Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Avira lässt sich nicht installieren

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 22.04.2015, 14:32   #1
rooks
 
Avira lässt sich nicht installieren - Standard

Avira lässt sich nicht installieren



Ich hab avira 2015 free direkt von deren seite runtergeladen, doch immer wenn ich es installieren will kommt eine fehlermeldung mit dem log:
Code:
ATTFilter
Anhang 73815
         
darauf hab ich einen weiteren scan durchgeführt mit FRST.
Code:
ATTFilter
Anhang 73818
         
Code:
ATTFilter
Anhang 73819
         
von Gmer:
Code:
ATTFilter
Anhang 73821
         

Geändert von rooks (22.04.2015 um 14:59 Uhr)

Alt 22.04.2015, 14:49   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Avira lässt sich nicht installieren - Standard

Avira lässt sich nicht installieren



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 22.04.2015, 15:00   #3
rooks
 
Avira lässt sich nicht installieren - Standard

Avira lässt sich nicht installieren



avira log file:

Code:
ATTFilter
[02F4:07EC][2015-04-22T14:34:58]i001: Burn v3.8.1128.0, Windows v6.1 (Build 7601: Service Pack 1), path: C:\Users\Lula\Downloads\avira_de_av_55368b2dd5808__ws.exe, cmdline: '-burn.unelevated BurnPipe.{B3C50F09-9369-4898-88C7-B4063A501F29} {1E276726-3588-4371-858A-A0F8FA73E211} 288'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'PARTNER_ID' to value 'avira'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'SkipSuccessPageAfterInstall' to value 'yes'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'ShowProgressInTaskBar' to value 'no'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'RebootImmediatly' to value 'yes'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'ShowSendErrorReport' to value 'yes'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'LogFileUploadUrl' to value 'https://wl-win.oes.avira.com/sendreport'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'SERVER_URL' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'LEGACY_SERVER_URL' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'SHORT_MSG_FORMAT' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'TRACKING_TOKEN' to value '1e273c264b066a9848ad28f4b44e3d26'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing numeric variable 'TESTING_MODE' to value '0'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'CUSTOM_KIT_TOKEN' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'DOWNLOAD_SOURCE' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'SOFT_AUTH_ID' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing string variable 'BUNDLE_ID' to value ''
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing numeric variable 'NOAFTERINSTALLPAGE' to value '0'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing numeric variable 'SILENT_INSTALLATION_FROM_BOOTSTRAPPER' to value '0'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing numeric variable 'IS_MAYOR_UPGRADE' to value '0'
[02F4:07EC][2015-04-22T14:34:58]i000: Initializing numeric variable 'IS_STARTED_BY_MAYOR_UPGRADE' to value '0'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting string variable 'WixBundleLog' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458.log'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting string variable 'WixBundleOriginalSource' to value 'C:\Users\Lula\Downloads\avira_de_av_55368b2dd5808__ws.exe'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting string variable 'WixBundleName' to value 'Avira'
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'CUSTOM_KIT_TOKEN' to value ''
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'DOWNLOAD_SOURCE' to value 'ws'
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'BUNDLE_ID' to value 'av'
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'SOFT_AUTH_ID' to value '55368b2dd5808'
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'SILENT_INSTALLATION_FROM_BOOTSTRAPPER' to value '0'
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'IS_STARTED_BY_MAYOR_UPGRADE' to value '0'
[02F4:0758][2015-04-22T14:34:58]i000: Setting string variable 'LANGUAGE' to value 'de'
[02F4:07EC][2015-04-22T14:34:58]i100: Detect begin, 4 packages
[02F4:07EC][2015-04-22T14:34:58]i000: Registry key not found. Key = 'Software\X-AVCSD\Launcher'
[02F4:07EC][2015-04-22T14:34:58]i000: Registry value not found. Key = '', Value = 'PartnerId'
[02F4:07EC][2015-04-22T14:34:58]i000: Registry value not found. Key = '', Value = 'ProductName'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting string variable 'NETFRAMEWORK35' to value '1'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting string variable 'NETFRAMEWORK35SP1' to value '1'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting string variable 'NETFRAMEWORK40CLIENT' to value '1'
[02F4:07EC][2015-04-22T14:34:58]i000: Registry key not found. Key = 'SOFTWARE\Avira\AntiVir Server'
[02F4:07EC][2015-04-22T14:34:58]i000: Setting numeric variable 'AviraServerSecurityIsInstalled' to value 0
[02F4:07EC][2015-04-22T14:34:58]i052: Condition '(InstalledLauncherPartnerId = PARTNER_ID) AND (IS_STARTED_BY_MAYOR_UPGRADE = 0)' evaluates to false.
[02F4:07EC][2015-04-22T14:34:58]i052: Condition '(NETFRAMEWORK40CLIENT = 1)' evaluates to true.
[02F4:07EC][2015-04-22T14:34:58]i101: Detected package: ExecutePrequisites, state: Absent, cached: None
[02F4:07EC][2015-04-22T14:34:58]i101: Detected package: OECrossDetectionKey, state: Absent, cached: None
[02F4:07EC][2015-04-22T14:34:58]i101: Detected package: NetFx40ClientWeb, state: Present, cached: None
[02F4:07EC][2015-04-22T14:34:58]i101: Detected package: Id.Avira.OE.Setup.Msi, state: Absent, cached: None
[02F4:07EC][2015-04-22T14:34:58]i052: Condition 'NTProductType = 1 AND          (              ((VersionNT = v5.1) AND (ServicePackLevel >= 3)) OR               ((VersionNT64 = v5.2) AND (ServicePackLevel >= 2)) OR               ((VersionNT = v6.0)) OR               ((VersionNT = v6.1)) OR               (VersionNT >= v6.2)          )' evaluates to true.
[02F4:07EC][2015-04-22T14:34:58]i052: Condition 'NOT AviraServerSecurityIsInstalled' evaluates to true.
[02F4:07EC][2015-04-22T14:34:58]i052: Condition '(NOT InstalledLauncherPartnerId) OR (InstalledLauncherPartnerId = PARTNER_ID)' evaluates to true.
[02F4:07EC][2015-04-22T14:34:58]i199: Detect complete, result: 0x0
[02F4:07EC][2015-04-22T14:34:59]i200: Plan begin, 4 packages, action: Install
[02F4:07EC][2015-04-22T14:34:59]w321: Skipping dependency registration on package with no dependency providers: ExecutePrequisites
[02F4:07EC][2015-04-22T14:34:59]i000: Setting string variable 'WixBundleLog_ExecutePrequisites' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458_0_ExecutePrequisites.log'
[02F4:07EC][2015-04-22T14:34:59]i000: Setting string variable 'WixBundleRollbackLog_ExecutePrequisites' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458_0_ExecutePrequisites_rollback.log'
[02F4:07EC][2015-04-22T14:34:59]w321: Skipping dependency registration on package with no dependency providers: OECrossDetectionKey
[02F4:07EC][2015-04-22T14:34:59]i000: Setting string variable 'WixBundleLog_OECrossDetectionKey' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458_1_OECrossDetectionKey.log'
[02F4:07EC][2015-04-22T14:34:59]i000: Setting string variable 'WixBundleRollbackLog_OECrossDetectionKey' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458_1_OECrossDetectionKey_rollback.log'
[02F4:07EC][2015-04-22T14:34:59]i052: Condition '(NOT(NETFRAMEWORK35 = 1 AND NETFRAMEWORK35SP1 = 1)) AND (NOT (NETFRAMEWORK40CLIENT = 1))' evaluates to false.
[02F4:07EC][2015-04-22T14:34:59]w321: Skipping dependency registration on package with no dependency providers: NetFx40ClientWeb
[02F4:07EC][2015-04-22T14:34:59]i000: Setting string variable 'WixBundleRollbackLog_Id.Avira.OE.Setup.Msi' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458_2_Id.Avira.OE.Setup.Msi_rollback.log'
[02F4:07EC][2015-04-22T14:34:59]i000: Setting string variable 'WixBundleLog_Id.Avira.OE.Setup.Msi' to value 'C:\Users\Lula\AppData\Local\Temp\Avira_20150422143458_2_Id.Avira.OE.Setup.Msi.log'
[02F4:07EC][2015-04-22T14:34:59]i201: Planned package: ExecutePrequisites, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: None
[02F4:07EC][2015-04-22T14:34:59]i201: Planned package: OECrossDetectionKey, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: None
[02F4:07EC][2015-04-22T14:34:59]i201: Planned package: NetFx40ClientWeb, state: Present, default requested: Absent, ba requested: Absent, execute: None, rollback: None, cache: No, uncache: No, dependency: None
[02F4:07EC][2015-04-22T14:34:59]i201: Planned package: Id.Avira.OE.Setup.Msi, state: Absent, default requested: Present, ba requested: Present, execute: Install, rollback: Uninstall, cache: Yes, uncache: No, dependency: Register
[02F4:07EC][2015-04-22T14:34:59]i299: Plan complete, result: 0x0
[02F4:07EC][2015-04-22T14:35:00]i300: Apply begin
[0120:0158][2015-04-22T14:35:06]w308: Automatic updates could not be paused due to error: 0x8007043c. Continuing...
[0120:0158][2015-04-22T14:35:06]i000: Caching bundle from: 'C:\Users\Lula\AppData\Local\Temp\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}\.be\Avira.OE.Setup.Bundle.exe' to: 'C:\ProgramData\Package Cache\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}\Avira.OE.Setup.Bundle.exe'
[0120:0158][2015-04-22T14:35:06]i320: Registering bundle dependency provider: {d8490d5d-0f24-4000-b2e4-4b500a9a704d}, version: 1.1.35.25717
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: ExecutePrequisites at path: C:\ProgramData\Package Cache\.unverified\ExecutePrequisites, moving to: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe.
