Lappi mit Vista kein Windowsupdate mehr

Ocir33 · 14.06.2015, 17:24

Hallo

wir haben beim Lappi vom Kumpel ein Problem.

System : HP6735s Windows Vista Home 32bit mit SP2

Opera als Browser /Avast Free Antivirus.

seit 29.04 2015 geht kein Windowsupdate mehr , man kann es starten und es sucht aber es macht nix bzw kein ergebnis.

habe schon das Fixit von MS durchlaufen lassen ohne erfolg.
Windows Update fehler 0x80070057

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-06-2015
Ran by Simonepfändler at 2015-06-14 17:46:43
Running from C:\Users\Simonepfändler\Downloads\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1854109890-2099202473-3671088656-500 - Administrator - Disabled)
Gast (S-1-5-21-1854109890-2099202473-3671088656-501 - Limited - Disabled)
Simonepfändler (S-1-5-21-1854109890-2099202473-3671088656-1004 - Administrator - Enabled) => C:\Users\Simonepfändler

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
32 Bit HP CIO Components Installer (Version: 2.1.4 - Hewlett-Packard) Hidden
ActivClient 6.1 x86 (Version: 6.01.00034 - ActivIdentity) Hidden
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - Agere Systems)
ATI Catalyst Install Manager (HKLM\...\{32D95F2D-17A3-9457-667D-DC603227295F}) (Version: 3.0.664.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.31 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J220 (HKLM\...\{FB83EAC4-E3F6-4666-B45B-44522F2344B6}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
ccc-core-static (Version: 2008.0521.920.14728 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Chicken Little (HKLM\...\{B70906B9-D852-4FA7-BE60-E738EB6836CF}) (Version: 1.0 - )
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Credential Manager for HP ProtectTools (Version: 4.0.3.1208.1 - Hewlett-Packard Company) Hidden
Drive Encryption for HP ProtectTools (Version: 4.0.5 - Hewlett-Packard) Hidden
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Vista SP1 (HKLM\...\{01F81577-D786-49D7-BAAF-B8A8B44CE251}) (Version: 1.00.3.1 - Hewlett-Packard)
Galileo Family Quiz - Spezial I (HKLM\...\Galileo Family Quiz - Spezial I) (Version:  - SevenOne Intermedia)
Galileo Family Quiz - Spezial II (HKLM\...\Galileo Family Quiz - Spezial II) (Version:  - SevenOne Intermedia)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard Active Check for Health Check (Version: 1.1.15.2 - Hewlett-Packard) Hidden
HP 3D DriveGuard (HKLM\...\{2ACA66D0-7C67-4235-90B5-7AB382FF8633}) (Version: 3.10 A8 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{420BBA1D-B275-4891-838C-EA88FE87A632}) (Version: 5.4.0.2423 - Hewlett-Packard)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Easy Setup - Frontend (HKLM\...\{8BB128BE-2670-485D-A221-B00715BCEBCF}) (Version: 5.4.0.2423 - Hewlett-Packard)
HP Help and Support (HKLM\...\{E333CA5F-00ED-4EEF-90E5-6A33A8FE969F}) (Version: 2.0.9.0 - Hewlett-Packard)
HP Integrated Module with Bluetooth wireless technology 6.0.1.6202 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.0.1.6202 - HP)
HP ProtectTools Security Manager Suite (HKLM\...\{75D7BB3A-9AB7-4ad1-AD5E-0059B90C624B}) (Version: 04.00.02.0003 - Hewlett-Packard)
HP Quick Launch Buttons 6.40 E1 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 E1 - Hewlett-Packard)
HP Update (HKLM\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0108 (HKLM\...\{B79DB290-9F72-4B20-9776-848D7832705B}) (Version: 1.01.0000 - Hewlett-Packard)
HP Wallpaper (HKLM\...\{F173C2B3-296F-458C-98FF-1676A42EBA02}) (Version: 1.0.1.4 - Hewlett-Packard)
HP Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.39004.0 - Sonix)
HP Webcam Application (HKLM\...\{154E4F71-DFC0-4B31-8D99-F97615031B02}) (Version: 1.0.020.0418 - Chicony Electronics Co.,Ltd.)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPNetworkAssistant (Version: 1.1.70 - Hewlett-Packard.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.13.0.003 - HTC Corporation)
HTC Sync Manager (HKLM\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.24.5 - HTC)
InterVideo DVD Check (HKLM\...\{5D97A4A7-C274-4B63-86D9-07A33435F505}) (Version:  - )
InterVideo Register Manager (Version: 1.0.4.0 - InterVideo Inc.) Hidden
InterVideo WinDVD (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.1251 - InterVideo Inc.)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java(TM) 6 Update 35 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Java(TM) 6 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160060}) (Version: 1.6.0.60 - Sun Microsystems, Inc.)
LightScribe System Software  1.12.37.1 (HKLM\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: 1.12.37.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Automated Troubleshooting Services Shim (HKLM\...\{c9920352-04e6-469d-bab8-e2b9c7c75415}.sdb) (Version:  - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version:  - Microsoft)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Mise à jour Microsoft Office Excel 2007 Help  (KB963678) (HKLM\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version:  - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help  (KB963677) (HKLM\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version:  - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help  (KB963669) (HKLM\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version:  - Microsoft)
Mise à jour Microsoft Office Word 2007 Help  (KB963665) (HKLM\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version:  - Microsoft)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Flashing Cable Driver (HKLM\...\{A4E0CA0F-1903-440A-9B98-FEA6CB049999}) (Version: 8.6.0.2 - Nokia)
OpenOffice.org 3.1 (HKLM\...\{D765F1CE-5AE5-4C47-B134-AE58AC474740}) (Version: 3.1.9399 - OpenOffice.org)
Opera Stable 30.0.1835.59 (HKLM\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
PC Connectivity Solution (HKLM\...\{D848D140-41C3-4A53-86D8-E866A100B4CD}) (Version: 8.47.6.0 - Nokia)
PDF Complete (HKLM\...\PDF Complete) (Version: 3.5.30 - PDF Complete, Inc.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skins (Version: 2008.0521.920.14728 - ATI) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.1.5820 - Analog Devices)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.0.7.0 - Synaptics)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 7.50a - Ghisler Software GmbH)
Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
Vista Default Settings (HKLM\...\{12D61C9C-5E84-47F0-BD81-A48DF61A86D7}) (Version: 1.0.7.1 - Hewlett-Packard)
VLC media player 0.9.9 (HKLM\...\VLC media player) (Version: 0.9.9 - VideoLAN Team)
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

