| |
| |||||||
Log-Analyse und Auswertung: Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.GenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.11.2014, 16:56
| #1 |
 |  Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen Betriebssystem: Windows 7 Home Premium 32-Bit, Virenscanner Avira Personal Edition Das ganze ging los, dass sich Google Chrome nicht mehr starten lies und folgende Meldung kam: "Google Chrome ist abgestürtzt. Jetzt neu starten?" Bei "Ja", geht ein Fenster auf: " Chrome funktioniert nicht mehr. Es wird nach einer Lösung für das Problem gesucht." - dann nächstes Fenster "Das Programm wird aufgrund eines Problems ncícht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist." Habe dann Chrome deinstalliert und eine Neuinstallation vorgenommen - hat nichts gebracht. Zwischenzeitlich hat dass Avira immer wieder folgende Meldung gebracht: "Der Zugriff auf die Datei c:\windows\temp\... tmp0000b265 mit dem Virus oder dem unerwünschten Programm TR/Patched.Ren.Gen wurde blockiert. Datei entfernen oder weitere Informationen erhalten. Habe dann "Datei entfernen" gedrückt und das nächste Mal "weitere Informationen" - hat aber beidesmal nichts gebracht. Die Meldung kommt weiterhin! Habe dann verschiedenste Programme laufen lassen: CCleaner, Ad-Aware, Malwarebytes, Spybot, ADWcleaner, RegouKiller, Eset-Online-Scanner Anbei die aktuellen Protokolle FRST und Addition:  ********************************************* Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-11-2014 Ran by XXXX at 2014-11-01 16:34:16 Running from C:\Users\Abra\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768- AAE50FA36859} AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1- DAEA-0033-9B8057AAB996} AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564 -3A83-A0F22C2DF32B} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8- 9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae- 9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1- 3CCA-732D-A930-C1CA5F20A4B0} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C- 32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett- Packard) Hidden 8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden 8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden 8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4} _AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft) AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated) Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen (HKLM \...\Adobe_b0efd5c6e27241b2a2a88dbddd25245) (Version: 1.0 - Adobe Systems Incorporated) Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031- 7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0- C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.) Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF}) (Version: 9.0.1044.9177 - AKVIS) AKVIS NatureArt (HKLM\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 5.0.1319.9143 - AKVIS) AKVIS Retoucher (HKLM\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS) Alamy SizeCheck (HKLM\...\{8C1A4413-DE43-4A42-8C35-DA60BB3590F3}) (Version: 1.1.6 - Braeside Communication Services) Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version: - Alien Skin) Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version: - Alien Skin) Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version: - Alien Skin) Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden Any DVD Cloner Platinum 1.1.2 (HKLM\...\Any DVD Cloner Platinum_is1) (Version: - dvdsmith.com) AnyDVD (HKLM\...\AnyDVD) (Version: - SlySoft) AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC) Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47- C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B- A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A- F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AquaSoft DiaShow 9 Ultimate (HKLM\...\AquaSoft DiaShow 9 Ultimate) (Version: 9.0.11 - AquaSoft) Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327- BB16-BED9C6219DC7}) (Version: 5.0 - Atheros) Audials (HKLM\...\{3726429A-5B2F-409B-AEB0-2C7F6B6A20E3}) (Version: 10.0.43701.100 - Audials AG) Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira) Banger Einzelplatz Verlage 1.1 (HKLM\...\Banger Einzelplatz Verlage_is1) (Version: - ) Bertelsmann Fotowelt (HKLM\...\Bertelsmann Fotowelt) (Version: - ) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden BuddyW 1.1.10 (HKLM\...\BuddyW_is1) (Version: - BuddyWorX) BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip) CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform) Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404- C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.) COLOR projects premium (32-Bit) (HKLM\... \COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.13 - Franzis Verlag GmbH) Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020- 0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Corel Applications (HKLM\...\Corel Applications) (Version: - ) CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101- A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.) CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED- 079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.) Das Telefonbuch Gelbe Seiten Map & Route (HKLM\...\DasTelefonbuch Gelbe Seiten Map & Route) (Version: - TVG Telefonbuch- und Verzeichnisverlag GmbH & Co. KG) DER PUNKT - Richmedia Plus Converter (HKLM\...\RichConverter) (Version: 1.01 - UNKNOWN) DER PUNKT - Richmedia Plus Converter (Version: 1.01 - UNKNOWN) Hidden DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432- 970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison) DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden DRI Tool 2.0 (HKLM\...\DRI Tool 2.0_is1) (Version: 2.0 - Traumflieger) Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) DxO Optics Pro 6 (HKLM\...\{F967C307-F5BF-4EDA-9634-8CF514180881}) (Version: 6.1.2 - DxO Labs) ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639- B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free Time) Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.) Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.5 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.) FreeFileSync 5.20 (HKLM\...\FreeFileSync) (Version: 5.20 - Zenju) FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - ) Genuine Fractals 6.0 Professional Edition (HKLM\...\{FCADA4FF-142C- 42A8-B73C-0A54A7F83345}) (Version: 6.0 - onOne Software) Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Talk Plugin (HKLM\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google) Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.) GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.) HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\... \CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - ) HDR projects professional (32-Bit) (HKLM\... \HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.24 - Franzis Verlag GmbH) Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version: - Helicon Soft Ltd.) Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett- Packard Company) Hidden HomepageFIX (HKLM\...\HomepageFIX_is1) (Version: Aktuelle Version - IN MEDIA KG) HP Customer Participation Program 13.0 (HKLM\... \HPExtendedCapabilities) (Version: 13.0 - HP) HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B- 537121A804CF}) (Version: 11.14.0001 - HP) HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32- BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Support Assistant (HKLM\...\{E35A3B13-78CD-4967-8AC8- AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE- 4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F- B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard) HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73- 83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard) HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company) indii.org/tintii (HKLM\...\tintii) (Version: - ) iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.) IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) join.me (HKCU\...\JoinMe) (Version: 1.9.0.133 - LogMeIn, Inc.) LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA- 0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.) LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden LightScribe System Software 1.14.17.1 (HKLM\...\{0E7DBD52-B097- 4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe) LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11- 0E914D366E0A}) (Version: 1.18.15.1 - LightScribe) Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM \...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\... \Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030 -0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB- 199F86A2CD93}) (Version: - Microsoft) Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version: - ) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005- 0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24 -7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\... \{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18- 4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\... \{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM \...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM \...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72- 8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E- 8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd) My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent) Namo WebEditor 8 (HKLM\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.) NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc) Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden NewsletterDesigner (HKLM\...\NewsletterDesigner_is1) (Version: Aktuelle Version - IN MEDIA KG) Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481- 981C82BD008B}) (Version: 7.1.69.0 - Nokia) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538- FA9AC725D62C}) (Version: 13.0 - HP) OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Pano2VR - Garden Gnome Software (HKLM\...\Pano2VR) (Version: - ) PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\... \PanoramaStudio2Pro) (Version: - ) PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A- AD153139297F}) (Version: 11.5.29.0 - Nokia) PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75- BA457CBDAEF2}) (Version: 4.0 - ) PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960- D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer) Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pop Art Studio 6.5 (HKLM\...\{AE48B3F0-0288-46CA-9859-3C2109E9BE7B}) (Version: 6.5 - Fotoview) Portrait Professional Studio 9.0 (HKLM\...\Portrait Professional Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.) PortraitPro Studio 12.2 (HKLM\...\PortraitProStudio12_is1) (Version: 12.2 - Anthropics Technology Ltd.) Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5- 0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.) Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9- 0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.) PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82- CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) RichKonverter (HKLM\...