[0120:00F4][2015-04-22T14:35:06]i304: Verified existing payload: OECrossDetectionKey at path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: Id.Avira.OE.Setup.Msi at path: C:\ProgramData\Package Cache\.unverified\Id.Avira.OE.Setup.Msi, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\Avira.OE.Setup.Msi.msi.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: BundlePayload at path: C:\ProgramData\Package Cache\.unverified\BundlePayload, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\BundledProducts.xml.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiDE at path: C:\ProgramData\Package Cache\.unverified\MsiDE, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.de.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiEN at path: C:\ProgramData\Package Cache\.unverified\MsiEN, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.en.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiEs at path: C:\ProgramData\Package Cache\.unverified\MsiEs, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.es.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiFr at path: C:\ProgramData\Package Cache\.unverified\MsiFr, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.fr.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiIt at path: C:\ProgramData\Package Cache\.unverified\MsiIt, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.it.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiJa at path: C:\ProgramData\Package Cache\.unverified\MsiJa, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.ja.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiNl at path: C:\ProgramData\Package Cache\.unverified\MsiNl, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.nl.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiPtBr at path: C:\ProgramData\Package Cache\.unverified\MsiPtBr, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.ptbr.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiRu at path: C:\ProgramData\Package Cache\.unverified\MsiRu, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.ru.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiTr at path: C:\ProgramData\Package Cache\.unverified\MsiTr, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.tr.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiZhCn at path: C:\ProgramData\Package Cache\.unverified\MsiZhCn, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.zhcn.mst.
[0120:00F4][2015-04-22T14:35:06]i305: Verified acquired payload: MsiZhTw at path: C:\ProgramData\Package Cache\.unverified\MsiZhTw, moving to: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\loc.zhtw.mst.
[0120:0158][2015-04-22T14:35:06]i301: Applying execute package: ExecutePrequisites, action: Install, path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe, arguments: '"C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe" /enableMsiService /checkRebootRequired'
[02F4:07EC][2015-04-22T14:35:06]i319: Applied execute package: ExecutePrequisites, result: 0x0, restart: None
[0120:0158][2015-04-22T14:35:06]i301: Applying execute package: OECrossDetectionKey, action: Install, path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe, arguments: '"C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe" /writeCrossDetectionKey'
[02F4:07EC][2015-04-22T14:35:06]i319: Applied execute package: OECrossDetectionKey, result: 0x0, restart: None
[0120:0158][2015-04-22T14:35:06]i323: Registering package dependency provider: {E1355B2B-5093-4917-8F44-F253B0A6F0F2}, version: 1.1.35.25717, package: Id.Avira.OE.Setup.Msi
[0120:0158][2015-04-22T14:35:06]i301: Applying execute package: Id.Avira.OE.Setup.Msi, action: Install, path: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\Avira.OE.Setup.Msi.msi, arguments: ' ARPSYSTEMCOMPONENT="1" TRANSFORMS="loc.de.mst" SERVER_URL="" LEGACY_SERVER_URL="" SHORT_MSG_FORMAT="" TRACKING_TOKEN="1e273c264b066a9848ad28f4b44e3d26" CUSTOM_KIT_TOKEN="" DOWNLOAD_SOURCE="ws" BUNDLE_ID="av" SOFT_AUTH_ID="55368b2dd5808" WCF_AUTH_VERIFY_SIGNATURE="TRUE" NOAFTERINSTALLPAGE="0" SILENT_INSTALLATION_FROM_BOOTSTRAPPER="0" TRIGGERED_FROM_BOOTSTRAPPER="1"'
[0120:0158][2015-04-22T14:35:06]e000: Error 0x80070641: Failed to install MSI package.
[0120:0158][2015-04-22T14:35:06]e000: Error 0x80070641: Failed to execute MSI package.
[02F4:07EC][2015-04-22T14:35:06]e000: Error 0x80070641: Failed to configure per-machine MSI package.
[02F4:07EC][2015-04-22T14:35:06]w348: Application requested retry of package: Id.Avira.OE.Setup.Msi, encountered error: 0x80070641. Retrying...
[0120:0158][2015-04-22T14:35:09]i301: Applying execute package: Id.Avira.OE.Setup.Msi, action: Install, path: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\Avira.OE.Setup.Msi.msi, arguments: ' ARPSYSTEMCOMPONENT="1" TRANSFORMS="loc.de.mst" SERVER_URL="" LEGACY_SERVER_URL="" SHORT_MSG_FORMAT="" TRACKING_TOKEN="1e273c264b066a9848ad28f4b44e3d26" CUSTOM_KIT_TOKEN="" DOWNLOAD_SOURCE="ws" BUNDLE_ID="av" SOFT_AUTH_ID="55368b2dd5808" WCF_AUTH_VERIFY_SIGNATURE="TRUE" NOAFTERINSTALLPAGE="0" SILENT_INSTALLATION_FROM_BOOTSTRAPPER="0" TRIGGERED_FROM_BOOTSTRAPPER="1"'
[0120:0158][2015-04-22T14:35:09]e000: Error 0x80070641: Failed to install MSI package.
[0120:0158][2015-04-22T14:35:09]e000: Error 0x80070641: Failed to execute MSI package.
[02F4:07EC][2015-04-22T14:35:09]e000: Error 0x80070641: Failed to configure per-machine MSI package.
[02F4:07EC][2015-04-22T14:35:09]w348: Application requested retry of package: Id.Avira.OE.Setup.Msi, encountered error: 0x80070641. Retrying...
[0120:0158][2015-04-22T14:35:12]i301: Applying execute package: Id.Avira.OE.Setup.Msi, action: Install, path: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\Avira.OE.Setup.Msi.msi, arguments: ' ARPSYSTEMCOMPONENT="1" TRANSFORMS="loc.de.mst" SERVER_URL="" LEGACY_SERVER_URL="" SHORT_MSG_FORMAT="" TRACKING_TOKEN="1e273c264b066a9848ad28f4b44e3d26" CUSTOM_KIT_TOKEN="" DOWNLOAD_SOURCE="ws" BUNDLE_ID="av" SOFT_AUTH_ID="55368b2dd5808" WCF_AUTH_VERIFY_SIGNATURE="TRUE" NOAFTERINSTALLPAGE="0" SILENT_INSTALLATION_FROM_BOOTSTRAPPER="0" TRIGGERED_FROM_BOOTSTRAPPER="1"'
[0120:0158][2015-04-22T14:35:12]e000: Error 0x80070641: Failed to install MSI package.
[0120:0158][2015-04-22T14:35:12]e000: Error 0x80070641: Failed to execute MSI package.
[02F4:07EC][2015-04-22T14:35:12]e000: Error 0x80070641: Failed to configure per-machine MSI package.
[02F4:07EC][2015-04-22T14:35:12]w348: Application requested retry of package: Id.Avira.OE.Setup.Msi, encountered error: 0x80070641. Retrying...
[0120:0158][2015-04-22T14:35:15]i301: Applying execute package: Id.Avira.OE.Setup.Msi, action: Install, path: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\Avira.OE.Setup.Msi.msi, arguments: ' ARPSYSTEMCOMPONENT="1" TRANSFORMS="loc.de.mst" SERVER_URL="" LEGACY_SERVER_URL="" SHORT_MSG_FORMAT="" TRACKING_TOKEN="1e273c264b066a9848ad28f4b44e3d26" CUSTOM_KIT_TOKEN="" DOWNLOAD_SOURCE="ws" BUNDLE_ID="av" SOFT_AUTH_ID="55368b2dd5808" WCF_AUTH_VERIFY_SIGNATURE="TRUE" NOAFTERINSTALLPAGE="0" SILENT_INSTALLATION_FROM_BOOTSTRAPPER="0" TRIGGERED_FROM_BOOTSTRAPPER="1"'
[0120:0158][2015-04-22T14:35:15]e000: Error 0x80070641: Failed to install MSI package.
[0120:0158][2015-04-22T14:35:15]e000: Error 0x80070641: Failed to execute MSI package.
[02F4:07EC][2015-04-22T14:35:15]e000: Error 0x80070641: Failed to configure per-machine MSI package.
[02F4:07EC][2015-04-22T14:35:15]i319: Applied execute package: Id.Avira.OE.Setup.Msi, result: 0x80070641, restart: None
[02F4:07EC][2015-04-22T14:35:15]e000: Error 0x80070641: Failed to execute MSI package.
[0120:0158][2015-04-22T14:35:15]i318: Skipped rollback of package: Id.Avira.OE.Setup.Msi, action: Uninstall, already: Absent
[02F4:07EC][2015-04-22T14:35:15]i319: Applied rollback package: Id.Avira.OE.Setup.Msi, result: 0x0, restart: None
[0120:0158][2015-04-22T14:35:15]i329: Removed package dependency provider: {E1355B2B-5093-4917-8F44-F253B0A6F0F2}, package: Id.Avira.OE.Setup.Msi
[0120:0158][2015-04-22T14:35:15]i351: Removing cached package: Id.Avira.OE.Setup.Msi, from path: C:\ProgramData\Package Cache\{E1355B2B-5093-4917-8F44-F253B0A6F0F2}v1.1.35.25717\
[0120:0158][2015-04-22T14:35:15]i301: Applying rollback package: OECrossDetectionKey, action: Uninstall, path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe, arguments: '"C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe" /removeCrossDetectionKey'
[02F4:07EC][2015-04-22T14:35:15]i319: Applied rollback package: OECrossDetectionKey, result: 0x0, restart: None
[0120:0158][2015-04-22T14:35:15]i351: Removing cached package: OECrossDetectionKey, from path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\
[0120:0158][2015-04-22T14:35:15]i301: Applying rollback package: ExecutePrequisites, action: Uninstall, path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe, arguments: '"C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe" /enableMsiService'
[0120:0158][2015-04-22T14:35:15]e000: Error 0x80070003: Failed to CreateProcess on path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\Avira.OE.Setup.Prerequisites.exe
[0120:0158][2015-04-22T14:35:15]e000: Error 0x80070003: Failed to execute EXE package.
[02F4:07EC][2015-04-22T14:35:15]e000: Error 0x80070003: Failed to configure per-machine EXE package.
[02F4:07EC][2015-04-22T14:35:15]i319: Applied rollback package: ExecutePrequisites, result: 0x80070003, restart: None
[0120:0158][2015-04-22T14:35:15]i351: Removing cached package: ExecutePrequisites, from path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\
[0120:0158][2015-04-22T14:35:15]w353: Unable to remove cached package: ExecutePrequisites, from path: C:\ProgramData\Package Cache\5A184DAEADFE7352F1B837404BC7DC34AD73D611\, reason: 0x80070003. Continuing...
[0120:0158][2015-04-22T14:35:15]i330: Removed bundle dependency provider: {d8490d5d-0f24-4000-b2e4-4b500a9a704d}
[0120:0158][2015-04-22T14:35:15]i352: Removing cached bundle: {d8490d5d-0f24-4000-b2e4-4b500a9a704d}, from path: C:\ProgramData\Package Cache\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}\
[02F4:07EC][2015-04-22T14:35:15]i399: Apply complete, result: 0x80070641, restart: None, ba requested restart:  No
         