06-01-2015 18:43:00 Windows Update
14-01-2015 17:52:58 Windows Update
14-01-2015 19:00:17 Windows Update
21-01-2015 18:11:12 Windows Update
22-01-2015 17:13:30 avast! antivirus system restore point
24-01-2015 00:59:55 Windows Update
03-02-2015 16:52:43 Windows Update
22-02-2015 19:57:40 Windows Update
22-02-2015 20:22:50 Windows Update
24-02-2015 18:26:01 Windows Update
02-03-2015 18:50:50 Windows Update
02-03-2015 19:00:37 Windows Update
03-03-2015 14:17:09 Geplanter Prüfpunkt
04-03-2015 16:52:52 Geplanter Prüfpunkt
12-03-2015 18:19:42 Windows Update
11-04-2015 12:08:56 Windows Update
13-04-2015 21:49:27 Windows Update
14-04-2015 14:28:38 Windows Update
20-04-2015 14:51:04 Windows Update
25-04-2015 15:28:21 Windows Update
26-04-2015 10:53:57 Geplanter Prüfpunkt
29-04-2015 18:05:10 Windows Update
05-05-2015 15:45:20 Windows Update
09-05-2015 20:52:11 Geplanter Prüfpunkt
27-05-2015 16:17:34 Windows Update
31-05-2015 15:56:15 Windows Update
31-05-2015 20:30:23 OTL Restore Point - 31.05.2015 20:30:22
14-06-2015 14:51:18 Revo Uninstaller's restore point - Nokia Connectivity Cable Driver
14-06-2015 14:52:38 Nokia Connectivity Cable Driver wird entfernt
14-06-2015 15:00:54 Windows Update
14-06-2015 15:07:31 Revo Uninstaller's restore point - Nokia Music
14-06-2015 15:21:11 Wiederherstellungspunkt vor Fehlerhafte Patchregistrierungsschlüssel
14-06-2015 15:35:11 Revo Uninstaller's restore point - File Sanitizer For HP ProtectTools
14-06-2015 15:39:05 Removed File Sanitizer For HP ProtectTools
14-06-2015 15:59:13 Removed HP Software Setup
14-06-2015 16:03:27 Revo Uninstaller's restore point - Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
14-06-2015 16:27:25 avast! antivirus system restore point
14-06-2015 17:17:40 avast! antivirus system restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3E7911D7-B099-4829-87BD-A9B1A2850C17} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-14] (Avast Software s.r.o.)
Task: {555336CC-B3C9-42C3-83E1-ECE190E0D301} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {55EB2049-493B-4FEA-8C65-508B6AAC832D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {94CD6BB1-374B-411C-AD6F-B630B6FFC2D9} - System32\Tasks\HP Health Check => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-04-15] (Hewlett-Packard)
Task: {9A6E4E5F-98BB-4928-B105-7D88F69D4A59} - System32\Tasks\User_Feed_Synchronization-{703088C3-B1C3-4481-AAB3-7FE76BE7051F}
Task: {AEC736B4-C4E6-4B5D-8ACB-3C5999EB4763} - System32\Tasks\Opera scheduled Autoupdate 1433081425 => C:\Program Files\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {E3E15E7E-CAA3-4462-AE90-B38A0A785ACE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-14] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\windows\system32\Macromed\Flash\FlashUtil32_18_0_0_160_pepper.exe
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\User_Feed_Synchronization-{703088C3-B1C3-4481-AAB3-7FE76BE7051F}.job => C:\windows\system32\msfeedssync.exe

==================== Loaded Modules (Whitelisted) ==============

2008-05-21 11:38 - 2008-05-21 11:38 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2015-06-14 17:23 - 2015-06-14 17:23 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-06-14 17:23 - 2015-06-14 17:23 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-14 17:24 - 2015-06-14 17:24 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15042101\algo.dll
2015-06-14 17:23 - 2015-06-14 17:23 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:7E95B6FD

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1854109890-2099202473-3671088656-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Simonepfändler\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: accoca => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AEADIFilters => 2
MSCONFIG\Services: AgereModemAudio => 2
MSCONFIG\Services: Ati External Event Utility => 2
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: AvastVBoxSvc => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: Com4QLBEx => 3
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: HP ProtectTools Service => 2
MSCONFIG\Services: HpFkCryptService => 2
MSCONFIG\Services: HPFSService => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: HTCMonitorService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IviRegMgr => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: PassThru Service => 2
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: rpcnet => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: UPnPService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk => C:\windows\pss\BTTray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^DVD Check.lnk => C:\windows\pss\DVD Check.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Simonepfändler^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk => C:\windows\pss\OpenOffice.org 3.1.lnk.Startup
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: File Sanitizer => C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
MSCONFIG\startupreg: HP Software Update => c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Nokia FastStart => "C:\Program Files\Nokia\Nokia Music\NokiaMusic.exe" /command:faststart
MSCONFIG\startupreg: NokiaMServer => C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles
MSCONFIG\startupreg: PDF Complete => C:\Program Files\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: PTHOSTTR => c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WatchDog => C:\Program Files\InterVideo\DVD Check\DVDCheck.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{5FBF9AD0-5445-4775-A285-A6EBBD097065}] => (Allow) C:\Program Files\MSN Messenger\msnmsgr.exe
FirewallRules: [{EB3970E2-D783-4200-BF74-25B666C3B3AC}] => (Allow) svchost.exe
FirewallRules: [{B92D38D5-31BD-45EB-8910-FF3B152A9572}] => (Allow) C:\Program Files\MSN Messenger\livecall.exe
FirewallRules: [{846D6272-DC68-424E-A545-BFF268EC1668}] => (Allow) LPort=80
FirewallRules: [{E0C1C284-03C0-427E-B782-27899DEFAE05}] => (Allow) LPort=80
FirewallRules: [{52CCB3C2-8CC5-43B6-BFBA-3E8508A51386}] => (Allow) LPort=80
FirewallRules: [{DE3B4EAB-A0C9-428D-90C4-19FA4A5E1782}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{09DAE8B0-FAAC-47CC-8D4D-0CAE3DA5A08F}] => (Allow) C:\Program Files\HTC\HTC Sync Manager\HTCSyncManager.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (06/14/2015 05:17:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {7282c2e6-c262-4439-ac0c-92ad2bba83fd}