\de.derpunkt.richmediaplus.Konverter) (Version: 4.7 - UNKNOWN) RichKonverter (Version: 4.7 - UNKNOWN) Hidden RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software) Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.) SoftOrbits Photo Retoucher 1.3 (HKLM\...\SoftOrbits Photo Retoucher_is1) (Version: 1.3 - SoftOrbits) SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden Spelling Dictionaries Support For Adobe Reader 9 (HKLM\... \{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated) SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3- 9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts) Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68- FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD- 9005-EB058BBA0E14}_is1) (Version: - ) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics) Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - ) TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - ) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\... \{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F- 48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN) WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8- 0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation) Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM \...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia) WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e) XnViewMP 0.61 (HKLM\...\XnViewMP_is1) (Version: 0.61 - Gougelet Pierre-e) X-OOM Movie Clone 5 (HKLM\...\X-OOM Movie Clone_is1) (Version: 5 - X-OOM) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{022105BD-948A-40C9-AB42- A3300DDF097F}\localserver32 -> C:\Users\Abra\AppData\Local\Google \Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{047466F1-82AE-455A-AFC4- D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{0F22A205-CFB0-4679-8499- A6F44A80A208}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{22181302-A8A6-4F84-A541- E5CBFC70CC43}\localserver32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E- 114A56E93598}\localserver32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{39125640-8D80-11DC-A2FE- C5C455D89593}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google \Google Talk Plugin\googletalkax.dll (Google) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{444785F1-DE89-4295-863A- D46C3A781394}\InprocServer32 -> C:\Users\Abra\AppData\LocalLow \Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106- C7EA6F30C119}\localserver32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{AB9F4455-E591-4132-A386- 0B91EAEDB96C}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google \Google Talk Plugin\o1dax.dll (Google) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9- 41FFC1A3C19D}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{C442AC41-9200-4770-8CC0- 7CDB4F245C55}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB- 05271AE86750}\localserver32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0- 948E6CB34B9F}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google \Update\1.3.25.5\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912- 1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1- CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows \system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0189B5E2-D027-475B-92C3-5BD30B45B5BC} - System32\Tasks\Apple \AppleSoftwareUpdate => C:\Program Files\Apple Software Update \SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {0B3FAA9D-B9AD-43AA-8CE4-E8D5621CD5E6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update \jusched.exe [2014-09-26] (Oracle Corporation) Task: {1027FE25-0662-44F6-BEFA-FE03BD2E88AF} - System32\Tasks \Abelssoft\Updater scan => C:\Program Files\CHIP Updater \CHIPUpdater.exe Task: {17D4CF18-1B36-49B8-B37A-1FE511DA6170} - System32\Tasks \Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated) Task: {1AA37F21-EA1C-4E91-BE2A-542590832DEB} - System32\Tasks \Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework \HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks \Microsoft\Windows\MobilePC\TMM Task: {1D591226-2AD0-4166-8CFE-5AF5771A4509} - System32\Tasks \GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912- 1000Core => C:\Users\Abra\AppData\Local\Google\Update \GoogleUpdate.exe [2013-12-06] (Google Inc.) Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks \Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows \system32\gatherWiredInfo.vbs Task: {5D6FA2BD-6BCD-4F63-A02F-DDCF530D9AAC} - System32\Tasks \CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09 -25] (Piriform Ltd) Task: {6FC93961-F7EF-4C2E-83EA-978636AFD9B2} - System32\Tasks \{2D04646A-6173-4B20-B08F-77BAE22E8D8F} => Chrome.exe Task: {7719501C-195E-4D96-BB87-F7B4F5846F70} - System32\Tasks \{A8796C35-190E-4BFF-A5B9-609BC6BE5DF5} => Chrome.exe Task: {9B841344-248D-425B-9E98-7F7687F29CB9} - System32\Tasks \Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources \HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett- Packard) Task: {9E76933B-518B-4492-A98C-C4B1CBE9EDCE} - System32\Tasks \Hewlett-Packard\HP Support Assistant\PC Health Analysis => C: \Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013- 11-04] (Hewlett-Packard Company) Task: {9FE713D6-2BE1-4821-A2F6-FFA0670635A8} - System32\Tasks \ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft \Connection Service\Bin\ACDaemon.exe Task: {A7F4A989-0006-4B13-91A1-C4CA9CA26216} - System32\Tasks \Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe Task: {B249A444-7CE8-41B0-949E-981AB3BAD597} - System32\Tasks \Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe Task: {B8C25482-F04D-49B2-8748-414697DE72B0} - System32\Tasks \GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update \GoogleUpdate.exe [2014-10-30] (Google Inc.) Task: {D73C3837-DC35-433B-921E-D3960E5E5ED0} - System32\Tasks \GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912- 1000UA => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.) Task: {DB12B18F-923A-4505-BA3A-D5BAA6DB355D} - System32\Tasks \GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update \GoogleUpdate.exe [2014-10-30] (Google Inc.) Task: {E1164DFF-D885-4FFB-ACC8-362D9F18738B} - System32\Tasks \Safer-Networking\Spybot - Search and Destroy\Scan the system => C: \Program Files\Spybot - Search & Destroy 2\SDScan.exe Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks \Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows \system32\gatherWirelessInfo.vbs Task: {E9D79F23-CC88-4F18-9F19-B47626B0AE73} - System32\Tasks\HP- Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard) Task: {EF82D5E4-CD07-40AE-A249-10FF740128A0} - System32\Tasks \InternetServiceOffers => C:\Program Files\Hewlett-Packard\HP TCS \RemEngine.exe [2008-10-01] () Task: {F69E8D8E-6AE6-495A-ABA4-826E22489983} - System32\Tasks \Hewlett-Packard\HP Support Assistant\Update Check => C: \ProgramData\Hewlett-Packard\HP Support Framework\Resources \Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {F9054B7A-31D3-4FA8-86C9-1273BB98C59A} - System32\Tasks \Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799- 2210533201-1949205912-1000Core.job => C:\Users\Abra\AppData\Local \Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799- 2210533201-1949205912-1000UA.job => C:\Users\Abra\AppData\Local \Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-05-16 09:22 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows \System32\redmonnt.dll 2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareService.exe 2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_thread-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_system-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_chrono-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_date_time-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareServiceKernel.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\RCF.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_regex-vc100-mt-1_55.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareActivation.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareApplicationUpdater.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareGamingMode.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareReset.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareTime.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareDefinitionsUpdater.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareIgnoreList.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareQuarantine.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareAntiMalwareEngine.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareAntiRootkitEngine.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareScannerHistory.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareScanner.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_timer-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareScannerScheduler.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareRealTimeProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareIncompatibles.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareAntiSpam.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareAntiPhishing.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareParentalControl.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareWebProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareEmailProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareNetworkProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwarePromo.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareFeedback.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareThreatWorkAlliance.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwarePinCode.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareNotice.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareAvcEngine.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareRealTimeProtectionHistory.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\SecurityCenter.dll 2008-10-26 15:59 - 2008-10-06 09:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe 2008-10-26 15:59 - 2008-10-06 09:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll 2008-10-26 15:52 - 2008-09-15 15:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe 2014-10-28 15:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-10-28 15:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl 2014-10-28 15:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-10-28 15:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll 2014-10-28 15:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2012-04-18 12:21 - 2010-12-14 08:33 - 00398128 _____ () C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe 2010-06-24 09:20 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareTray.exe 2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\boost_locale-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\HtmlFramework.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\DllStorage.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareTrayDefaultSkin.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\Localization.dll 2008-09-30 16:52 - 2008-09-30 16:52 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll 2008-09-30 16:56 - 2008-09-30 16:56 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll 2008-09-30 16:51 - 2008-09-30 16:51 - 00118784 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll 2008-09-30 16:51 - 2008-09-30 16:51 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll 2008-09-30 16:51 - 2008-09-30 16:51 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll 2008-09-30 16:51 - 2008-09-30 16:51 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll 2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows \system32\msjetoledb40.dll 2008-09-30 16:51 - 2008-09-30 16:51 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll 2008-09-30 16:52 - 2008-09-30 16:52 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll 2007-07-12 12:55 - 2007-07-12 12:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll 2007-08-14 12:59 - 2007-08-14 12:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll 2007-07-12 12:55 - 2007-07-12 12:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll 2010-06-24 09:20 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe 2009-06-29 05:13 - 2008-09-23 16:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll 2008-10-26 14:51 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe 1998-05-31 23:00 - 1998-05-31 23:00 - 03792896 _____ () C:\Program Files\Microsoft Office\Office\MSO97.DLL 2014-11-01 11:30 - 2014-11-01 11:30 - 00043008 _____ () c:\users \abra\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766- 8f84-3e3e7ecf0d81}.tmpzjf1yd.dll 2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users \Abra\AppData\Roaming\Dropbox\bin\libcef.dll 2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2011-01-17 16:19 - 2012-02-06 12:25 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll 2014-10-30 20:58 - 2014-10-30 20:58 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2009-08-05 20:44 - 2008-08-08 06:04 - 00083392 _____ () C: \Programme_NEU\totalcmd\wcmzip32.dll 2009-08-05 20:44 - 2008-08-08 06:04 - 00168448 _____ () C: \Programme_NEU\totalcmd\unRAR.dll 2014-10-20 11:27 - 2014-10-20 11:27 - 16832176 _____ () C:\Windows \system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows:3F0192B3D5C09180 AlternateDataStreams: C:\Windows:AstInfo AlternateDataStreams: C:\Users\Abra\AppData\Local \VcTuc86YT6Z:zuRfTVhHttXAFSR3lWD9nw9FH38 AlternateDataStreams: C:\ProgramData\Temp:3241321C AlternateDataStreams: C:\ProgramData\Temp:810B9F0D AlternateDataStreams: C:\ProgramData\Temp:B6AC352B AlternateDataStreams: C:\ProgramData\Temp:B946D9EE ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: AnyDVD => "C:\Program Files\SlySoft\AnyDVD \AnyDVD.exe" MSCONFIG\startupreg: msnmsgr => "C:\Program Files\MSN Messenger \msnmsgr.exe" /background ========================= Accounts: ========================== Abra (S-1-5-21-2602968799-2210533201-1949205912-1000 - Administrator - Enabled) => C:\Users\Abra Administrator (S-1-5-21-2602968799-2210533201-1949205912-500 - Administrator - Disabled) Gast (S-1-5-21-2602968799-2210533201-1949205912-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2602968799-2210533201-1949205912-1002 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/01/2014 04:29:19 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014aee ID des fehlerhaften Prozesses: 0x1ce4 Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Error: (11/01/2014 11:31:52 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: ) Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src \HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials) bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn) bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext) bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri) bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument (String path) ValidateDocument failed Business\SearchTargets.xml Error: (11/01/2014 11:25:45 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/31/2014 04:57:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Snapseed.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1d28 Startzeit: 01cff510fdd67570 Endzeit: 1383 Anwendungspfad: C:\Program Files\Nik Software\Snapseed\Snapseed.exe Berichts-ID: 83850851-6116-11e4-ac82-001f16dbb3c2 Error: (10/31/2014 04:56:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014aee ID des fehlerhaften Prozesses: 0x1eac Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Error: (10/31/2014 08:42:23 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: ) Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src \HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials) bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn) bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext) bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri) bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument (String path) ValidateDocument failed Business\SearchTargets.xml Error: (10/31/2014 08:38:49 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/30/2014 04:36:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b Ausnahmecode: 0xc0000005 Fehleroffset: 0x00014aee ID des fehlerhaften Prozesses: 0x268 Startzeit der fehlerhaften Anwendung: 0xchrome.exe0 Pfad der fehlerhaften Anwendung: chrome.exe1 Pfad des fehlerhaften Moduls: chrome.exe2 Berichtskennung: chrome.exe3 Error: (10/30/2014 03:33:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: xnview.exe, Version: 1.98.0.0, Zeitstempel: 0x4e259822 Name des fehlerhaften Moduls: gsdll32.dll, Version: 0.0.0.0, Zeitstempel: 0x4e3bdc56 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00265900 ID des fehlerhaften Prozesses: 0x1634 Startzeit der fehlerhaften Anwendung: 0xxnview.exe0 Pfad der fehlerhaften Anwendung: xnview.exe1 Pfad des fehlerhaften Moduls: xnview.exe2 Berichtskennung: xnview.exe3 Error: (10/30/2014 08:36:44 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: ) Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src \HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize) bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials) bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn) bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext) bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri) bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument (String path) ValidateDocument failed Business\SearchTargets.xml System errors: ============= Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte. Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC- Adresse noch die GUID verfügbar waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar. Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte. Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC- Adresse noch die GUID verfügbar waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar. Error: (10/29/2014 05:18:55 PM) (Source: volsnap) (EventID: 25) (User: ) Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen. Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte. Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC- Adresse noch die GUID verfügbar waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar. Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte. Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC- Adresse noch die GUID verfügbar waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar. Error: (10/28/2014 03:23:28 PM) (Source: Microsoft-Windows-WHEA- Logger) (EventID: 20) (User: NT-AUTORITÄT) Description: Schwerwiegender Hardwarefehler. Komponente: AMD Northbridge Fehlerquelle: 3 Fehlertyp: 11 Prozessor-ID: 0 Die Detailansicht dieses Eintrags beinhaltet weitere Informationen. Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte. Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC- Adresse noch die GUID verfügbar waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar. Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte. Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC- Adresse noch die GUID verfügbar waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar. Microsoft Office Sessions: ========================= Error: (09/13/2012 08:44:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 880 seconds with 840 seconds of active time. This session ended with a crash. Error: (09/13/2012 08:28:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4045 seconds with 1980 seconds of active time. This session ended with a crash. Error: (08/20/2012 02:58:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 726 seconds with 660 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: AMD Athlon Dual-Core QL-65 Percentage of memory in use: 64% Total physical RAM: 2814.43 MB Available physical RAM: 996.78 MB Total Pagefile: 5628.85 MB Available Pagefile: 3441.11 MB Total Virtual: 2047.88 MB Available Virtual: 1912.29 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:287.56 GB) (Free:14.89 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.76 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 627525ED) Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================ **************************************** Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01- 11-2014 Ran by XXXX (administrator) on ARBEITSLAPTOP on 01-11-2014 16:31:55 Running from C:\Users\Abra\Downloads Loaded Profile: Abra (Available profiles: Abra) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to- use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Nalpeiron Ltd.) C:\Windows\System32\ASTSRV.EXE (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareService.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe \LSSrvc.exe () C:\Program Files\SMINST\BLService.exe () C:\Program Files\CyberLink\Shared files\RichVideo.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe () C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe (Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files \Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files \Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe (CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared \hpqwmiex.exe (Microsoft Corporation) C:\Program Files\Microsoft Office \Office12\GrooveMonitor.exe (shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe (Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Hewlett-Packard) C:\Program Files\HP\HP Software Update \hpwuschd2.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update \jusched.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files \Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus \11.4.6792.0\AdAwareTray.exe (Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor \HPAdvisor.exe (Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe \LightScribeControlPanel.exe () C:\Program Files\RocketDock\RocketDock.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) C:\Windows\ehome\ehmsas.exe () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin \hpqtra08.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office \MSOFFICE.