FRST Log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Lula (administrator) on MAKA-PC on 22-04-2015 15:43:00
Running from C:\Users\Lula\Downloads
Loaded Profiles: Lula (Available profiles: Lula & Papa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Trend Micro Inc.) C:\Users\Lula\Downloads\hijackthis.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694048 2014-05-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1222768 2015-04-10] ()
HKU\S-1-5-21-522234228-4192544273-3428825822-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-522234228-4192544273-3428825822-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49997;https=127.0.0.1:49997;
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-522234228-4192544273-3428825822-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.giga.de/androidnews/?utm_source=SDA&utm_medium=plugin&utm_campaign=april2015 
HKU\S-1-5-21-522234228-4192544273-3428825822-1001\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=928&systemid=2&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> DefaultScope {4E00BF0C-61B4-44B7-AE56-4DB66E480E09} URL = 
SearchScopes: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> Backup.Old.DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847}
SearchScopes: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> 006ee092-9658-4fd6-bd8e-a21a348e59f5 URL = 
SearchScopes: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1397308101&from=tugs&uid=SAMSUNGXHM500JI_S20CJ9FZ911527&q={searchTerms}
SearchScopes: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> {4E00BF0C-61B4-44B7-AE56-4DB66E480E09} URL = 
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2010-04-28] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-09-19] (DVDVideoSoft Ltd.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} ->  No File
BHO-x32: PriceSparrow -> {3F2DC1E7-A56F-49D8-B0CF-DB2300594497} ->  No File
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {c840e246-6b95-475e-9bd7-caa1c7eca9f2} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-01-13] (DVDVideoSoft Ltd.)
Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File
Toolbar: HKU\S-1-5-21-522234228-4192544273-3428825822-1001 -> No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\windows\syswow64\urlmon.dll [2013-11-02] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334
FF Homepage: hxxp://www.giga.de/androidnews/?utm_source=SDA&utm_medium=plugin&utm_campaign=april2015 
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\user.js [2015-04-07]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-10-26] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-10-26] (Apple Inc.)
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\sparpilot@sparpilot.com [2015-04-21]
FF Extension: GMX MailCheck - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\toolbar@gmx.net [2015-04-09]
FF Extension: YouTube Unblocker - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\youtubeunblocker@unblocker.yt [2015-03-28]
FF Extension: MEGA - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\firefox@mega.co.nz.xpi [2015-04-21]
FF Extension: Pin It Button - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2015-04-05]
FF Extension: {b0fe9fb9-9a6d-4689-aecc-e55f5d076dd5} - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\{b0fe9fb9-9a6d-4689-aecc-e55f5d076dd5}.xpi [2015-04-21]
FF Extension: Adblock Plus - C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Profiles\1d6j9xx8.default-1427563634334\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-28]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2015-04-21]
FF HKLM-x32\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
FF Extension: No Name - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2015-04-21]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\firefox.cfg [2015-04-08] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\Lula\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Freemake Video Converter) - C:\Users\Lula\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-05-01]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [659456 2006-02-10] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [File not signed]
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [819824 2015-04-10] ()
S2 Rezip; C:\windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [100424 2015-04-10] (360.cn)
S3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [77896 2015-04-10] (360.cn)
S1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305736 2015-04-10] (360.cn)
S1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-04-10] (360.cn)
S1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [314448 2015-04-10] (Qihu 360 Software Co., Ltd.)
S3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
S1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [180816 2015-04-10] (Qihu 360 Software Co., Ltd.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2010-10-21] (Windows (R) 2003 DDK 3790 provider)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]
S3 TASCAM_US122144; System32\Drivers\tascusb2.sys [X]
S3 TASCAM_US122L_MK2_MIDI; system32\drivers\tscusb2m.sys [X]
S3 TASCAM_US122L_MK2_WDM; system32\drivers\tscusb2a.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 15:16 - 2015-04-22 15:29 - 00011772 _____ () C:\Users\Lula\Downloads\hijackthis.log
2015-04-22 15:16 - 2015-04-22 15:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lula\Downloads\hijackthis.exe
2015-04-22 14:26 - 2015-04-22 15:14 - 00000000 ____D () C:\OETemp
2015-04-22 14:18 - 2015-04-22 14:18 - 04636584 _____ (Avira Operations GmbH & Co. KG) C:\Users\Lula\Downloads\avira_de_av_55368b2dd5808__ws.exe
2015-04-22 14:06 - 2015-04-22 14:06 - 00896048 _____ () C:\Users\Lula\Downloads\Norton_Removal_Tool.exe
2015-04-22 14:01 - 2015-04-22 14:01 - 00000000 ____D () C:\ProgramData\360safe
2015-04-22 14:00 - 2015-04-22 14:00 - 00000000 _RSHD () C:\360SANDBOX
2015-04-22 13:23 - 2015-04-22 13:23 - 00154496 _____ () C:\Users\Lula\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-22 09:56 - 2015-04-22 09:56 - 00000000 ___HT () C:\windows\wusa.lock
2015-04-22 09:21 - 2015-04-22 23:49 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\GlarySoft
2015-04-22 09:15 - 2015-04-22 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2015-04-22 09:15 - 2015-04-22 23:48 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2015-04-22 09:15 - 2015-04-22 09:15 - 00001255 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Repair.lnk
2015-04-22 09:14 - 2015-04-22 09:14 - 04759376 _____ () C:\Users\Lula\Downloads\rrsetup.exe
2015-04-22 09:14 - 2014-07-16 10:24 - 00040760 _____ (TuneUp Software) C:\windows\system32\TURegOpt.exe
2015-04-22 09:13 - 2015-04-22 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2015-04-22 09:13 - 2015-04-22 23:52 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2015-04-22 09:13 - 2015-04-22 09:13 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2015-04-22 09:13 - 2015-04-22 09:13 - 00000000 ____D () C:\Users\Lula\AppData\Local\TuneUp Software
2015-04-22 09:13 - 2014-07-16 10:24 - 00029496 _____ (TuneUp Software) C:\windows\system32\authuitu.dll
2015-04-22 09:13 - 2014-07-16 10:24 - 00025400 _____ (TuneUp Software) C:\windows\SysWOW64\authuitu.dll
2015-04-22 09:11 - 2015-04-22 09:11 - 00429712 _____ () C:\Users\Lula\Downloads\rrsetup_CB-DL-Manager.exe
2015-04-22 09:03 - 2014-10-30 04:04 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-04-22 09:03 - 2014-10-30 04:04 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\vbscript(39).dll
2015-04-22 09:03 - 2014-10-30 03:46 - 00428544 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-04-22 08:50 - 2015-04-22 08:54 - 05076376 _____ () C:\windows\system32\FNTCACHE.DAT
2015-04-21 23:22 - 2015-04-21 23:22 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\dlg
2015-04-21 23:16 - 2015-04-21 23:22 - 00000000 ____D () C:\Program Files (x86)\Free Window Registry Repair
2015-04-21 23:16 - 2015-04-21 23:16 - 00001031 _____ () C:\Users\Lula\Desktop\Free Window Registry Repair.lnk
2015-04-21 23:16 - 2015-04-21 23:16 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Window Registry Repair
2015-04-21 23:15 - 2015-04-22 23:52 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-04-21 23:15 - 2015-04-21 23:16 - 00804985 _____ () C:\Users\Lula\Downloads\RegpairSetup.exe
2015-04-21 23:06 - 2015-04-22 09:11 - 00000000 __SHD () C:\ProgramData\360Quarant
2015-04-21 23:06 - 2015-04-22 09:11 - 00000000 __SHD () C:\$360Section
2015-04-21 23:02 - 2015-04-22 14:02 - 00000000 ____D () C:\ProgramData\360TotalSecurity
2015-04-21 23:02 - 2015-04-21 23:02 - 00000000 ____D () C:\windows\Tasks\360Disabled
2015-04-21 23:01 - 2015-04-22 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-04-21 23:01 - 2015-04-22 23:48 - 00000000 ____D () C:\Program Files (x86)\360
2015-04-21 23:01 - 2015-04-21 23:01 - 00429712 _____ () C:\Users\Lula\Downloads\RegpairSetup_CB-DL-Manager.exe