Error: (06/14/2015 05:11:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 04:27:20 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a8fa2cae-e546-48f9-8028-18937dd040eb}

Error: (06/14/2015 04:20:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/14/2015 04:03:26 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a1f6fe26-3601-4778-a6c1-bd12a6d4550e}

Error: (06/14/2015 03:59:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {a1f6fe26-3601-4778-a6c1-bd12a6d4550e}

Error: (06/14/2015 03:58:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts auf dem Volume (Prozess = C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - HP Software Setup 5.00.A.7; Hr = 0x80042319).

Error: (06/14/2015 03:58:57 PM) (Source: VSS) (EventID: 12301) (User: )
Description: Volumeschattenkopie-Dienstfehler: Verfasser "System Writer" hat auf einen GatherWriterStatus-Aufruf nicht reagiert.


Vorgang:
   Status der Generatoren abfragen
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: GatherWriterStatus

Error: (06/14/2015 03:58:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {bb04f62d-268c-4727-853b-dc00cce6b39b}

Error: (06/14/2015 03:39:02 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {bb04f62d-268c-4727-853b-dc00cce6b39b}


System errors:
=============
Error: (06/14/2015 05:12:12 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/14/2015 05:11:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (06/14/2015 04:44:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (06/14/2015 04:22:44 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/14/2015 04:20:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (06/14/2015 02:52:47 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (06/14/2015 02:49:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000SENS

Error: (06/14/2015 02:48:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058

Error: (06/14/2015 02:47:16 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{200AC775-D8D6-4C3C-89E7-F89550407266} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (06/14/2015 02:16:10 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-06-14 17:45:38.490
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:37.304
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:36.353
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:35.118
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:33.699
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:32.747
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:31.764
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:45:30.782
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:42:35.301
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-06-14 17:42:33.756
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: AMD Athlon(tm)X2 DualCore QL-60
Percentage of memory in use: 70%
Total physical RAM: 1788.08 MB
Available physical RAM: 527.34 MB
Total Pagefile: 3826.66 MB
Available Pagefile: 2068.95 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.88 GB) (Free:46.58 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:9 GB) (Free:1.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:1 GB) (Free:0.99 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 80D2F3EE)
Partition 1: (Active) - (Size=222.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1 GB) - (Type=0C)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