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office\Office \FINDFAST.EXE (Dropbox, Inc.) C:\Users\Abra\AppData\Roaming\Dropbox\bin \Dropbox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office \Office12\ONENOTEM.EXE (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program \soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program \soffice.bin (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin \hpqste08.exe (Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin \hpqbam08.exe (Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin \hpqgpc01.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF \PresentationFontCache.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (C. Ghisler & Co.) C:\Programme_NEU\totalcmd\TOTALCMD.EXE (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin- container.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash \FlashPlayerPlugin_15_0_0_189.exe (Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash \FlashPlayerPlugin_15_0_0_189.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP \SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.) HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett- Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.) HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows \system32\NvCpl.dll,NvStartup HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett- Packard Development Company, L.P.) HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay \QPService.exe [468264 2008-09-23] (CyberLink Corp.) HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam \MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.) HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink \LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink \Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink \PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.) HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.) HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office \Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple \Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.) HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP \fpassist.exe [371200 2011-02-23] (shbox.de) HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop \avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG) HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe \ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files \Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] () HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files\hewlett- packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard) Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X] HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation) HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor \HPAdvisor.exe [972080 2008-09-30] (Hewlett-Packard) HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files \LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company) HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [Google Update] => C:\Users\Abra\AppData\Local\Google\Update \GoogleUpdate.exe [116648 2013-12-06] (Google Inc.) HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4810520 2014-09-25] (Piriform Ltd) Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu \Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Abra\AppData\Roaming \Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu \Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office \Office12\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu \Programs\Startup\OpenOffice.org 3.3.lnk ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files \OpenOffice.org 3\program\quickstart.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Startup\HP Digital Imaging Monitor.lnk ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files \HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Startup\Microsoft Office Shortcut-Leiste.lnk ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs \Startup\Microsoft-Indexerstellung.lnk ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files \Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation) BootExecute: autocheck autochk * sdnclean.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr? TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB- D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74- 9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC) DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C: \Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C: \Program Files\Common Files\Microsoft Shared\Information Retrieval \msitss.dll (Microsoft Corporation) Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default FF SelectedSearchEngine: Google FF Homepage: hxxp://www.tixuma.de/?ref=46589 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed \Flash\NPSWF32_15_0_0_189.dll () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe \Director\np32dsw_1213153.dll (Adobe Systems, Inc.) FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme_NEU\Mozilla Plugins\npitunes.dll () FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programme_NEU \Google\Picasa3\npPicasa3.dll (Google, Inc.) FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files \Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files \Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows \Microsoft.NET\Framework\v3.5\Windows Presentation Foundation \NPWPF.dll (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files \VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Abra \AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Abra\AppData \Roaming\Mozilla\plugins\npo1d.dll (Google) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C: \Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C: \Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users \Abra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox \plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox \plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming \mozilla\plugins\npgoogletalk.dll (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming \mozilla\plugins\npo1d.dll (Google) FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\avira-safesearch.xml FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox \Profiles\4dl4mn8n.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser \searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser \searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser \searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser \searchplugins\yahoo-de.xml FF Extension: Avira Browser Safety - C:\Users\Abra\AppData\Roaming \Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\abs@avira.com [2014-09-30] FF Extension: Microsoft .NET Framework Assistant - C:\Users\Abra \AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default \Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02] FF Extension: TinEye Reverse Image Search - C:\Users\Abra\AppData \Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions \tineye@ideeinc.com.xpi [2013-12-08] FF Extension: Web Developer - C:\Users\Abra\AppData\Roaming\Mozilla \Firefox\Profiles\4dl4mn8n.default\Extensions\{c45c406e-ab73-11d8- be73-000a95be3b12}.xpi [2012-10-27] FF Extension: Java Console - C:\Program Files\Mozilla Firefox \extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-30] FF Extension: Java Console - C:\Program Files\Mozilla Firefox \extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-30] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3- 08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows \Microsoft.NET\Framework\v3.5\Windows Presentation Foundation \DotNetAssistantExtension [2009-08-09] FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C: \Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-22] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C: \Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C: \Program Files\Mein Gutscheincode Finder\Firefox Chrome: ======= CHR Profile: C:\Users\Abra\AppData\Local\Google\Chrome\User Data \Default CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome- extension.crx [] CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Abra\AppData\Local\Temp\tbch.crx [] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop \sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop \avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop \AVWEBGRD.EXE [994552 2014-10-07] (Avira Operations GmbH & Co. KG) R2 astcc; C:\Windows\system32\astsrv.exe [57344 2009-05-29] (Nalpeiron Ltd.) [File not signed] S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed] S3 FLEXnet Licensing Service; C:\Program Files\Common Files \Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-03] (Macrovision Europe Ltd.) [File not signed] R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett- Packard Company) [File not signed] R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed] R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [File not signed] S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver \1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] () R2 LightScribeService; C:\Program Files\Common Files\LightScribe \LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed] R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010- 08-06] (Hewlett-Packard) [File not signed] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010- 08-06] (Hewlett-Packard) [File not signed] R2 Recovery Service for Windows; C:\Program Files\SMINST \BLService.exe [365952 2008-10-06] () R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed] R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate \OnlineUpdateSvc.exe [398128 2010-12-14] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed] R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [103360 2008-11- 12] (SlySoft, Inc.) R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers \Apowersoft_AudioDevice.sys [26032 2014-02-02] (Wondershare) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014- 10-07] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10- 07] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG) R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11- 07] (Corel Corporation) [File not signed] S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009- 07-14] (Microsoft Corporation) R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008- 07-21] (Elaborate Bytes AG) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012- 10-22] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012 -10-22] (RapidSolution Software AG) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-23] (Duplex Secure Ltd.) R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH) R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2012-10-22] (RapidSolution Software AG) S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07- 10] (BitDefender S.R.L.) R3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-01 16:31 - 2014-11-01 16:32 - 00023469 _____ () C:\Users \Abra\Downloads\FRST.txt 2014-11-01 14:16 - 2014-11-01 16:32 - 00000000 ____D () C:\FRST 2014-11-01 14:15 - 2014-11-01 14:15 - 01105920 _____ (Farbar) C: \Users\Abra\Downloads\FRST.exe 2014-11-01 13:01 - 2014-11-01 13:01 - 00000000 ____D () C:\Program Files\ESET 2014-11-01 13:00 - 2014-11-01 13:00 - 02347384 _____ (ESET) C: \Users\Abra\Downloads\esetsmartinstaller_deu.exe 2014-10-31 08:38 - 2014-10-31 08:38 - 00000308 _____ () C:\Windows \PFRO.log 2014-10-30 20:58 - 2014-10-30 20:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-10-30 16:36 - 2014-10-30 16:36 - 00002197 _____ () C:\Users \Public\Desktop\Google Chrome.lnk 2014-10-30 16:36 - 2014-10-30 16:36 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-30 16:35 - 2014-11-01 15:40 - 00001094 _____ () C:\Windows \Tasks\GoogleUpdateTaskMachineUA.job 2014-10-30 16:34 - 2014-11-01 11:29 - 00001090 _____ () C:\Windows \Tasks\GoogleUpdateTaskMachineCore.job 2014-10-30 16:34 - 2014-10-30 16:44 - 00000000 ____D () C:\Users \Abra\AppData\Local\Google 2014-10-30 09:15 - 2014-10-30 09:15 - 00002503 _____ () C:\Users \Public\Desktop\Snapseed.lnk 2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Users \Abra\AppData\Local\Nik Software 2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Snapseed 2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Program Files\Nik Software 2014-10-29 17:14 - 2014-11-01 16:05 - 02447996 _____ () C:\Windows \setupact.log 2014-10-29 17:14 - 2014-10-29 17:14 - 00000000 _____ () C:\Windows \setuperr.log 2014-10-29 12:21 - 2014-10-29 12:21 - 00880272 _____ (Google Inc.) C:\Users\Abra\Downloads\ChromeSetup.exe 2014-10-29 09:32 - 2014-10-29 09:32 - 00012902 _____ () C:\Windows \system32\cc_20141029_093205.reg 2014-10-28 18:16 - 2014-11-01 16:31 - 00000000 ____D () C:\Users \Abra\AppData\Local\CrashDumps 2014-10-28 16:03 - 2014-10-28 16:03 - 00034808 _____ () C:\Windows \system32\Drivers\TrueSight.sys 2014-10-28 16:03 - 2014-10-28 16:03 - 00000000 ____D () C: \ProgramData\RogueKiller 2014-10-28 15:59 - 2014-10-28 16:02 - 17318026 _____ () C:\Users \Abra\Downloads\RogueKiller_10.0.3.zip 2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Abelssoft 2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users \Abra\AppData\Local\Abelssoft 2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C: \ProgramData\XDMessagingv4 2014-10-28 15:44 - 2014-10-28 15:52 - 00000000 ____D () C:\Program Files\CHIP Updater 2014-10-28 15:33 - 2014-10-28 18:00 - 00000000 ____D () C: \ProgramData\Spybot - Search & Destroy 2014-10-28 15:33 - 2014-10-28 15:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2 2014-10-28 15:33 - 2014-10-28 15:34 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2014-10-28 15:33 - 2014-10-28 15:33 - 00002135 _____ () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2014-10-28 15:33 - 2014-10-28 15:33 - 00002123 _____ () C:\Users \Public\Desktop\Spybot-S&D Start Center.lnk 2014-10-28 15:33 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe 2014-10-28 15:31 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll 2014-10-28 15:31 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows \system32\sqlite36_engine.dll 2014-10-28 15:08 - 2014-10-28 15:09 - 01125200 _____ () C:\Users \Abra\Downloads\SpyBot Search Destroy - CHIP-Installer.exe 2014-10-28 15:03 - 2014-10-28 15:03 - 01998336 _____ () C:\Users \Abra\Downloads\adwcleaner_4.002.exe 2014-10-25 10:10 - 2014-10-25 10:11 - 00633265 _____ () C:\Users \Abra\Downloads\wirwarenunsterblich.epub 2014-10-24 15:36 - 2014-11-01 11:26 - 00002305 _____ () C:\Users \Public\Desktop\Ad-Aware Antivirus.lnk 2014-10-24 15:36 - 2014-10-24 15:36 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-10-24 15:30 - 2014-10-24 15:30 - 01754248 _____ () C:\Users \Abra\Downloads\Adaware_Installer.exe 2014-10-24 15:25 - 2014-10-24 15:25 - 00006624 _____ () C:\Windows \system32\cc_20141024_162530.reg 2014-10-23 13:43 - 2014-10-23 13:43 - 00000000 ____D () C:\Users \Abra\AppData\Local\AquaSoft 2014-10-23 13:41 - 2014-10-23 13:43 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\AquaSoft 2014-10-23 12:59 - 2014-10-23 12:59 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2014-10-23 12:58 - 2014-10-23 12:58 - 00001129 _____ () C:\Users \Public\Desktop\DiaShow 9 Ultimate.lnk 2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 __HDC () C: \ProgramData\{BEB9E475-E659-4956-9850-27F51DD50863} 2014-10-23 12:57 - 2014-10-23 12:57 - 00000000 ____D () C:\Program Files\Common Files\AquaSoft 2014-10-23 12:56 - 2014-10-23 12:56 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft 2014-10-23 12:55 - 2014-10-23 12:55 - 00000000 ____D () C:\Program Files\AquaSoft 2014-10-22 17:59 - 2014-10-22 18:00 - 30843037 _____ () C:\Users \Abra\Downloads\PDFsam_224.zip 2014-10-22 10:01 - 2014-10-22 10:01 - 13074360 _____ (SoftOrbits ) C:\Users\Abra\Downloads\SORetoucher.exe 2014-10-21 13:29 - 2014-10-21 13:29 - 00000000 ____D () C:\Program Files\Common Files\Java 2014-10-21 13:29 - 2014-10-21 13:27 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-10-21 13:28 - 2014-10-21 13:28 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll 2014-10-21 13:28 - 2014-10-21 13:28 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-10-20 11:27 - 2014-10-20 11:27 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-10-20 11:27 - 2014-10-20 11:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-10-18 13:34 - 2014-10-18 13:38 - 00002441 _____ () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-10-18 13:34 - 2014-10-18 13:34 - 00001989 _____ () C:\Users \Public\Desktop\Adobe Reader XI.lnk 2014-10-17 21:52 - 2014-10-17 21:53 - 00034102 _____ () C:\Windows \system32\cc_20141017_225226.reg 2014-10-16 17:00 - 2014-10-17 12:57 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-16 17:00 - 2014-10-16 17:00 - 00001064 _____ () C:\Users \Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C: \ProgramData\Malwarebytes 2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-10-16 16:59 - 2014-10-01 10:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-16 16:59 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-16 16:59 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-16 16:54 - 2014-10-16 16:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Abra\Downloads\mbam-setup-2.0.3.1025_CB-DL- Manager [1].exe 2014-10-15 10:24 - 2014-10-15 10:24 - 00000000 ____D () C:\Program Files\Lavasoft 2014-10-15 10:02 - 2014-10-15 10:02 - 00000969 _____ () C:\Users \Public\Desktop\CCleaner.lnk 2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C: \ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\Program Files\CCleaner 2014-10-15 10:00 - 2014-10-15 10:00 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\LavasoftStatistics 2014-10-15 09:56 - 2014-10-15 09:56 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Lavasoft 2014-10-15 09:54 - 2014-10-15 09:54 - 00000000 ____D () C: \ProgramData\Lavasoft 2014-10-15 09:39 - 2014-10-15 09:39 - 04964488 _____ (Piriform Ltd) C:\Users\Abra\Downloads\ccsetup418.exe 2014-10-15 09:19 - 2014-10-15 09:19 - 00000000 ____D () C:\Windows \system32\Adobe 2014-10-15 09:05 - 2014-10-28 15:19 - 00000000 ____D () C: \AdwCleaner 2014-10-15 09:03 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 09:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-15 09:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-15 09:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-15 09:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-15 09:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-15 09:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-15 09:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-15 09:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-15 09:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-15 09:02 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-15 09:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-15 09:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-15 09:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-15 09:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-15 09:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-15 09:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-15 09:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-15 09:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-15 09:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-15 09:02 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-15 09:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-15 09:02 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-15 09:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-15 09:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-15 09:02 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-15 09:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-15 09:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-15 09:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-15 09:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-15 09:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-15 09:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 09:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 09:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 09:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 09:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-15 09:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-15 09:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 09:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-10-15 09:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 09:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-15 09:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-15 09:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 09:01 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-15 09:01 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 09:01 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 09:01 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 09:01 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-10-15 09:01 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-10-15 09:01 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-10-15 09:01 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-10-15 09:00 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 09:00 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 09:00 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 09:00 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 09:00 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 09:00 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 09:00 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 09:00 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 09:00 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2014-10-15 09:00 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 09:00 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-10-15 09:00 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 09:00 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 09:00 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 09:00 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 09:00 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 09:00 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 