2015-04-21 23:01 - 2015-04-21 23:01 - 00001149 _____ () C:\Users\Public\Desktop\360 Total Security.lnk
2015-04-21 23:01 - 2015-04-10 09:16 - 00314448 _____ (Qihu 360 Software Co., Ltd.) C:\windows\system32\Drivers\360fsflt.sys
2015-04-21 23:01 - 2015-04-10 09:16 - 00305736 _____ (360.cn) C:\windows\system32\Drivers\360Box64.sys
2015-04-21 23:01 - 2015-04-10 09:16 - 00180816 _____ (Qihu 360 Software Co., Ltd.) C:\windows\system32\Drivers\BAPIDRV64.SYS
2015-04-21 23:01 - 2015-04-10 09:16 - 00100424 _____ (360.cn) C:\windows\system32\Drivers\360AntiHacker64.sys
2015-04-21 23:01 - 2015-04-10 09:16 - 00077896 _____ (360.cn) C:\windows\system32\Drivers\360AvFlt.sys
2015-04-21 23:01 - 2015-04-10 09:16 - 00040520 _____ (360.cn) C:\windows\system32\Drivers\360Camera64.sys
2015-04-21 22:59 - 2015-04-21 22:59 - 01203488 _____ () C:\Users\Lula\Downloads\360 Total Security - CHIP-Installer.exe
2015-04-21 22:44 - 2015-04-21 22:46 - 165283560 _____ () C:\Users\Lula\Downloads\avira_free_antivirus_de_15.0.9.504(1).exe
2015-04-21 22:42 - 2015-04-22 14:08 - 00000000 ____D () C:\Users\Lula\Downloads\Avira-RegistryCleaner
2015-04-21 22:42 - 2015-04-21 22:42 - 00000000 ____D () C:\Users\Lula\AppData\Local\Tempb125cf933150265a5d7947182781d435
2015-04-21 22:42 - 2015-04-21 22:42 - 00000000 ____D () C:\Program Files (x86)\WEB.DE MailCheck
2015-04-21 22:41 - 2015-04-21 22:41 - 01047704 _____ () C:\Users\Lula\Downloads\Avira-RegistryCleaner-lnstall.exe
2015-04-21 22:39 - 2015-04-21 22:39 - 01097176 _____ (Avira Operations GmbH & Co. KG) C:\Users\Lula\Downloads\avira_registry_cleaner_de.exe
2015-04-21 22:29 - 2015-04-21 22:29 - 00003124 _____ () C:\windows\System32\Tasks\{C59C6278-4DE4-4FFB-9987-8DB4B055C53E}
2015-04-21 21:44 - 2015-04-21 21:44 - 24535040 _____ () C:\windows\system32\config\SYSTEM.sav.LOG
2015-04-21 21:40 - 2015-04-21 21:44 - 93351936 _____ () C:\windows\system32\config\SOFTWARE.sav.LOG
2015-04-21 21:37 - 2015-04-21 21:45 - 00002282 _____ () C:\windows\system32\ASOROSet.bin
2015-04-21 21:37 - 2015-04-21 21:37 - 00000000 ____D () C:\windows\system32\config\RCCBakup
2015-04-21 21:36 - 2015-04-21 21:38 - 00476896 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Lula\Downloads\ashampoo_winoptimizer_2015_18590.exe.part
2015-04-21 21:32 - 2015-04-21 21:51 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Solvusoft
2015-04-21 21:32 - 2015-04-21 21:32 - 03894696 _____ (solvusoft Corporation ) C:\Users\Lula\Downloads\Setup_WinThruster_2015.exe
2015-04-21 21:32 - 2012-10-15 17:02 - 00019888 _____ (solvusoft) C:\windows\system32\roboot64.exe
2015-04-21 21:27 - 2015-04-21 21:29 - 165283560 _____ () C:\Users\Lula\Downloads\avira_free_antivirus_de_15.0.9.504.exe
2015-04-21 15:35 - 2015-04-22 14:09 - 00488426 _____ () C:\windows\PFRO.log
2015-04-21 15:14 - 2015-04-21 15:14 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-21 15:13 - 2015-04-21 15:13 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-21 15:13 - 2015-04-21 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-21 15:13 - 2015-04-21 15:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-21 15:13 - 2015-04-21 15:13 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-21 15:13 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-04-21 15:13 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-04-21 15:13 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2015-04-21 15:12 - 2015-04-21 15:12 - 01203488 _____ () C:\Users\Lula\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-04-20 22:04 - 2015-04-20 22:05 - 00048982 _____ () C:\Users\Lula\Downloads\Addition.txt
2015-04-20 22:03 - 2015-04-22 15:43 - 00017688 _____ () C:\Users\Lula\Downloads\FRST.txt
2015-04-20 22:03 - 2015-04-22 15:43 - 00000000 ____D () C:\FRST
2015-04-20 22:02 - 2015-04-20 22:02 - 02099712 _____ (Farbar) C:\Users\Lula\Downloads\FRST64.exe
2015-04-20 21:32 - 2015-04-22 23:52 - 00000000 ____D () C:\windows\Minidump
2015-04-20 21:32 - 2015-04-20 21:32 - 00271152 _____ () C:\windows\Minidump\042015-30950-01.dmp
2015-04-20 21:08 - 2015-04-20 21:08 - 03109248 _____ (Enigma Software Group USA, LLC.) C:\Users\Lula\Downloads\SpyHunter-Installer.exe
2015-04-20 12:54 - 2015-04-20 12:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixelan
2015-04-20 12:54 - 2015-04-20 12:54 - 00000000 ____D () C:\Program Files (x86)\Pixelan
2015-04-19 19:53 - 2015-04-19 20:08 - 67956995 _____ () C:\Users\Lula\Desktop\babe.mp4
2015-04-18 20:52 - 2015-04-18 20:53 - 00000000 ____D () C:\Users\Lula\Downloads\osts
2015-04-18 15:31 - 2015-04-18 15:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GenArts Sapphire OFX
2015-04-18 15:30 - 2015-04-18 15:30 - 00000000 ____D () C:\ProgramData\GenArts
2015-04-18 15:06 - 2015-04-18 15:31 - 00000000 ____D () C:\Program Files (x86)\GenArts
2015-04-18 12:49 - 2015-04-22 14:01 - 00003304 _____ () C:\windows\setupact.log
2015-04-18 12:49 - 2015-04-18 12:49 - 00000000 _____ () C:\windows\setuperr.log
2015-04-16 15:36 - 2015-04-16 15:36 - 00000000 ____D () C:\ProgramData\Reprise
2015-04-16 08:35 - 2015-04-22 14:03 - 00008192 _____ () C:\windows\SysWOW64\WDPABKP.dat
2015-04-15 21:05 - 2015-04-15 21:05 - 00000000 ____D () C:\Program Files\Adobe
2015-04-15 20:37 - 2015-04-15 20:37 - 00000103 _____ () C:\windows\MSUTIL.INI
2015-04-15 14:38 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2015-04-15 14:38 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\wups.dll
2015-04-15 14:38 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2015-04-15 14:38 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
2015-04-15 14:38 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\wu.upgrade.ps.dll
2015-04-15 14:38 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2015-04-15 14:38 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
2015-04-15 14:38 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2015-04-15 14:38 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
2015-04-15 14:38 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
2015-04-15 14:38 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-04-15 14:38 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-04-15 14:38 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-04-15 14:38 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-04-15 14:38 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-04-15 14:38 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-04-15 14:38 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2015-04-15 14:38 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-04-15 14:38 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2015-04-15 14:38 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2015-04-15 14:38 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2015-04-15 14:38 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2015-04-15 14:38 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2015-04-15 14:38 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2015-04-15 14:37 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-04-15 14:37 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-04-15 14:37 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-04-15 14:37 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2015-04-15 14:37 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2015-04-15 14:37 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2015-04-15 14:37 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-04-15 14:37 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-04-15 14:37 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-04-15 14:37 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2015-04-15 14:37 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2015-04-15 14:37 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-04-15 14:37 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-04-15 14:37 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-04-15 14:37 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-04-15 14:37 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-04-15 14:37 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-04-15 14:37 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2015-04-15 14:37 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2015-04-15 14:37 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2015-04-15 14:37 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-04-15 14:37 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-04-15 14:37 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2015-04-15 14:37 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-04-15 14:37 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2015-04-15 14:37 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-04-15 14:37 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2015-04-15 14:37 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2015-04-15 14:37 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 14:37 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 14:37 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\windows\system32\clfs.sys