==================== End of log ============================

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-06-2015
Ran by Simonepfändler (administrator) on SIMONEPFÄNDL-PC on 14-06-2015 17:32:47
Running from C:\Users\Simonepfändler\Downloads\FRST-OlderVersion
Loaded Profiles: Simonepfändler (Available Profiles: Simonepfändler)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Absolute Software Corp.) C:\Windows\System32\rpcnet.exe
(Bioscrypt Inc.) C:\Program Files\Hewlett-Packard\IAM\Bin\asghost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(ActivIdentity) C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Analog Devices, Inc.) C:\Program Files\Analog Devices\Core\smax4pnp.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Opera Software) C:\Program Files\Opera\30.0.1835.59\opera.exe
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe
(Microsoft Corporation) C:\Users\Simonepfändler\Downloads\MicrosoftFixit.wu.Run (1).exe
(Microsoft Corporation) C:\Windows\Temp\RunBoot-Temp_.99de7b98-3958-4bd2-a382-91efcaa3923a\MatsBoot.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Users\Simonepfändler\AppData\Local\Temp\MATS-Temp\CABwkxms5bf.qj0\MATSWiz.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Users\Simonepfändler\AppData\Local\Temp\MATS-Temp\CABwkxms5bf.qj0\MATSHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [accrdsub] => c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe [293168 2007-05-16] (ActivIdentity)
HKLM\...\Run: [CognizanceTS] => rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1045800 2008-03-27] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [HP Health Check Scheduler] => c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [70912 2008-04-15] (Hewlett-Packard)
HKLM\...\Run: [SoundMAX] => C:\Program Files\Analog Devices\SoundMAX\soundmax.exe [3842048 2008-03-19] (Analog Devices, Inc.)
HKLM\...\Run: [SoundMAXPnP] => C:\Program Files\Analog Devices\Core\smax4pnp.exe [1314816 2008-04-04] (Analog Devices, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-06-14] (Avast Software s.r.o.)
HKLM\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\b7b8a7a7-e60f-4982-b1fc-e54980b6e1ce.exe [183232 2015-06-14] (AVAST Software)
HKU\S-1-5-21-1854109890-2099202473-3671088656-1004\...\MountPoints2: {4815587b-673f-11e4-bb47-00226453ac79} - G:\Startme.exe
AppInit_DLLs: APSHook.dll => C:\windows\system32\APSHook.dll [76048 2008-03-25] (Bioscrypt Inc.)
Lsa: [Notification Packages] scecli ASWLNPkg
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-06-14] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-09-15] (Sun Microsystems, Inc.)
BHO: No Name -> {7E853D72-626A-48EC-A868-BA8D5E23E045} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-06-14] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-09-15] (Sun Microsystems, Inc.)
BHO: Credential Manager for HP ProtectTools -> {DF21F1DB-80C6-11D3-9483-B03D0EC10000} -> c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll [2008-05-21] (Bioscrypt Inc.)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll [2007-01-19] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-14] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_35 -> C:\windows\system32\npdeployJava1.dll [2012-09-15] (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-09-15] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default\Extensions\artur.dubovoy@gmail.com [2015-04-21]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-03]
FF Extension: Cliqz Beta - C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default\Extensions\cliqz@cliqz.com.xpi [2014-10-29]
FF Extension: Download Statusbar - C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2012-09-15]
FF Extension: Tab Mix Plus - C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012-09-15]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-14]
FF HKU\S-1-5-21-1854109890-2099202473-3671088656-1004\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Simonepfändler\AppData\Roaming\Mozilla\Firefox\Profiles\qecrm9k7.default\extensions\cliqz@cliqz.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Simonepfändler\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Simonepfändler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-08]
CHR Extension: (Avast Online Security) - C:\Users\Simonepfändler\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Simonepfändler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-12]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 accoca; c:\Program Files\ActivIdentity\ActivClient\accoca.exe [182576 2007-05-16] (ActivIdentity)
R2 ASBroker; c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [111888 2008-05-21] (Bioscrypt Inc.)
R2 ASChannel; c:\Program Files\Hewlett-Packard\IAM\Bin\AsChnl.dll [137488 2008-05-21] (Bioscrypt Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-06-14] (Avast Software s.r.o.)
S4 BrYNSvc; C:\Program Files\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-04-15] (Hewlett-Packard) [File not signed]
S4 HP ProtectTools Service; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [18944 2008-06-02] (Hewlett-Packard Development Company, L.P) [File not signed]
S4 HpFkCryptService; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [256512 2008-05-30] (SafeBoot International)
S4 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-08-04] (Nero AG)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S4 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-18] (Hewlett-Packard Company) [File not signed]
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
S4 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
S4 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [576024 2008-05-12] (PDF Complete Inc)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 rpcnet; C:\windows\system32\rpcnet.exe [78032 2015-06-14] (Absolute Software Corp.)
S4 ServiceLayer; C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe [620544 2008-11-11] (Nokia.) [File not signed]
S4 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
S3 usnjsvc; C:\Program Files\MSN Messenger\usnsvc.exe [97136 2007-01-19] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\bin\a2ddax86.sys [22056 2015-05-31] (Emsisoft GmbH)
R2 aswHwid; C:\windows\system32\drivers\aswHwid.sys [24144 2015-06-14] ()
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [74976 2015-06-14] (Avast Software s.r.o.)
R1 aswRdr; C:\windows\system32\drivers\aswRdr.sys [55200 2015-06-14] (Avast Software s.r.o.)
S0 aswRvrt; C:\windows\system32\Drivers\aswRvrt.sys [49904 2015-06-14] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [787760 2015-06-14] (Avast Software s.r.o.)
S1 aswSP; C:\windows\system32\drivers\aswSP.sys [427992 2015-06-14] (Avast Software s.r.o.)
R1 aswTdi; C:\windows\system32\drivers\aswTdi.sys [57888 2015-06-14] (Avast Software s.r.o.)
R0 aswVmm; C:\windows\system32\Drivers\aswVmm.sys [209048 2015-06-14] ()