09:00 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users \Abra\AppData\Local\EmieUserList 2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users \Abra\AppData\Local\EmieSiteList ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-01 16:22 - 2013-12-06 15:36 - 00001116 _____ () C:\Windows \Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201- 1949205912-1000UA.job 2014-11-01 16:22 - 2010-05-13 18:05 - 01288881 _____ () C:\Windows \WindowsUpdate.log 2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows \system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289- 439d-8115-601632D005A0 2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows \system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289- 439d-8115-601632D005A0 2014-11-01 11:38 - 2011-12-04 12:40 - 00000000 _____ () C:\Windows \system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2014-11-01 11:38 - 2009-08-22 16:58 - 00000052 _____ () C:\Windows \system32\DOErrors.log 2014-11-01 11:31 - 2014-02-12 10:15 - 00000000 ___RD () C:\Users \Abra\Dropbox 2014-11-01 11:31 - 2014-02-12 10:11 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Dropbox 2014-11-01 11:29 - 2010-05-13 18:21 - 00000248 _____ () C: \ProgramData\hpqp.ini 2014-11-01 11:25 - 2012-04-25 08:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-01 11:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows \Tasks\SA.DAT 2014-10-31 16:54 - 2009-08-05 21:10 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\XnView 2014-10-31 14:26 - 2014-04-13 16:35 - 00001062 _____ () C:\Users \Abra\AppData\Local\998087a8e589f390f0b710fed8b8c1bf 2014-10-31 13:33 - 2010-05-13 18:20 - 01612484 _____ () C:\Windows \system32\PerfStringBackup.INI 2014-10-31 10:22 - 2013-12-06 15:36 - 00001064 _____ () C:\Windows \Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201- 1949205912-1000Core.job 2014-10-30 16:35 - 2013-08-26 12:10 - 00000000 ____D () C:\Program Files\Google 2014-10-30 08:55 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users \Public 2014-10-29 20:22 - 2009-10-06 09:59 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Mozilla 2014-10-29 17:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows \Microsoft.NET 2014-10-29 09:25 - 2014-01-07 11:49 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup 2014-10-29 08:50 - 2009-07-14 05:33 - 01849920 _____ () C:\Windows \system32\FNTCACHE.DAT 2014-10-28 15:58 - 2010-05-13 18:21 - 00145216 _____ () C:\Users \Abra\AppData\Local\GDIPFONTCACHEV1.DAT 2014-10-28 15:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows \system32\de-DE 2014-10-28 15:35 - 2011-03-28 11:50 - 00000000 ____D () C:\Program Files\Microsoft.NET 2014-10-28 06:35 - 2009-10-03 10:10 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-27 14:13 - 2009-08-03 15:59 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Adobe 2014-10-27 10:30 - 2010-11-24 08:29 - 00000000 ____D () C:\Users \Abra\Documents\Eigene Scans 2014-10-24 20:34 - 2014-02-14 21:44 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\PanoramaStudio2Pro 2014-10-24 15:54 - 2012-05-16 09:54 - 00000000 ____D () C:\Users \Abra\AppData\Local\FreePDF_XP 2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft 2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\ArcSoft 2014-10-23 14:37 - 2008-10-26 14:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information 2014-10-21 13:29 - 2013-10-28 18:47 - 00000000 ____D () C: \ProgramData\Oracle 2014-10-21 13:27 - 2008-10-26 15:55 - 00000000 ____D () C:\Program Files\Java 2014-10-20 11:32 - 2014-08-19 08:44 - 00000000 ____D () C:\Users \Abra\AppData\Local\Adobe 2014-10-18 13:34 - 2009-11-23 10:32 - 00000000 ____D () C:\Program Files\Adobe 2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C: \ProgramData\Adobe 2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-10-16 11:41 - 2013-08-15 16:11 - 00000000 ____D () C:\Windows \rescache 2014-10-15 14:01 - 2008-10-26 15:36 - 00000000 ____D () C: \ProgramData\Microsoft Help 2014-10-15 13:56 - 2013-08-14 12:06 - 00000000 ____D () C:\Windows \system32\MRT 2014-10-15 13:45 - 2010-05-14 09:40 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-15 10:18 - 2010-06-09 13:32 - 00000000 ____D () C:\Users \Abra\AppData\Roaming\Media Player Classic 2014-10-15 10:17 - 2010-05-15 17:02 - 00000000 ____D () C:\Windows \Minidump 2014-10-15 10:17 - 2010-05-14 03:08 - 00000000 ____D () C:\Windows \Panther 2014-10-14 10:50 - 2008-10-26 15:23 - 00000000 ____D () C:\Windows \system32\Macromed 2014-10-14 05:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows \system32\NDF 2014-10-07 09:37 - 2013-10-14 10:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-10-07 09:37 - 2013-10-14 10:31 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-10-07 09:37 - 2013-10-14 10:31 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys Some content of TEMP: ==================== C:\Users\Abra\AppData\Local\Temp\avgnt.exe C:\Users\Abra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce- 5766-8f84-3e3e7ecf0d81}.tmpzjf1yd.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-26 20:14 ==================== End Of Log ============================ *********************** Was kann ich jetzt noch machen? Vorab vielen, vielen ... Dank! |
|
01.11.2014, 16:57
| #2 |
| /// the machine /// TB-Ausbilder    | Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
01.11.2014, 18:20
| #3 |
| | Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen Hey Schrauber,
__________________dankr für das Feedback. FRST FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014
Ran by XXXX (administrator) on ARBEITSLAPTOP on 01-11-2014 16:31:55
Running from C:\Users\Abra\Downloads
Loaded Profile: Abra (Available profiles: Abra)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nalpeiron Ltd.) C:\Windows\System32\ASTSRV.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
(Dropbox, Inc.) C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(C. Ghisler & Co.) C:\Programme_NEU\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-09-30] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [Google Update] => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4810520 2014-09-25] (Piriform Ltd)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Shortcut-Leiste.lnk
ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft-Indexerstellung.lnk
ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.tixuma.de/?ref=46589
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme_NEU\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programme_NEU\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02]
FF Extension: TinEye Reverse Image Search - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\tineye@ideeinc.com.xpi [2013-12-08]
FF Extension: Web Developer - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-10-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-22]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox
Chrome:
=======
CHR Profile: C:\Users\Abra\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Abra\AppData\Local\Temp\tbch.crx []
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 astcc; C:\Windows\system32\astsrv.exe [57344 2009-05-29] (Nalpeiron Ltd.) [File not signed]
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-03] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe [398128 2010-12-14] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [103360 2008-11-12] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-02-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-23] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2012-10-22] (RapidSolution Software AG)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.)
R3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 16:31 - 2014-11-01 16:32 - 00023469 _____ () C:\Users\Abra\Downloads\FRST.txt
2014-11-01 14:16 - 2014-11-01 16:32 - 00000000 ____D () C:\FRST
2014-11-01 14:15 - 2014-11-01 14:15 - 01105920 _____ (Farbar) C:\Users\Abra\Downloads\FRST.exe
2014-11-01 13:01 - 2014-11-01 13:01 - 00000000 ____D () C:\Program Files\ESET
2014-11-01 13:00 - 2014-11-01 13:00 - 02347384 _____ (ESET) C:\Users\Abra\Downloads\esetsmartinstaller_deu.exe
2014-10-31 08:38 - 2014-10-31 08:38 - 00000308 _____ () C:\Windows\PFRO.log
2014-10-30 20:58 - 2014-10-30 20:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-30 16:36 - 2014-10-30 16:36 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-30 16:36 - 2014-10-30 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-30 16:35 - 2014-11-01 15:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 16:34 - 2014-11-01 11:29 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 16:34 - 2014-10-30 16:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Google
2014-10-30 09:15 - 2014-10-30 09:15 - 00002503 _____ () C:\Users\Public\Desktop\Snapseed.lnk
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Users\Abra\AppData\Local\Nik Software
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapseed
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Program Files\Nik Software
2014-10-29 17:14 - 2014-11-01 16:05 - 02447996 _____ () C:\Windows\setupact.log
2014-10-29 17:14 - 2014-10-29 17:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-29 12:21 - 2014-10-29 12:21 - 00880272 _____ (Google Inc.) C:\Users\Abra\Downloads\ChromeSetup.exe
2014-10-29 09:32 - 2014-10-29 09:32 - 00012902 _____ () C:\Windows\system32\cc_20141029_093205.reg
2014-10-28 18:16 - 2014-11-01 16:31 - 00000000 ____D () C:\Users\Abra\AppData\Local\CrashDumps
2014-10-28 16:03 - 2014-10-28 16:03 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-28 16:03 - 2014-10-28 16:03 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-28 15:59 - 2014-10-28 16:02 - 17318026 _____ () C:\Users\Abra\Downloads\RogueKiller_10.0.3.zip
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Local\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-28 15:44 - 2014-10-28 15:52 - 00000000 ____D () C:\Program Files\CHIP Updater
2014-10-28 15:33 - 2014-10-28 18:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-28 15:33 - 2014-10-28 15:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:33 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2014-10-28 15:33 - 00002123 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-10-28 15:31 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-10-28 15:31 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-10-28 15:08 - 2014-10-28 15:09 - 01125200 _____ () C:\Users\Abra\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-10-28 15:03 - 2014-10-28 15:03 - 01998336 _____ () C:\Users\Abra\Downloads\adwcleaner_4.002.exe
2014-10-25 10:10 - 2014-10-25 10:11 - 00633265 _____ () C:\Users\Abra\Downloads\wirwarenunsterblich.epub
2014-10-24 15:36 - 2014-11-01 11:26 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-24 15:36 - 2014-10-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-24 15:30 - 2014-10-24 15:30 - 01754248 _____ () C:\Users\Abra\Downloads\Adaware_Installer.exe
2014-10-24 15:25 - 2014-10-24 15:25 - 00006624 _____ () C:\Windows\system32\cc_20141024_162530.reg
2014-10-23 13:43 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Local\AquaSoft
