizenz Kontrolle (HKLM\...\Syncrosoft License Control) (Version:  - SIA Syncrosoft)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
Textbausteinverwaltung Outlook Add-In v9.0.2 (HKLM\...\Textbausteinverwaltung Outlook Add-In_is1) (Version: 9.0.2 - Bartels Media GmbH)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.4000.271 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.4000.271 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.4000.271 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Vista Default Settings (HKLM\...\{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}) (Version: 1.0.7.1 - Hewlett-Packard)
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
WebTablet IE Plugin (HKLM\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_DE_is1) (Version: 15.0.1.7 - ZONER software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1794854254-3813751068-1490861199-1004_Classes\CLSID\{3f04dadf-6ea4-44d1-a507-03cad176f443}\InprocServer32 -> C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.)
CustomCLSID: HKU\S-1-5-21-1794854254-3813751068-1490861199-1004_Classes\CLSID\{6fc9af94-39ee-5a57-935c-17c37e34e33b}\InprocServer32 -> C:\Users\admin\AppData\Local\Ignite\npOCDM.1.1.4.0.dll No File

==================== Restore Points  =========================

13-07-2014 14:55:14 Geplanter Prüfpunkt
14-07-2014 16:10:11 Geplanter Prüfpunkt
16-07-2014 21:03:57 Geplanter Prüfpunkt
21-07-2014 17:17:54 Geplanter Prüfpunkt
22-07-2014 18:39:42 Installed QuickTime 7
23-07-2014 17:55:23 Geplanter Prüfpunkt
25-07-2014 22:09:45 Geplanter Prüfpunkt
27-07-2014 20:19:43 Geplanter Prüfpunkt
28-07-2014 15:07:27 Geplanter Prüfpunkt
30-07-2014 09:33:21 Geplanter Prüfpunkt
31-07-2014 19:54:28 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {012C4FE0-059C-42BF-A5F2-E8071E842788} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files\avira\Internet Explorer\swu.vbs"
Task: {1145C7FA-9D1D-4D02-8188-921CA3358FC2} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {18DFD9FC-082E-4E9B-8285-5F21D2B4EDAE} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1B92FA73-3FF3-48F4-B463-4E8A242FE530} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {1CC9D87E-9461-4237-AB88-237B340C4920} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {2B034243-4021-444A-88CF-DD651C05B084} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {38727862-101B-4C19-A5AE-9212F2AD9B55} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {413335FC-0E49-40F9-95C8-A6CA1DEE5B20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {57E905F1-A279-4DB4-8158-EF1D6A136B03} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-01-12] (Hewlett-Packard)
Task: {5916F864-469C-4391-8604-E4EA141A2699} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {7C5A51E8-1AD7-48C6-8879-257A8A9609F5} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {7D0FCFBF-24A2-400E-820E-0569051219E9} - System32\Tasks\Hewlett-Packard-Online-Aktualisierungsprogramm => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard)
Task: {8B0E6FAB-F43A-4988-AF0A-A21646C212F0} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {9ED703A9-5FFD-40D5-895A-4385EE1509DE} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {9FA5C236-82BC-402A-8C80-1B10073C4B3C} - System32\Tasks\{F2086498-8117-4A3B-B515-1B3CF8961D23} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-18] (Skype Technologies S.A.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-06-18 21:52 - 2005-01-06 18:33 - 00116224 _____ () C:\windows\System32\redmonnt.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2011-05-20 17:26 - 2010-10-21 09:38 - 00962416 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-01-28 17:09 - 2014-01-28 17:09 - 00607032 _____ () C:\Program Files\TuneUp Utilities 2013\avgreplibx.dll
2008-05-21 11:38 - 2008-05-21 11:38 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-08-24 19:54 - 2014-03-10 18:41 - 00457000 _____ () D:\Program Files\PhraseExpress\pexlang.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2013-08-24 19:58 - 2013-04-04 12:57 - 04053504 _____ () D:\Program Files\PhraseExpress\pexmsol.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-07-30 11:23 - 2014-07-30 11:23 - 03800688 _____ () D:\Program Files\Mozilla Firefox\mozjs.dll
2014-07-09 13:45 - 2014-07-09 13:45 - 17029808 _____ () C:\windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\windows\pss\Audible Download Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk => C:\windows\pss\DVD Check.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Spyder3Utility.lnk => C:\windows\pss\Spyder3Utility.lnk.CommonStartup
MSCONFIG\startupreg: GarminExpressTrayApp => "D:\Program Files\Garmin\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: InCD => D:\Program Files\Nero 7\InCD\InCD.exe
MSCONFIG\startupreg: KiesAirMessage => D:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => D:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => D:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