S3 cleanhlp; C:\EEK\bin\cleanhlp32.sys [50200 2015-05-31] (Emsisoft GmbH)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R1 RsvLock; C:\windows\system32\Drivers\RsvLock.sys [12496 2008-05-30] (SafeBoot International)
R0 SafeBoot; C:\windows\system32\Drivers\SafeBoot.sys [108752 2008-05-30] () [File not signed]
R0 SbAlg; C:\windows\system32\Drivers\SbAlg.sys [51376 2008-05-30] (SafeBoot N.V.)
R0 SbFsLock; C:\windows\system32\Drivers\SbFsLock.sys [12928 2008-05-30] (SafeBoot International)
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1804160 2008-04-10] ()
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerflt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 17:31 - 2015-06-14 17:31 - 00000000 ____D C:\Users\Simonepfändler\AppData\Roaming\AVAST Software
2015-06-14 17:29 - 2015-06-14 17:41 - 00183355 _____ C:\Users\Simonepfändler\Downloads\FRST (2).exe.opdownload
2015-06-14 17:28 - 2015-06-14 17:41 - 01148416 _____ (Farbar) C:\Users\Simonepfändler\Downloads\FRST (1).exe
2015-06-14 17:28 - 2015-06-14 17:28 - 00001789 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-06-14 17:28 - 2015-06-14 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-14 17:28 - 2015-06-14 17:28 - 00000000 ____D C:\Program Files\Microsoft ATS
2015-06-14 17:24 - 2015-06-14 17:23 - 00427992 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-06-14 17:24 - 2015-06-14 17:23 - 00291312 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-06-14 17:24 - 2015-06-14 17:23 - 00209048 _____ C:\windows\system32\Drivers\aswVmm.sys
2015-06-14 17:24 - 2015-06-14 17:23 - 00074976 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-06-14 17:24 - 2015-06-14 17:23 - 00057888 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswTdi.sys
2015-06-14 17:24 - 2015-06-14 17:23 - 00055200 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr.sys
2015-06-14 17:24 - 2015-06-14 17:23 - 00049904 _____ C:\windows\system32\Drivers\aswRvrt.sys
2015-06-14 17:24 - 2015-06-14 17:23 - 00024144 _____ C:\windows\system32\Drivers\aswHwid.sys
2015-06-14 17:24 - 2015-06-14 17:22 - 00787760 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-06-14 17:23 - 2015-06-14 17:23 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-06-14 17:19 - 2015-06-14 17:19 - 00000000 ____D C:\Program Files\AVAST Software
2015-06-14 17:16 - 2015-06-14 17:16 - 00427992 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\eindpgzq.sys
2015-06-14 17:13 - 2015-06-14 17:13 - 00462837 _____ C:\Users\Simonepfändler\Downloads\Windows7UpgradeAdvisorSetup (1).exe.opdownload
2015-06-14 16:44 - 2015-06-14 16:58 - 373578968 _____ (Microsoft Corporation) C:\Users\Simonepfändler\Downloads\office2007sp3-kb2526086-fullfile-de-de.exe
2015-06-14 16:44 - 2015-06-14 16:46 - 51812576 _____ (Microsoft Corporation) C:\Users\Simonepfändler\Downloads\Windows-KB890830-V5.25.exe
2015-06-14 16:44 - 2015-06-14 16:46 - 39074536 _____ (Microsoft Corporation) C:\Users\Simonepfändler\Downloads\FileFormatConverters.exe
2015-06-14 16:44 - 2015-06-14 16:45 - 08676128 _____ (Microsoft Corporation) C:\Users\Simonepfändler\Downloads\Windows7UpgradeAdvisorSetup.exe
2015-06-14 16:43 - 2015-06-14 16:43 - 00000000 ____D C:\windows\softwaredistribution.bak
2015-06-14 16:33 - 2015-06-14 16:34 - 00347816 _____ (Microsoft Corporation) C:\Users\Simonepfändler\Downloads\MicrosoftFixit.wu.Run (1).exe
2015-06-14 16:32 - 2015-06-14 16:38 - 152642224 _____ (Avast Software s.r.o.) C:\Users\Simonepfändler\Downloads\avast_free_antivirus_setup_10.2.2218.exe
2015-06-14 15:05 - 2015-06-14 15:05 - 00347816 _____ (Microsoft Corporation) C:\Users\Simonepfändler\Downloads\MicrosoftFixit.wu.Run.exe
2015-06-14 14:08 - 2015-06-14 14:08 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simonepfändler\Downloads\revosetup95.exe
2015-06-14 14:08 - 2015-06-14 14:08 - 00001017 _____ C:\Users\Simonepfändler\Desktop\Revo Uninstaller.lnk
2015-06-14 14:08 - 2015-06-14 14:08 - 00000000 ____D C:\Program Files\VS Revo Group
2015-06-14 13:55 - 2015-06-14 13:55 - 00000946 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-06-14 13:31 - 2015-06-14 17:32 - 00000000 ____D C:\Users\Simonepfändler\Downloads\FRST-OlderVersion
2015-06-14 13:01 - 2015-06-14 13:01 - 00000199 _____ C:\windows\system32\2015-06-14-11-01-36.012-AvastVBoxSVC.exe-3912.log
2015-06-14 10:40 - 2015-06-14 10:40 - 00000199 _____ C:\windows\system32\2015-06-14-08-40-36.023-AvastVBoxSVC.exe-3416.log
2015-06-08 16:39 - 2015-06-08 16:39 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 09
2015-06-08 16:35 - 2015-06-08 16:38 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 andre1
2015-06-08 16:33 - 2015-06-08 16:34 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 bilder07
2015-06-08 16:32 - 2015-06-08 16:33 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 flachau
2015-06-08 16:31 - 2015-06-08 16:31 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 kindergarten06
2015-06-08 16:30 - 2015-06-08 16:31 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 reiten06
2015-06-08 16:29 - 2015-06-08 16:29 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-03-17 Winterurlaub09
2015-06-08 16:27 - 2015-06-08 16:28 - 00000000 ____D C:\Users\Simonepfändler\Documents\2009-07-24 winter2008
2015-06-08 16:22 - 2015-06-08 16:26 - 00000000 ____D C:\Users\Simonepfändler\Documents\2010-02-22 winter10
2015-06-08 16:18 - 2015-06-08 16:21 - 00000000 ____D C:\Users\Simonepfändler\Documents\2010-02-22 winterdol10
2015-06-08 16:17 - 2015-06-08 16:18 - 00000000 ____D C:\Users\Simonepfändler\Documents\2010-03-24 yannik
2015-06-08 16:17 - 2015-06-08 16:17 - 00000000 ____D C:\Users\Simonepfändler\Documents\2010-05-19 Foto bild
2015-06-08 16:17 - 2015-06-04 17:12 - 02534551 _____ C:\Users\Simonepfändler\Documents\Textverarbeitung- michelle komplett.pptx
2015-06-08 15:52 - 2015-06-08 15:52 - 00000000 ____D C:\Users\Simonepfändler\Documents\2010-05-19 Janig schule
2015-06-08 15:50 - 2015-06-08 15:51 - 00000000 ____D C:\Users\Simonepfändler\Documents\2010-05-28 offende tür schule
2015-06-08 15:49 - 2015-06-08 15:50 - 00000000 ____D C:\Users\Simonepfändler\Documents\Besuch im Zoo 07
2015-06-08 15:49 - 2015-06-08 15:49 - 00000000 ____D C:\Users\Simonepfändler\Documents\Winter Sol Schweiz
2015-06-08 15:49 - 2015-06-08 15:49 - 00000000 ____D C:\Users\Simonepfändler\Documents\DCIM
2015-06-08 15:49 - 2006-10-26 15:48 - 00000678 _____ C:\Users\Simonepfändler\Documents\Beispielbilder.lnk
2015-06-08 15:43 - 2015-06-08 15:43 - 00000199 _____ C:\windows\system32\2015-06-08-13-43-35.058-AvastVBoxSVC.exe-4008.log
2015-06-04 14:31 - 2015-06-04 14:31 - 00000199 _____ C:\windows\system32\2015-06-04-12-31-47.093-AvastVBoxSVC.exe-3456.log
2015-05-31 21:27 - 2015-05-31 21:27 - 00068450 _____ C:\Users\Simonepfändler\Downloads\Extras.Txt
2015-05-31 21:23 - 2015-05-31 21:23 - 00127710 _____ C:\Users\Simonepfändler\Downloads\OTL.Txt
2015-05-31 20:23 - 2015-05-31 20:24 - 00602112 _____ (OldTimer Tools) C:\Users\Simonepfändler\Downloads\OTL.exe
2015-05-31 20:01 - 2015-05-31 20:07 - 00045695 _____ C:\Users\Simonepfändler\Downloads\Shortcut.txt