2015-04-15 14:37 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\windows\system32\clfsw32.dll
2015-04-15 14:37 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\windows\SysWOW64\clfsw32.dll
2015-04-15 14:37 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
2015-04-11 21:50 - 2015-04-11 21:50 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-11 21:50 - 2015-04-11 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-11 21:49 - 2015-04-11 21:50 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-11 21:49 - 2015-04-11 21:50 - 00000000 ____D () C:\Program Files\iTunes
2015-04-11 21:49 - 2015-04-11 21:49 - 00000000 ____D () C:\Program Files\iPod
2015-04-08 19:57 - 2015-04-08 19:57 - 00000000 ____D () C:\Analytics
2015-04-08 19:56 - 2015-04-08 19:56 - 00000000 ____D () C:\windows\System32\Tasks\Western Digital
2015-04-08 19:51 - 2015-04-08 19:51 - 00000000 ____D () C:\Users\Lula\AppData\Local\Western_Digital_Technolog
2015-04-08 19:51 - 2015-04-08 19:51 - 00000000 ____D () C:\Users\Lula\AppData\Local\Western Digital
2015-04-08 19:36 - 2015-04-08 19:36 - 00000000 ____D () C:\Program Files\Western Digital
2015-04-08 19:36 - 2015-04-08 19:36 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-04-08 19:29 - 2015-04-08 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-04-08 19:22 - 2015-04-08 19:36 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-04-08 19:21 - 2015-04-08 19:36 - 00000000 ____D () C:\ProgramData\Western Digital
2015-04-08 11:57 - 2015-04-21 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-07 15:46 - 2015-04-07 15:46 - 00000000 ____D () C:\Users\Lula\AppData\Local\BorisFX
2015-04-07 15:33 - 2015-04-07 15:33 - 00000000 ____D () C:\Program Files\Common Files\OFX
2015-04-07 15:30 - 2015-04-07 15:33 - 00000000 ____D () C:\Program Files\Boris FX, Inc
2015-04-07 15:07 - 2015-04-07 15:07 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\SimpleFiles
2015-04-06 20:05 - 2015-04-06 20:05 - 00000000 ____D () C:\Program Files (x86)\Boris FX, Inc
2015-04-05 22:59 - 2015-04-05 22:59 - 00000000 ___SD () C:\windows\SysWOW64\GWX
2015-04-05 22:59 - 2015-04-05 22:59 - 00000000 ___SD () C:\windows\system32\GWX
2015-04-03 19:28 - 2014-09-10 14:31 - 00008843 _____ () C:\Users\Lula\AppData\Local\recently-used.xbel
2015-04-01 13:46 - 2015-04-01 14:30 - 00000000 ____D () C:\Users\Lula\Desktop\math
2015-03-30 21:14 - 2014-11-22 12:46 - 00038032 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvvad64v.sys
2015-03-30 21:14 - 2014-11-22 12:46 - 00032400 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvaudcap32v.dll
2015-03-30 16:50 - 2015-03-30 16:54 - 00285192 _____ () C:\Users\Lula\Downloads\Conor_Maynard-R_U_Crazy_Are_you_crazy_.mp3.sfk
2015-03-30 14:57 - 2015-03-30 14:58 - 15310043 _____ () C:\Users\Lula\Desktop\EXO (엑소) - Overdose (중독) [Dance cover].mp4
2015-03-29 20:35 - 2015-03-29 20:35 - 00309720 _____ () C:\Users\Lula\Downloads\Little_Mix-About_The_Boy.mp3.sfk
2015-03-25 20:14 - 2015-03-26 11:23 - 00000868 _____ () C:\Users\Lula\Desktop\Handbrake.lnk
2015-03-25 20:14 - 2015-03-25 20:14 - 00000824 _____ () C:\Users\Papa\Desktop\Handbrake.lnk
2015-03-25 20:14 - 2015-03-25 20:14 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Handbrake
2015-03-25 20:14 - 2015-03-25 20:14 - 00000000 ____D () C:\Program Files\Handbrake
2015-03-25 20:10 - 2015-03-25 20:10 - 01203488 _____ () C:\Users\Lula\Downloads\Handbrake 64 Bit - CHIP-Installer.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 23:52 - 2010-12-25 19:46 - 00000000 ____D () C:\Users\Papa
2015-04-22 23:52 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-04-22 23:52 - 2009-07-14 05:20 - 00000000 __RSD () C:\windows\Media
2015-04-22 23:52 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\registration
2015-04-22 23:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-22 23:49 - 2012-09-16 13:27 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-04-22 15:14 - 2014-07-30 13:11 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-22 15:14 - 2010-08-04 04:27 - 01349709 _____ () C:\windows\WindowsUpdate.log
2015-04-22 14:09 - 2009-07-14 06:45 - 00022976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 14:09 - 2009-07-14 06:45 - 00022976 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 14:02 - 2010-12-25 14:43 - 00000000 ____D () C:\Users\Lula
2015-04-22 14:01 - 2009-07-14 07:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-04-22 12:05 - 2012-11-27 17:41 - 00000000 ____D () C:\windows\uninstall
2015-04-22 09:13 - 2012-09-16 13:28 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\TuneUp Software
2015-04-21 23:07 - 2015-03-03 19:42 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\MPC-HC
2015-04-21 23:07 - 2014-11-08 16:54 - 00000000 ____D () C:\Users\Lula\.gimp-2.8
2015-04-21 23:07 - 2014-11-02 17:33 - 00000000 ____D () C:\Program Files (x86)\Audacity
2015-04-21 23:07 - 2014-06-16 14:39 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\uTorrent
2015-04-21 23:07 - 2013-01-10 20:29 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\PhotoFiltre 7
2015-04-21 23:07 - 2012-01-07 20:34 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Babylon
2015-04-21 23:07 - 2010-08-04 04:31 - 00000000 ____D () C:\ProgramData\Temp
2015-04-21 23:06 - 2011-04-08 15:48 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Sony
2015-04-21 22:31 - 2012-04-04 19:39 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-04-21 21:49 - 2011-09-17 13:34 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Skype
2015-04-21 21:45 - 2009-07-14 04:34 - 00262144 _____ () C:\windows\system32\config\SECURITY.bak
2015-04-21 21:39 - 2009-07-14 04:34 - 00262144 _____ () C:\windows\system32\config\SAM.bak
2015-04-21 15:35 - 2011-04-24 11:43 - 00000000 ____D () C:\windows\Downloaded Installations
2015-04-21 15:34 - 2014-05-10 20:35 - 00000000 ____D () C:\Users\Lula\AppData\Local\com
2015-04-21 15:34 - 2012-07-22 15:38 - 00000000 ____D () C:\Program Files (x86)\vGrabber-software
2015-04-21 15:34 - 2011-05-06 12:57 - 00000000 ____D () C:\ProgramData\ICQ
2015-04-20 10:43 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\AppCompat
2015-04-19 16:52 - 2015-03-13 19:03 - 00000000 ____D () C:\Users\Lula\Desktop\Neuer Ordner
2015-04-19 12:57 - 2014-10-10 16:47 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\vlc
2015-04-17 15:12 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\rescache
2015-04-15 22:48 - 2014-12-11 22:45 - 00000000 ____D () C:\windows\system32\appraiser
2015-04-15 22:48 - 2014-05-06 22:21 - 00000000 ___SD () C:\windows\system32\CompatTel
2015-04-15 22:48 - 2009-07-14 05:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2015-04-15 22:13 - 2013-10-11 13:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 22:11 - 2012-07-29 14:44 - 01595092 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-04-15 22:11 - 2010-08-04 20:46 - 00699712 _____ () C:\windows\system32\perfh007.dat
2015-04-15 22:11 - 2010-08-04 20:46 - 00149820 _____ () C:\windows\system32\perfc007.dat
2015-04-15 22:11 - 2009-07-14 07:13 - 01595092 _____ () C:\windows\system32\PerfStringBackup.INI
2015-04-15 22:07 - 2013-08-14 22:27 - 00000000 ____D () C:\windows\system32\MRT
2015-04-15 22:00 - 2011-05-10 20:35 - 128913832 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-04-15 21:05 - 2011-11-21 18:03 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-04-14 21:34 - 2014-10-17 18:08 - 00003822 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 21:34 - 2012-04-04 19:39 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 21:34 - 2011-05-16 20:26 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-11 21:49 - 2012-05-11 15:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-11 21:49 - 2012-05-11 15:34 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-09 10:21 - 2014-09-30 20:47 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-09 10:21 - 2010-08-04 04:29 - 00000000 ____D () C:\ProgramData\Skype
2015-04-08 19:40 - 2012-04-26 20:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 15:25 - 2011-04-08 14:31 - 00000000 ____D () C:\Users\Lula\AppData\Local\Downloaded Installations
2015-04-03 19:29 - 2014-03-17 16:34 - 00000000 ____D () C:\Users\Lula\AppData\Local\gtk-2.0
2015-04-03 17:20 - 2015-02-26 15:48 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\HandBrake
2015-03-30 21:14 - 2013-12-15 20:44 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-03-28 05:44 - 2014-07-30 13:01 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-02-18 19:51 - 01316000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-07-30 13:01 - 01756424 _____ (NVIDIA Corporation) C:\windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-02-18 19:51 - 01570672 _____ (NVIDIA Corporation) C:\windows\system32\nvspcap64.dll
2015-03-23 16:29 - 2013-08-04 16:34 - 00000000 ____D () C:\Users\Lula\AppData\Roaming\Avira