2014-10-23 13:41 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\AquaSoft
2014-10-23 12:59 - 2014-10-23 12:59 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-10-23 12:58 - 2014-10-23 12:58 - 00001129 _____ () C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 __HDC () C:\ProgramData\{BEB9E475-E659-4956-9850-27F51DD50863}
2014-10-23 12:57 - 2014-10-23 12:57 - 00000000 ____D () C:\Program Files\Common Files\AquaSoft
2014-10-23 12:56 - 2014-10-23 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2014-10-23 12:55 - 2014-10-23 12:55 - 00000000 ____D () C:\Program Files\AquaSoft
2014-10-22 17:59 - 2014-10-22 18:00 - 30843037 _____ () C:\Users\Abra\Downloads\PDFsam_224.zip
2014-10-22 10:01 - 2014-10-22 10:01 - 13074360 _____ (SoftOrbits ) C:\Users\Abra\Downloads\SORetoucher.exe
2014-10-21 13:29 - 2014-10-21 13:29 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-21 13:29 - 2014-10-21 13:27 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-21 13:28 - 2014-10-21 13:28 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 13:28 - 2014-10-21 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-18 13:34 - 2014-10-18 13:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-18 13:34 - 2014-10-18 13:34 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 21:52 - 2014-10-17 21:53 - 00034102 _____ () C:\Windows\system32\cc_20141017_225226.reg
2014-10-16 17:00 - 2014-10-17 12:57 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:00 - 2014-10-16 17:00 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-10-16 16:59 - 2014-10-01 10:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-16 16:54 - 2014-10-16 16:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Abra\Downloads\mbam-setup-2.0.3.1025_CB-DL-Manager [1].exe
2014-10-15 10:24 - 2014-10-15 10:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-15 10:02 - 2014-10-15 10:02 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 10:00 - 2014-10-15 10:00 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\LavasoftStatistics
2014-10-15 09:56 - 2014-10-15 09:56 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Lavasoft
2014-10-15 09:54 - 2014-10-15 09:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-15 09:39 - 2014-10-15 09:39 - 04964488 _____ (Piriform Ltd) C:\Users\Abra\Downloads\ccsetup418.exe
2014-10-15 09:19 - 2014-10-15 09:19 - 00000000 ____D () C:\Windows\system32\Adobe
2014-10-15 09:05 - 2014-10-28 15:19 - 00000000 ____D () C:\AdwCleaner
2014-10-15 09:03 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:02 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:02 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:02 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:02 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:01 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 09:01 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:00 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:00 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:00 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:00 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:00 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:00 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:00 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:00 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:00 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieUserList
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieSiteList
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-01 16:22 - 2013-12-06 15:36 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job
2014-11-01 16:22 - 2010-05-13 18:05 - 01288881 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 11:38 - 2011-12-04 12:40 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-01 11:38 - 2009-08-22 16:58 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-11-01 11:31 - 2014-02-12 10:15 - 00000000 ___RD () C:\Users\Abra\Dropbox
2014-11-01 11:31 - 2014-02-12 10:11 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Dropbox
2014-11-01 11:29 - 2010-05-13 18:21 - 00000248 _____ () C:\ProgramData\hpqp.ini
2014-11-01 11:25 - 2012-04-25 08:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-01 11:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-31 16:54 - 2009-08-05 21:10 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\XnView
2014-10-31 14:26 - 2014-04-13 16:35 - 00001062 _____ () C:\Users\Abra\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2014-10-31 13:33 - 2010-05-13 18:20 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-31 10:22 - 2013-12-06 15:36 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job
2014-10-30 16:35 - 2013-08-26 12:10 - 00000000 ____D () C:\Program Files\Google
2014-10-30 08:55 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-10-29 20:22 - 2009-10-06 09:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Mozilla
2014-10-29 17:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-29 09:25 - 2014-01-07 11:49 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-10-29 08:50 - 2009-07-14 05:33 - 01849920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 15:58 - 2010-05-13 18:21 - 00145216 _____ () C:\Users\Abra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 15:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-28 15:35 - 2011-03-28 11:50 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-28 06:35 - 2009-10-03 10:10 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 14:13 - 2009-08-03 15:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Adobe
2014-10-27 10:30 - 2010-11-24 08:29 - 00000000 ____D () C:\Users\Abra\Documents\Eigene Scans
2014-10-24 20:34 - 2014-02-14 21:44 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\PanoramaStudio2Pro
2014-10-24 15:54 - 2012-05-16 09:54 - 00000000 ____D () C:\Users\Abra\AppData\Local\FreePDF_XP
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\ArcSoft
2014-10-23 14:37 - 2008-10-26 14:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-21 13:29 - 2013-10-28 18:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 13:27 - 2008-10-26 15:55 - 00000000 ____D () C:\Program Files\Java
2014-10-20 11:32 - 2014-08-19 08:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Adobe
2014-10-18 13:34 - 2009-11-23 10:32 - 00000000 ____D () C:\Program Files\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-16 11:41 - 2013-08-15 16:11 - 00000000 ____D () C:\Windows\rescache
2014-10-15 14:01 - 2008-10-26 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 13:56 - 2013-08-14 12:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:45 - 2010-05-14 09:40 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:18 - 2010-06-09 13:32 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Media Player Classic
2014-10-15 10:17 - 2010-05-15 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-10-15 10:17 - 2010-05-14 03:08 - 00000000 ____D () C:\Windows\Panther
2014-10-14 10:50 - 2008-10-26 15:23 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-14 05:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-07 09:37 - 2013-10-14 10:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
Some content of TEMP:
====================
C:\Users\Abra\AppData\Local\Temp\avgnt.exe
C:\Users\Abra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjf1yd.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-26 20:14
==================== End Of Log ============================
*************************************************** Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-11-2014
Ran by XXXX at 2014-11-01 16:34:16
Running from C:\Users\Abra\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen (HKLM\...\Adobe_b0efd5c6e27241b2a2a88dbddd25245) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF}) (Version: 9.0.1044.9177 - AKVIS)
AKVIS NatureArt (HKLM\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 5.0.1319.9143 - AKVIS)
AKVIS Retoucher (HKLM\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)
Alamy SizeCheck (HKLM\...\{8C1A4413-DE43-4A42-8C35-DA60BB3590F3}) (Version: 1.1.6 - Braeside Communication Services)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version: - Alien Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version: - Alien Skin)
Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version: - Alien Skin)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.1.2 (HKLM\...\Any DVD Cloner Platinum_is1) (Version: - dvdsmith.com)
AnyDVD (HKLM\...\AnyDVD) (Version: - SlySoft)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 9 Ultimate (HKLM\...\AquaSoft DiaShow 9 Ultimate) (Version: 9.0.11 - AquaSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Audials (HKLM\...\{3726429A-5B2F-409B-AEB0-2C7F6B6A20E3}) (Version: 10.0.43701.100 - Audials AG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Banger Einzelplatz Verlage 1.1 (HKLM\...\Banger Einzelplatz Verlage_is1) (Version: - )
Bertelsmann Fotowelt (HKLM\...\Bertelsmann Fotowelt) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BuddyW 1.1.10 (HKLM\...\BuddyW_is1) (Version: - BuddyWorX)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1) (Version: - Bullzip)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
COLOR projects premium (32-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.13 - Franzis Verlag GmbH)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version: - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Das Telefonbuch Gelbe Seiten Map & Route (HKLM\...\DasTelefonbuch Gelbe Seiten Map & Route) (Version: - TVG Telefonbuch- und Verzeichnisverlag GmbH & Co. KG)
DER PUNKT - Richmedia Plus Converter (HKLM\...\RichConverter) (Version: 1.01 - UNKNOWN)
DER PUNKT - Richmedia Plus Converter (Version: 1.01 - UNKNOWN) Hidden
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison)
DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DRI Tool 2.0 (HKLM\...\DRI Tool 2.0_is1) (Version: 2.0 - Traumflieger)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DxO Optics Pro 6 (HKLM\...\{F967C307-F5BF-4EDA-9634-8CF514180881}) (Version: 6.1.2 - DxO Labs)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free Time)
Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.5 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
FreeFileSync 5.20 (HKLM\...\FreeFileSync) (Version: 5.20 - Zenju)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Genuine Fractals 6.0 Professional Edition (HKLM\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 6.0 - onOne Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Talk Plugin (HKLM\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
HDR projects professional (32-Bit) (HKLM\...\HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.24 - Franzis Verlag GmbH)
Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version: - Helicon Soft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HomepageFIX (HKLM\...\HomepageFIX_is1) (Version: Aktuelle Version - IN MEDIA KG)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
indii.org/tintii (HKLM\...\tintii) (Version: - )
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
join.me (HKCU\...\JoinMe) (Version: 1.9.0.133 - LogMeIn, Inc.)