2015-05-31 19:55 - 2015-06-14 13:41 - 00015204 _____ C:\Users\Simonepfändler\Downloads\Addition.txt
2015-05-31 19:54 - 2015-06-14 13:34 - 00027339 _____ C:\Users\Simonepfändler\Downloads\FRST.txt
2015-05-31 19:53 - 2015-06-14 17:41 - 00000000 ____D C:\FRST
2015-05-31 19:52 - 2015-06-14 13:31 - 01148416 _____ (Farbar) C:\Users\Simonepfändler\Downloads\FRST.exe
2015-05-31 19:40 - 2015-05-31 19:41 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Simonepfändler\Downloads\tdsskiller.exe
2015-05-31 18:09 - 2015-06-14 13:14 - 00000691 _____ C:\Users\Simonepfändler\Desktop\Start Emsisoft Emergency Kit.lnk
2015-05-31 18:08 - 2015-06-14 13:14 - 00000000 ____D C:\EEK
2015-05-31 18:04 - 2015-05-31 18:07 - 155538368 _____ C:\Users\Simonepfändler\Downloads\EmsisoftEmergencyKit.exe
2015-05-31 17:35 - 2015-05-31 17:35 - 00000199 _____ C:\windows\system32\2015-05-31-15-35-23.000-AvastVBoxSVC.exe-3812.log
2015-05-31 17:17 - 2015-05-31 17:40 - 00000000 ____D C:\Program Files\FileHippo.com
2015-05-31 17:17 - 2015-05-31 17:17 - 00001793 _____ C:\Users\Simonepfändler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileHippo App Manager.lnk
2015-05-31 17:17 - 2015-05-31 17:17 - 00000000 ____D C:\ProgramData\IsolatedStorage
2015-05-31 17:16 - 2015-05-31 17:17 - 00848512 _____ C:\Users\Simonepfändler\Downloads\AppManagerSetup_1.46_1.exe
2015-05-31 17:09 - 2015-06-14 16:34 - 00000000 ____D C:\Users\Simonepfändler\AppData\Local\Adobe
2015-05-31 17:09 - 2015-05-31 17:09 - 00000199 _____ C:\windows\system32\2015-05-31-15-09-23.062-AvastVBoxSVC.exe-1872.log
2015-05-31 16:35 - 2015-05-31 16:35 - 00000207 _____ C:\windows\tweaking.com-regbackup-SIMONEPFÄNDL-PC-Windows-Vista-(TM)-Home-Basic-(32-bit).dat
2015-05-31 16:33 - 2015-05-31 16:33 - 00000000 ____D C:\RegBackup
2015-05-31 16:31 - 2015-06-14 13:02 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-31 16:30 - 2015-05-31 16:30 - 00000859 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-31 16:30 - 2015-05-31 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-31 16:30 - 2015-05-31 16:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-31 16:30 - 2015-05-31 16:30 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-05-31 16:30 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-05-31 16:30 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-05-31 16:30 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-05-31 16:27 - 2015-05-31 16:27 - 02947635 _____ (Thisisu) C:\Users\Simonepfändler\Downloads\JRT.exe
2015-05-31 16:26 - 2015-05-31 16:27 - 02222592 _____ C:\Users\Simonepfändler\Downloads\AdwCleaner_4.205 (1).exe
2015-05-31 16:26 - 2015-05-31 16:26 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Simonepfändler\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-31 16:26 - 2015-05-31 16:26 - 02222592 _____ C:\Users\Simonepfändler\Downloads\AdwCleaner_4.205.exe
2015-05-31 16:15 - 2015-05-31 16:15 - 00000000 ____D C:\Program Files\ESET
2015-05-31 16:13 - 2015-05-31 16:13 - 02347384 _____ (ESET) C:\Users\Simonepfändler\Downloads\esetsmartinstaller_deu (1).exe
2015-05-31 16:12 - 2015-05-31 16:13 - 02347384 _____ (ESET) C:\Users\Simonepfändler\Downloads\esetsmartinstaller_deu.exe
2015-05-31 16:10 - 2015-05-31 16:10 - 00000763 _____ C:\Users\Public\Desktop\Opera.lnk
2015-05-31 16:10 - 2015-05-31 16:10 - 00000763 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-05-31 16:10 - 2015-05-31 16:10 - 00000000 ____D C:\Users\Simonepfändler\AppData\Roaming\Opera Software
2015-05-31 16:10 - 2015-05-31 16:10 - 00000000 ____D C:\Users\Simonepfändler\AppData\Local\Opera Software
2015-05-31 16:09 - 2015-06-14 13:07 - 00000000 ____D C:\Program Files\Opera
2015-05-31 15:32 - 2015-05-31 15:32 - 00000199 _____ C:\windows\system32\2015-05-31-13-32-51.057-AvastVBoxSVC.exe-3856.log
2015-05-16 15:25 - 2015-05-16 15:26 - 00000199 _____ C:\windows\system32\2015-05-16-13-25-55.033-AvastVBoxSVC.exe-2636.log
2015-05-16 11:34 - 2015-05-16 11:34 - 00000199 _____ C:\windows\system32\2015-05-16-09-34-45.053-AvastVBoxSVC.exe-2036.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-14 17:45 - 2008-12-22 20:35 - 00000436 ____H C:\windows\Tasks\User_Feed_Synchronization-{703088C3-B1C3-4481-AAB3-7FE76BE7051F}.job
2015-06-14 17:44 - 2008-12-19 08:16 - 01133343 _____ C:\windows\WindowsUpdate.log
2015-06-14 17:27 - 2012-09-15 15:16 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2015-06-14 17:09 - 2014-02-15 09:54 - 00638434 _____ C:\windows\PFRO.log
2015-06-14 17:09 - 2010-05-10 14:03 - 00078032 _____ (Absolute Software Corp.) C:\windows\system32\rpcnet.dll
2015-06-14 17:09 - 2009-12-10 17:10 - 00017408 _____ C:\windows\system32\rpcnetp.exe
2015-06-14 17:09 - 2006-11-02 14:58 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-06-14 17:09 - 2006-11-02 14:45 - 00003216 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 17:09 - 2006-11-02 14:45 - 00003216 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 17:08 - 2008-12-19 08:16 - 00000012 _____ C:\windows\bthservsdp.dat
2015-06-14 17:08 - 2006-11-02 14:58 - 00032524 _____ C:\windows\Tasks\SCHEDLGU.TXT
2015-06-14 16:34 - 2012-09-15 15:16 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2015-06-14 16:34 - 2012-09-15 15:16 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2015-06-14 16:20 - 2008-12-20 16:16 - 00104992 _____ C:\Users\Simonepfändler\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-14 16:19 - 2006-11-02 14:44 - 00391768 _____ C:\windows\system32\FNTCACHE.DAT
2015-06-14 16:18 - 2008-07-23 14:29 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-06-14 16:07 - 2009-06-28 19:54 - 00000000 ____D C:\Program Files\DIFX
2015-06-14 16:05 - 2014-10-05 18:27 - 00008576 _____ C:\windows\DPINST.LOG
2015-06-14 15:59 - 2008-07-23 15:03 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-06-14 15:42 - 2009-06-28 20:02 - 00000000 ____D C:\Users\Simonepfändler\AppData\Roaming\Nokia
2015-06-14 15:35 - 2009-06-28 19:51 - 00000000 ____D C:\Program Files\Nokia
2015-06-14 14:50 - 2010-05-10 14:03 - 00078032 ____N (Absolute Software Corp.) C:\windows\system32\rpcnet.exe
2015-06-14 14:46 - 2008-04-17 18:29 - 00017408 _____ C:\windows\system32\rpcnetp.dll
2015-06-14 14:33 - 2010-02-22 17:50 - 00001356 _____ C:\Users\Simonepfändler\AppData\Local\d3d9caps.dat
2015-06-14 13:05 - 2008-04-16 17:33 - 01680514 _____ C:\windows\system32\PerfStringBackup.INI
2015-06-14 13:01 - 2014-10-05 18:33 - 00000000 ____D C:\Users\Simonepfändler\AppData\Local\HTC MediaHub
2015-06-14 12:59 - 2008-07-23 14:49 - 00000000 ____D C:\ProgramData\hpqLog
2015-06-08 16:35 - 2009-02-05 19:02 - 00198144 _____ C:\Users\Simonepfändler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-31 17:30 - 2014-02-11 18:56 - 00000000 ____D C:\AdwCleaner
2015-05-31 17:04 - 2012-04-04 15:05 - 00000000 ____D C:\Program Files\Google
2015-05-31 16:22 - 2009-07-12 14:00 - 00000000 ___RD C:\Users\Simonepfändler\Desktop\Neuer Ordner
2015-05-31 16:19 - 2014-07-10 18:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-05-31 15:34 - 2014-06-16 16:47 - 00022498 _____ C:\windows\setupact.log