==================== Files in the root of some directories =======

2013-10-14 04:44 - 2013-10-14 04:44 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2011-08-28 14:37 - 2011-12-24 11:33 - 0000065 _____ () C:\Users\Lula\AppData\Roaming\AcroIEHelpe.txt
2014-10-05 18:55 - 2014-11-05 00:02 - 0002298 _____ () C:\Users\Lula\AppData\Roaming\ASSDraw3.cfg
2011-10-14 14:58 - 2011-12-24 16:19 - 0000068 _____ () C:\Users\Lula\AppData\Roaming\blckdom.res
2014-10-17 17:50 - 2014-10-17 17:57 - 0099384 _____ () C:\Users\Lula\AppData\Roaming\inst.exe
2014-10-17 17:50 - 2014-10-17 17:57 - 0007859 _____ () C:\Users\Lula\AppData\Roaming\pcouffin.cat
2014-10-17 17:50 - 2014-10-17 17:57 - 0001167 _____ () C:\Users\Lula\AppData\Roaming\pcouffin.inf
2014-10-17 17:50 - 2014-10-17 17:57 - 0000055 _____ () C:\Users\Lula\AppData\Roaming\pcouffin.log
2014-10-17 17:50 - 2014-10-17 17:57 - 0082816 _____ (VSO Software) C:\Users\Lula\AppData\Roaming\pcouffin.sys
2011-08-28 14:37 - 2011-09-10 11:30 - 0000136 _____ () C:\Users\Lula\AppData\Roaming\srvblck2.tmp
2011-09-03 11:31 - 2011-09-03 11:31 - 0000011 _____ () C:\Users\Lula\AppData\Roaming\urhtps.dat
2013-12-18 21:01 - 2014-09-27 10:10 - 0000168 _____ () C:\Users\Lula\AppData\Roaming\WB.CFG
2015-04-03 19:28 - 2014-09-10 14:31 - 0008843 _____ () C:\Users\Lula\AppData\Local\recently-used.xbel
2012-09-06 16:04 - 2012-09-06 16:04 - 0384835 _____ () C:\Users\Lula\AppData\Local\speeddial.crx
2011-09-17 13:36 - 2011-09-17 13:36 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-12-25 14:44 - 2010-01-16 08:15 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-08-04 04:37 - 2010-08-04 04:37 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-08-04 04:35 - 2010-08-04 04:36 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-08-04 04:32 - 2010-08-04 04:33 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-08-04 04:36 - 2010-08-04 04:37 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-08-04 04:31 - 2010-08-04 04:32 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-08-04 04:33 - 2010-08-04 04:35 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