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
LightScribe System Software 1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version: - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Namo WebEditor 8 (HKLM\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NewsletterDesigner (HKLM\...\NewsletterDesigner_is1) (Version: Aktuelle Version - IN MEDIA KG)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Pano2VR - Garden Gnome Software (HKLM\...\Pano2VR) (Version: - )
PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\...\PanoramaStudio2Pro) (Version: - )
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pop Art Studio 6.5 (HKLM\...\{AE48B3F0-0288-46CA-9859-3C2109E9BE7B}) (Version: 6.5 - Fotoview)
Portrait Professional Studio 9.0 (HKLM\...\Portrait Professional Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.)
PortraitPro Studio 12.2 (HKLM\...\PortraitProStudio12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
RichKonverter (HKLM\...\de.derpunkt.richmediaplus.Konverter) (Version: 4.7 - UNKNOWN)
RichKonverter (Version: 4.7 - UNKNOWN) Hidden
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk Software)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
SoftOrbits Photo Retoucher 1.3 (HKLM\...\SoftOrbits Photo Retoucher_is1) (Version: 1.3 - SoftOrbits)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: - )
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e)
XnViewMP 0.61 (HKLM\...\XnViewMP_is1) (Version: 0.61 - Gougelet Pierre-e)
X-OOM Movie Clone 5 (HKLM\...\X-OOM Movie Clone_is1) (Version: 5 - X-OOM)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0189B5E2-D027-475B-92C3-5BD30B45B5BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0B3FAA9D-B9AD-43AA-8CE4-E8D5621CD5E6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {1027FE25-0662-44F6-BEFA-FE03BD2E88AF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {17D4CF18-1B36-49B8-B37A-1FE511DA6170} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {1AA37F21-EA1C-4E91-BE2A-542590832DEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1D591226-2AD0-4166-8CFE-5AF5771A4509} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5D6FA2BD-6BCD-4F63-A02F-DDCF530D9AAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {6FC93961-F7EF-4C2E-83EA-978636AFD9B2} - System32\Tasks\{2D04646A-6173-4B20-B08F-77BAE22E8D8F} => Chrome.exe
Task: {7719501C-195E-4D96-BB87-F7B4F5846F70} - System32\Tasks\{A8796C35-190E-4BFF-A5B9-609BC6BE5DF5} => Chrome.exe
Task: {9B841344-248D-425B-9E98-7F7687F29CB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {9E76933B-518B-4492-A98C-C4B1CBE9EDCE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9FE713D6-2BE1-4821-A2F6-FFA0670635A8} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {A7F4A989-0006-4B13-91A1-C4CA9CA26216} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B249A444-7CE8-41B0-949E-981AB3BAD597} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B8C25482-F04D-49B2-8748-414697DE72B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {D73C3837-DC35-433B-921E-D3960E5E5ED0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {DB12B18F-923A-4505-BA3A-D5BAA6DB355D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E1164DFF-D885-4FFB-ACC8-362D9F18738B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E9D79F23-CC88-4F18-9F19-B47626B0AE73} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {EF82D5E4-CD07-40AE-A249-10FF740128A0} - System32\Tasks\InternetServiceOffers => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-01] ()
Task: {F69E8D8E-6AE6-495A-ABA4-826E22489983} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F9054B7A-31D3-4FA8-86C9-1273BB98C59A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-05-16 09:22 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2008-10-26 15:59 - 2008-10-06 09:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-26 15:59 - 2008-10-06 09:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-26 15:52 - 2008-09-15 15:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-10-28 15:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-28 15:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-28 15:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-04-18 12:21 - 2010-12-14 08:33 - 00398128 _____ () C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
2010-06-24 09:20 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-09-30 16:56 - 2008-09-30 16:56 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00118784 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 12:59 - 2007-08-14 12:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-06-24 09:20 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe
2009-06-29 05:13 - 2008-09-23 16:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2008-10-26 14:51 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
1998-05-31 23:00 - 1998-05-31 23:00 - 03792896 _____ () C:\Program Files\Microsoft Office\Office\MSO97.DLL
2014-11-01 11:30 - 2014-11-01 11:30 - 00043008 _____ () c:\users\abra\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjf1yd.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Abra\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-01-17 16:19 - 2012-02-06 12:25 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-10-30 20:58 - 2014-10-30 20:58 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2009-08-05 20:44 - 2008-08-08 06:04 - 00083392 _____ () C:\Programme_NEU\totalcmd\wcmzip32.dll
2009-08-05 20:44 - 2008-08-08 06:04 - 00168448 _____ () C:\Programme_NEU\totalcmd\unRAR.dll
2014-10-20 11:27 - 2014-10-20 11:27 - 16832176 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Windows:3F0192B3D5C09180
AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Users\Abra\AppData\Local\VcTuc86YT6Z:zuRfTVhHttXAFSR3lWD9nw9FH38
AlternateDataStreams: C:\ProgramData\Temp:3241321C
AlternateDataStreams: C:\ProgramData\Temp:810B9F0D
AlternateDataStreams: C:\ProgramData\Temp:B6AC352B
AlternateDataStreams: C:\ProgramData\Temp:B946D9EE
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AnyDVD => "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
========================= Accounts: ==========================
Abra (S-1-5-21-2602968799-2210533201-1949205912-1000 - Administrator - Enabled) => C:\Users\Abra
Administrator (S-1-5-21-2602968799-2210533201-1949205912-500 - Administrator - Disabled)
Gast (S-1-5-21-2602968799-2210533201-1949205912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2602968799-2210533201-1949205912-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/01/2014 04:29:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x1ce4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (11/01/2014 11:31:52 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml
Error: (11/01/2014 11:25:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/31/2014 04:57:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Snapseed.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1d28
Startzeit: 01cff510fdd67570
Endzeit: 1383
Anwendungspfad: C:\Program Files\Nik Software\Snapseed\Snapseed.exe
Berichts-ID: 83850851-6116-11e4-ac82-001f16dbb3c2
Error: (10/31/2014 04:56:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x1eac
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (10/31/2014 08:42:23 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml
Error: (10/31/2014 08:38:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/30/2014 04:36:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x268
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Error: (10/30/2014 03:33:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: xnview.exe, Version: 1.98.0.0, Zeitstempel: 0x4e259822
Name des fehlerhaften Moduls: gsdll32.dll, Version: 0.0.0.0, Zeitstempel: 0x4e3bdc56
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00265900
ID des fehlerhaften Prozesses: 0x1634
Startzeit der fehlerhaften Anwendung: 0xxnview.exe0
Pfad der fehlerhaften Anwendung: xnview.exe1
Pfad des fehlerhaften Moduls: xnview.exe2
Berichtskennung: xnview.exe3
Error: (10/30/2014 08:36:44 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml
System errors:
=============
Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Error: (10/29/2014 05:18:55 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.
Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Error: (10/28/2014 03:23:28 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 20) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Komponente: AMD Northbridge
Fehlerquelle: 3
Fehlertyp: 11
Prozessor-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Microsoft Office Sessions:
=========================
Error: (09/13/2012 08:44:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 880 seconds with 840 seconds of active time. This session ended with a crash.
Error: (09/13/2012 08:28:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4045 seconds with 1980 seconds of active time. This session ended with a crash.
Error: (08/20/2012 02:58:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 726 seconds with 660 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: AMD Athlon Dual-Core QL-65
Percentage of memory in use: 64%
Total physical RAM: 2814.43 MB
Available physical RAM: 996.78 MB
Total Pagefile: 5628.85 MB
Available Pagefile: 3441.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.29 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:287.56 GB) (Free:14.89 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 627525ED)
Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
02.11.2014, 13:27
| #4 |
| /// the machine /// TB-Ausbilder | Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Linear-Darstellung