==================== Files in the root of some directories =======

2008-12-20 16:17 - 2008-12-20 16:17 - 0000000 _____ () C:\Users\Simonepfändler\AppData\Local\AtStart.txt
2010-02-22 17:50 - 2015-06-14 14:33 - 0001356 _____ () C:\Users\Simonepfändler\AppData\Local\d3d9caps.dat
2009-02-05 19:02 - 2015-06-08 16:35 - 0198144 _____ () C:\Users\Simonepfändler\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-12-20 16:17 - 2008-12-20 16:17 - 0000000 _____ () C:\Users\Simonepfändler\AppData\Local\DSwitch.txt
2010-10-01 18:24 - 2010-10-01 18:24 - 0000000 _____ () C:\Users\Simonepfändler\AppData\Local\FnF4.txt
2009-08-06 19:31 - 2009-08-06 19:31 - 0000102 _____ () C:\Users\Simonepfändler\AppData\Local\fusioncache.dat
2008-12-20 16:17 - 2008-12-20 16:17 - 0000000 _____ () C:\Users\Simonepfändler\AppData\Local\QSwitch.txt
2015-04-26 22:58 - 2015-04-26 22:58 - 0000000 _____ () C:\Users\Simonepfändler\AppData\Local\{283E7515-9E80-4D65-B347-AE0CCF301898}

Some files in TEMP:
====================
C:\Users\Simonepfändler\AppData\Local\Temp\NEventMessages.dll
C:\Users\Simonepfändler\AppData\Local\Temp\Quarantine.exe
C:\Users\Simonepfändler\AppData\Local\Temp\sqlite3.dll
C:\Users\Simonepfändler\AppData\Local\Temp\unwise.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{2D941AFB-15B6-4512-8426-C3267562FE36}-GoogleUpdateSetup.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{69E23913-E846-49EB-AE64-57EF412A0009}-43.0.2357.81_42.0.2311.135_chrome_updater.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{7E796A16-D0FA-4825-BCA7-D3E65CBB29A4}-GoogleUpdateSetup.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{7F14F96C-4C1B-44FA-A898-D176D1FCF131}-GoogleUpdateSetup.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{905CE3AC-09AF-49DB-A1AF-652A77117AFD}-GoogleUpdateSetup.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{9256118A-4E2A-4F64-835E-BC9953DE358F}-40.0.2214.111_chrome_installer.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{B12F9772-4307-4333-BCFB-C9FE09CA3614}-GoogleUpdateSetup.exe
C:\Users\Simonepfändler\AppData\Local\Temp\{C0E7879A-FDC8-4F2D-AD21-2D398FDA8FDE}-GoogleUpdateSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\windows\explorer.exe => File is digitally signed
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-14 17:17

==================== End of log ============================

schrauber · 14.06.2015, 17:30

Hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Ocir33 · 14.06.2015, 18:26

mbar.exe ist durchgelaufen hat nichts gefunden!!