==================== Faulty Device Manager Devices =============

Name: Wacom Virtual Hid Driver
Description: Wacom Virtual Hid Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Wacom
Service: wacomvhid
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/03/2014 01:03:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2014 01:02:11 AM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/02/2014 11:13:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2014 11:12:36 AM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (08/01/2014 06:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2014 06:24:22 PM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/31/2014 05:06:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2014 05:05:33 PM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (07/31/2014 11:25:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2014 11:25:03 AM) (Source: DYMO Pnp Service) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.Runtime.InteropServices.COMException (0x80004015): Die Klasse wurde so konfiguriert, dass sie unter einer anderen Sicherheitskennung als der Aufrufer ausgeführt werden kann. (Ausnahme von HRESULT: 0x80004015)
   bei System.Runtime.InteropServices.ComTypes.IRunningObjectTable.Register(Int32 grfFlags, Object punkObject, IMoniker pmkObjectName)
   bei PnpService.RunningObjectTableEntry..ctor(Object obj)
   bei PnpService.QueryAutoPlay..ctor(PnpService pnpService)
   bei PnpService.PnpService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (08/03/2014 01:12:49 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/03/2014 01:03:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ntcdrdrv
wkegye

Error: (08/03/2014 01:03:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/03/2014 01:01:58 AM) (Source: Dhcpv6) (EventID: 1000) (User: )
Description: Die Lease dieses Computers zu der IP-Adresse *ü└P über die Netzwerkkarte mit der Netzwerkadresse 00226476E7C8 ist verloren gegangen.

Error: (08/02/2014 11:17:18 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (08/02/2014 11:14:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: ntcdrdrv
wkegye

Error: (08/02/2014 11:14:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {0590AEC3-61EF-4C31-AAED-734A4E619247}

Error: (08/02/2014 11:13:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (08/02/2014 11:12:22 AM) (Source: Dhcpv6) (EventID: 1000) (User: )
Description: Die Lease dieses Computers zu der IP-Adresse *ü└P über die Netzwerkkarte mit der Netzwerkadresse 00226476E7C8 ist verloren gegangen.

Error: (08/01/2014 06:34:57 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (04/22/2014 06:31:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 34 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/12/2014 00:58:44 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 21458 seconds with 3060 seconds of active time.  This session ended with a crash.

Error: (02/02/2014 06:20:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 131 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (09/21/2013 02:47:55 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5001, Microsoft Office Version: 12.0.6612.1000. This session lasted 29 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/14/2013 11:29:59 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 190 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (01/21/2013 07:52:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 83 seconds with 60 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-07-29 00:25:14.330
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:13.536
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:12.696
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:11.880
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:05.511
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:04.735
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:03.933
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-29 00:25:03.209
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-28 18:08:45.982
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\verifier.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-10 21:15:45.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files\Norton Internet Security\Engine\21.3.0.12\asoehook.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 68%
Total physical RAM: 2811.89 MB
Available physical RAM: 898.55 MB
Total Pagefile: 5858.29 MB
Available Pagefile: 3770.58 MB
Total Virtual: 2047.88 MB
Available Virtual: 1878.23 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:145.17 GB) (Free:43.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Programme) (Fixed) (Total:74.56 GB) (Free:70.28 GB) NTFS
Drive e: (Daten) (Fixed) (Total:68.36 GB) (Free:18.79 GB) NTFS
Drive g: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.99 GB) FAT32
Drive h: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 80D2F3EE)
Partition 1: (Active) - (Size=145 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=143 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=1 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

die avguard-Logfile und die malware-Logfile sind zu lang, deshalb möchte sie als Archiv-Anhang hochladen - ich finde jedoch den Dialog "Anhänge verwalten" bzw. "hochladen" nicht.

Zitat:

HDD teste, RAM testen, Temps auslesen.

Wie kann ich das tun?

schrauber · 24.08.2014, 06:54

Zitat:

Wie kann ich das tun?

Mit entsprechenden Tools. Eröffne ein Thema im Windows Bereich im Forum, hier ist Malware Removal.

DJ_Chris · 24.08.2014, 20:49

Hallo Schrauber,

erst einmal vielen Dank. Ich habe es dort gepostet. Ich bin gespannt.

VG

schrauber · 25.08.2014, 12:19

ok

DJ_Chris · 28.11.2014, 22:47

Hi,

sorry, dass ich erst jetzt eine Rückmeldung poste.
Der Rechner hat sich zwischenzeitlich verabschiedet.
Mainboard kaputt, BIOS fährt nicht mehr hoch.

Dennoch DANKE für Eure Unterstützung.

VG
DJ_Chris

schrauber · 29.11.2014, 19:55

ok

DJ_Chris · 29.11.2014, 20:29

Naja, also meine Stimmung dazu ist eher

schrauber · 30.11.2014, 08:52

Glaub ich direkt.

23.08.2014, 20:12	#2
schrauber /// the machine /// TB-Ausbilder	Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus hi, Addition.txt fehlt. Aber das ist kein Malware Problem. HDD teste, RAM testen, Temps auslesen. __________________ __________________

25.08.2014, 12:19	#6
schrauber /// the machine /// TB-Ausbilder	Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus ok __________________ --> Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus

29.11.2014, 19:55	#8
schrauber /// the machine /// TB-Ausbilder	Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

30.11.2014, 08:52	#10
schrauber /// the machine /// TB-Ausbilder	Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus Glaub ich direkt. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus

Log-Analyse und Auswertung: Windows Vista 32-bit: hohe Systemlast mit lautem Laufgeräusch - Programm-Aussetzer - Rechner läuft heiß und geht aus