Some content of TEMP:
====================
C:\Users\Lula\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\Lula\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\Lula\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\Lula\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\Papa\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-16 16:12

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 22.04.2015, 17:41   #4
rooks
 
Avira lässt sich nicht installieren - Standard

Avira lässt sich nicht installieren



Addition file:FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2015
Ran by Lula at 2015-04-22 15:43:35
Running from C:\Users\Lula\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-522234228-4192544273-3428825822-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 6.2.0.1030 - 360 Security Center)
Abenteuer Bauernhof (HKLM-x32\...\Farm) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aegisub 3.2.1 (HKLM-x32\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.1 - Aegisub Team)
Akamai NetSession Interface (HKU\S-1-5-21-522234228-4192544273-3428825822-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
BatteryLifeExtender (HKLM-x32\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boris Continuum Complete 9 OFX for Sony (64-Bit) (HKLM\...\{3DF67BF0-17E8-4537-951C-758102AB87F7}) (Version: 9.0.2005 - Boris FX, Inc.)
Camera RAW Plug-In for EPSON Creativity Suite (HKLM-x32\...\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}) (Version: 2.1.0.0 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
CX4300_5500_DX4400 Handbuch (HKLM-x32\...\CX4300_5500_DX4400 Handbuch) (Version:  - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3911 - CyberLink Corp.)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{F9557866-B4C8-4CE5-8508-0E386BDC20B2}) (Version: 4.3.3 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (HKLM-x32\...\Firebird SQL Server D) (Version: 2.0.0.1 - MAGIX AG)
Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version:  - )
Free YouTube Download version 3.2.46.923 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.46.923 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.44.908 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.44.908 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
GenArts Sapphire Plug-ins 7.07 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version:  - )
HandBrake 0.10.1 (HKLM-x32\...\HandBrake) (Version: 0.10.1 - )
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Macallan Convert Srt To Ssa (HKLM-x32\...\{C828DC76-B630-42F7-B440-E63C8ECBBFA4}) (Version: 1.0.05001 - Macallan)
MAGIX Speed burnR (MSI) (HKLM-x32\...\{6A56B2F6-5F4F-4FC5-8508-3EDA1D048744}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe MX Plus (HKLM-x32\...\MAGIX_MSI_Videodeluxe18_plus) (Version: 11.0.2.2 - MAGIX AG)
MAGIX Video deluxe MX Plus (x32 Version: 11.0.2.2 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NewBlue 3D Explosions for Windows (HKLM-x32\...\NewBlue 3D Explosions for Windows) (Version:  - )
NewBlue 3D Transformations for Windows (HKLM-x32\...\NewBlue 3D Transformations for Windows) (Version:  - )
NewBlue Art Blends for Windows (HKLM-x32\...\NewBlue Art Blends for Windows) (Version:  - )
NewBlue Art Effects for Windows (HKLM-x32\...\NewBlue Art Effects for Windows) (Version:  - )
NewBlue Light Blends for Windows (HKLM-x32\...\NewBlue Light Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Light Effects for Windows (HKLM-x32\...\NewBlue Light Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Motion Blends for Windows (HKLM-x32\...\NewBlue Motion Blends for Windows) (Version:  - )
NewBlue Motion Effects for Windows (HKLM-x32\...\NewBlue Motion Effects for Windows) (Version:  - )
NewBlue Paint Blends for Windows (HKLM-x32\...\NewBlue Paint Blends for Windows) (Version: 1.4 - NewBlue)
NewBlue Paint Effects for Windows (HKLM-x32\...\NewBlue Paint Effects for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials II  for Windows (HKLM-x32\...\NewBlue Video Essentials II  for Windows) (Version:  - )
NewBlue Video Essentials III for Windows (HKLM-x32\...\NewBlue Video Essentials III for Windows) (Version: 1.4 - NewBlue)
NewBlue Video Essentials IV for Windows (HKLM-x32\...\NewBlue Video Essentials IV for Windows) (Version: 1.4 - NewBlue)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PDF Reader (HKU\S-1-5-21-522234228-4192544273-3428825822-1001\...\PDF Reader) (Version:  - )
PriceSparrow (HKLM-x32\...\{3F2DC1E7-A56F-49D8-B0CF-DB2300594497}) (Version: 1.4.9 - Ciuvo GmbH) <==== ATTENTION
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{0F796312-289C-40CA-856C-9FBCF5E83342}) (Version: 0133.09.1202 - REALTEK Semiconductor Corp.)
Registry Repair 5.0.1.67 (HKLM-x32\...\Registry Repair) (Version: 5.0.1.67 - Glarysoft Ltd)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio USB Driver Installer (HKLM-x32\...\InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio USB Driver Installer (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung R-Series (HKLM-x32\...\{3EED7541-55F8-4DC6-B9CD-28762D71310E}) (Version: 1.0 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SpiceMASTER 2.5 PRO for Vegas (HKLM-x32\...\SpiceMASTER 2.5 PRO for Vegas) (Version: 2.5 - Pixelan Software)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (HKLM-x32\...\vsfilter_is1) (Version: 2.41.322 - MPC-HC Team)
WD Drive Utilities (HKLM-x32\...\{59E0381C-1047-45A3-B68A-57F586EAF3C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{D338102B-BA1C-4CCA-B870-8690FA0F0433}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{FECF90E3-FDEA-4A87-8A06-2683388C69C4}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.2.1739 - 1&1 Mail & Media GmbH)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