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.14.04
  rootkit: v2015.06.02.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Simonepfändler :: SIMONEPFÄNDL-PC [administrator]

14.06.2015 18:56:29
mbar-log-2015-06-14 (18-56-29).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 318810
Time elapsed: 27 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 7.0.6002.18005

Java version: 1.6.0_35

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 1.900000 GHz
Memory total: 1874935808, free: 196198400

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 7.0.6002.18005

Java version: 1.6.0_35

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 1.900000 GHz
Memory total: 1874935808, free: 440020992

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.0.6002 Windows Vista Service Pack 2 x86

Account is Administrative

Internet Explorer version: 7.0.6002.18005

Java version: 1.6.0_35

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 1.900000 GHz
Memory total: 1874935808, free: 466714624

Downloaded database version: v2015.06.14.04
Downloaded database version: v2015.06.02.01
Downloaded database version: v2015.05.13.01
=======================================
Initializing...
------------ Kernel report ------------
     06/14/2015 18:56:05
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\isapnp.sys
\SystemRoot\system32\drivers\mpio.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\intelide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\DRIVERS\pcmcia.sys
\SystemRoot\system32\drivers\aliide.sys
\SystemRoot\system32\drivers\amdide.sys
\SystemRoot\system32\drivers\cmdide.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\msdsm.sys
\SystemRoot\system32\drivers\nvraid.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\viaide.sys
\SystemRoot\system32\drivers\iastorv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\lsi_scsi.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\hpcisss.sys
\SystemRoot\system32\drivers\adp94xx.sys
\SystemRoot\system32\drivers\adpahci.sys
\SystemRoot\system32\drivers\adpu160m.sys
\SystemRoot\system32\drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\adpu320.sys
\SystemRoot\system32\drivers\djsvs.sys
\SystemRoot\system32\drivers\arc.sys
\SystemRoot\system32\drivers\arcsas.sys
\SystemRoot\system32\drivers\elxstor.sys
\SystemRoot\system32\drivers\i2omp.sys
\SystemRoot\system32\drivers\iirsp.sys
\SystemRoot\system32\drivers\iteatapi.sys
\SystemRoot\system32\drivers\iteraid.sys
\SystemRoot\system32\drivers\lsi_fc.sys
\SystemRoot\system32\drivers\lsi_sas.sys
\SystemRoot\system32\drivers\megasas.sys
\SystemRoot\system32\drivers\megasr.sys
\SystemRoot\system32\drivers\mraid35x.sys
\SystemRoot\system32\drivers\nfrd960.sys
\SystemRoot\system32\drivers\nvstor.sys
\SystemRoot\system32\drivers\ql2300.sys
\SystemRoot\system32\drivers\ql40xx.sys
\SystemRoot\system32\drivers\sisraid2.sys
\SystemRoot\system32\drivers\sisraid4.sys
\SystemRoot\system32\drivers\symc8xx.sys
\SystemRoot\system32\drivers\sym_hi.sys
\SystemRoot\system32\drivers\sym_u3.sys
\SystemRoot\system32\drivers\uliahci.sys
\SystemRoot\system32\drivers\ulsata.sys
\SystemRoot\system32\drivers\ulsata2.sys
\SystemRoot\system32\drivers\vsmraid.sys
\SystemRoot\System32\Drivers\SbAlg.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\SbFsLock.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\wd.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\drivers\sbp2port.sys
\SystemRoot\System32\Drivers\SafeBoot.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\DRIVERS\hpdskflt.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\DRIVERS\AtiPcie.sys
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\processr.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\yk60x86.sys
\SystemRoot\system32\DRIVERS\bcmwl6.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\HpqKbFiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\Accelerometer.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\cpqbttn.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\AGRSM.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\snp2uvc.sys
\SystemRoot\system32\DRIVERS\STREAM.SYS
\SystemRoot\system32\DRIVERS\sncduvc.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\RsvLock.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\??\C:\EEK\bin\a2ddax86.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_SbHiber.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\eindpgzq.SYS
\SystemRoot\system32\drivers\aswHwid.sys
\SystemRoot\System32\Drivers\aswVmm.SYS
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswRdr.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswTdi.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.06.14.04
  rootkit: v2015.06.02.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86025240, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8601b020, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff86028648, DeviceName: Unknown, DriverName: \Driver\SafeBoot\
DevicePointer: 0xffffffff86025240, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff86027558, DeviceName: Unknown, DriverName: \Driver\hpdskflt\
DevicePointer: 0xffffffff85fff918, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff85fea030, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\SafeBoot\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File user open failed: C:\WINDOWS\SYSTEM32\drivers\SafeBoot.sys (0x00000020)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 80D2F3EE

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 467419073
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Other (0xc)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 467419136  Numsec = 2099200

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 469518704  Numsec = 18878464

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-06FF92B84ED2C98775AF55778BCB93FDB76ECEB3.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-06FF92B84ED2C98775AF55778BCB93FDB76ECEB3.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastSvc.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\AvastUI.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\CommChannel.Protocol.log" is compressed (flags = 1)
File "C:\ProgramData\AVAST Software\Avast\log\Grimefighter.log" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished

Code:

ATTFilter

 Results of screen317's Security Check version 1.002  
 Windows Vista Service Pack 2 x86 (UAC is enabled)  
 Internet Explorer 7 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 CCleaner     
 Java(TM) 6 Update 35  
 Java(TM) 6 Update 6  
 HP JavaCard for HP ProtectTools 
 Java version 32-bit out of Date! 
 Adobe Flash Player 	18.0.0.160  
 Google Chrome (42.0.2311.135) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSASCui.exe 
 Windows Defender MSASCui.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastUi.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

schrauber · 15.06.2015, 11:34

Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.

Lappi mit Vista kein Windowsupdate mehr

Plagegeister aller Art und deren Bekämpfung: Lappi mit Vista kein Windowsupdate mehr