22-04-2015 09:21:38 TuneUp Utilities 2014 wird entfernt
22-04-2015 09:56:41 Windows Update
22-04-2015 10:01:54 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00B34E4F-7D66-4BD5-B54A-C9C053ECFB90} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {05FACB47-A91F-420D-BCEC-FF600F302C99} - \SUPBackground No Task File <==== ATTENTION
Task: {0867F108-CE05-4F7C-A5C0-73C28E2154B4} - \{F6C7F9E6-6F96-41B3-9C19-7C35CA8EC048} No Task File <==== ATTENTION
Task: {09BCA8E0-08AB-4057-AA0C-E9BD059BD7B3} - \6f4fbe62-8c8b-4036-a9fe-561497b1f445-2 No Task File <==== ATTENTION
Task: {0B7DFB6C-E4D1-48B8-898B-4C7912F97612} - \EasyBatteryManager No Task File <==== ATTENTION
Task: {0BE393F4-0955-497D-92C6-4BE015F2EEDA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0FD71176-33F7-4B5A-B80F-C692D74D5F1E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {1EDC3EE6-5D2C-4AA5-AE30-C08576134BFC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {226CBEF3-C14B-4D3E-9085-AAEF8FF18D69} - \BatteryLifeExtender No Task File <==== ATTENTION
Task: {2613FF88-33DE-4031-9499-3E45F9559898} - System32\Tasks\{04FE779D-BEF1-471C-BD21-2302F2FBE903} => pcalua.exe -a C:\Users\Lula\Documents\VirtualDub-1.10.4\auxsetup.exe -d C:\Users\Lula\Documents\VirtualDub-1.10.4
Task: {2C8CDEBA-2BDB-414E-8975-4EC5CF92C228} - System32\Tasks\{C59C6278-4DE4-4FFB-9987-8DB4B055C53E} => pcalua.exe -a "C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe" -c /REMOVE
Task: {34DD8588-038E-484E-88CA-1CD7BF815C54} - \DealPly No Task File <==== ATTENTION
Task: {3B1F3547-6E50-4E14-AB7F-228F2181251E} - \6f4fbe62-8c8b-4036-a9fe-561497b1f445-5 No Task File <==== ATTENTION
Task: {3EAD0021-36CA-4E03-A3A8-1E06DD6E56D0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {42D3908D-63E1-4C4A-B358-AA807A215046} - \{B6348D95-1246-4BD4-9A1E-0FEEC0BE2C8C} No Task File <==== ATTENTION
Task: {44F4ADB2-4E90-475A-B75C-FFB3CBB083BF} - \User_Feed_Synchronization-{C9F8ED2C-4646-43B1-8AAC-F75F824832F5} No Task File <==== ATTENTION
Task: {4AFBA663-9F35-400E-B4D4-B43DDFE2A1B3} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {5292B3D1-A6FA-46E2-B99B-A5CC01889BB2} - \{1439E588-80AC-48C7-8676-24453CFD1744} No Task File <==== ATTENTION
Task: {5924E66C-B01E-4E72-8609-00378485B894} - \{58F9CBB2-E401-4C9F-B2F1-FAC899ED1851} No Task File <==== ATTENTION
Task: {64A6C599-BEB0-4ADE-81B0-6C1E822E6E0A} - System32\Tasks\pricesparrowSWU => Cscript.exe "C:\Program Files (x86)\PriceSparrow\Internet Explorer\swu.vbs"
Task: {653FEC7F-8ED0-41BD-AB56-2AF118229ACE} - \advSRS4 No Task File <==== ATTENTION
Task: {6E9D9967-AFCE-4043-A3AC-F4713487DC92} - \{A4A761CD-AA49-4FEB-9DD4-E472CA43F33D} No Task File <==== ATTENTION
Task: {8014AEF9-B8A1-4F94-A820-5B0B5CCB4210} - \Funmoods No Task File <==== ATTENTION
Task: {886F123B-D25A-4AEB-A115-32CE07A5D0F9} - \EasySpeedUpManager No Task File <==== ATTENTION
Task: {93219F49-BCFE-4F5F-BEDD-3C3DA75A3D00} - \{616BDF89-B0BB-45EF-B9DB-457C35DD2910} No Task File <==== ATTENTION
Task: {9B2AEE57-B1A3-425C-9794-EFB58CDA35B9} - System32\Tasks\{D53EFA6E-AD33-4364-A96D-8C6BD9C00BE8} => pcalua.exe -a C:\Users\Lula\Downloads\msicuu2.exe -d C:\Users\Lula\Downloads
Task: {AE25EEFE-F0EB-484A-8131-F90123DBFC11} - \{37517ED5-8C65-431C-B63F-1C05AFB8CD9C} No Task File <==== ATTENTION
Task: {B54B8B25-37A5-46ED-B530-E3B9A6F9747C} - \6f4fbe62-8c8b-4036-a9fe-561497b1f445-1 No Task File <==== ATTENTION
Task: {C4E56FC6-7F0B-4186-B7B4-853A1D044AA9} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {C5188BD4-C8F6-4D93-A9E7-16A4950D3632} - \6f4fbe62-8c8b-4036-a9fe-561497b1f445-4 No Task File <==== ATTENTION
Task: {D48FE2D5-50F6-40B0-A99B-71A13269351C} - \6f4fbe62-8c8b-4036-a9fe-561497b1f445-3 No Task File <==== ATTENTION
Task: {D4BB723D-3105-4D3C-A9D0-B0E5FBE56CE9} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {D5A24318-E517-4843-9500-C8016A2861DE} - \0b09b8b1-b267-4ac3-a1e3-c3f904efd354-3 No Task File <==== ATTENTION
Task: {DD6F6C54-7F53-401E-90C9-A6634EC7E708} - \0b09b8b1-b267-4ac3-a1e3-c3f904efd354-4 No Task File <==== ATTENTION
Task: {EA69F0CA-391E-4E4A-9DDD-FFAE291BA002} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {EAEDDB11-B36B-4715-9825-BC960C0E4C4D} - \{2FE7BBFF-8E4D-4756-9428-E3D6E1F7EBE3} No Task File <==== ATTENTION
Task: {F61F6EF1-4B7D-4235-A63E-9D1A37BD484D} - \EasyDisplayMgr No Task File <==== ATTENTION
Task: {FC8801BB-D0C9-48A7-B692-FE243C37E441} - \SamsungSupportCenter No Task File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============


==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Reprise:jhqduwvxlctbqqijsf`usjbm`pgypfh
AlternateDataStreams: C:\ProgramData\Temp:2430E4FC
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8
AlternateDataStreams: C:\ProgramData\Temp:E36F5B57

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-522234228-4192544273-3428825822-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lula\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NPSStartup => 
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== Accounts: =============================

Administrator (S-1-5-21-522234228-4192544273-3428825822-500 - Administrator - Disabled)
Gast (S-1-5-21-522234228-4192544273-3428825822-501 - Limited - Disabled)
Lula (S-1-5-21-522234228-4192544273-3428825822-1001 - Administrator - Enabled) => C:\Users\Lula
Papa (S-1-5-21-522234228-4192544273-3428825822-1003 - Limited - Enabled) => C:\Users\Papa

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2015 03:22:12 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (04/22/2015 03:10:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 03:10:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 02:42:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 02:42:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 02:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UninstallManager.exe, Version: 14.0.1000.340, Zeitstempel: 0x53c6367a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18798, Zeitstempel: 0x5507b3e0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008b132
ID des fehlerhaften Prozesses: 0x728
Startzeit der fehlerhaften Anwendung: 0xUninstallManager.exe0
Pfad der fehlerhaften Anwendung: UninstallManager.exe1
Pfad des fehlerhaften Moduls: UninstallManager.exe2
Berichtskennung: UninstallManager.exe3

Error: (04/22/2015 02:13:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 02:13:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 02:11:06 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (04/22/2015 02:11:06 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.


System errors:
=============
Error: (04/22/2015 03:11:04 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}

Error: (04/22/2015 03:10:57 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{9B1F122C-2982-4E91-AA8B-E071D54F2A4D}

Error: (04/22/2015 03:10:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068WDBackup{59484148-65C9-4467-A092-3F8380023772}

Error: (04/22/2015 03:10:51 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068WDBackup{81213AB4-5937-4340-88CD-66B4BC80DF73}

Error: (04/22/2015 03:10:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (04/22/2015 03:10:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (04/22/2015 03:10:17 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (04/22/2015 03:10:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/22/2015 03:09:55 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (04/22/2015 03:09:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
360Camera
discache
SABI
spldr
Wanarpv6


Microsoft Office Sessions:
=========================
Error: (04/22/2015 03:22:12 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (04/22/2015 03:10:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 03:10:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 02:42:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 02:42:01 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 02:28:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: UninstallManager.exe14.0.1000.34053c6367antdll.dll6.1.7601.187985507b3e0c00000050008b13272801d07cf7c8deceebC:\Program Files (x86)\TuneUp Utilities 2014\UninstallManager.exeC:\windows\SysWOW64\ntdll.dll12a8fad0-e8eb-11e4-bb3f-002454e0eac6

Error: (04/22/2015 02:13:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 02:13:54 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 02:11:06 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8

Error: (04/22/2015 02:11:06 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.ExeC:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL8


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 3956.55 MB
Available physical RAM: 2775.13 MB
Total Pagefile: 7911.29 MB
Available Pagefile: 6797.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:98 GB) (Free:11.66 GB) NTFS
Drive d: () (Fixed) (Total:347.66 GB) (Free:347.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8C0FBFDC)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=347.7 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
--- --- ---


GMER file:
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - GMER - Rootkit Detector and Remover
Rootkit scan 2015-04-22 15:56:55
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Lula\AppData\Local\Temp\kxldypow.sys


---- Registry - GMER 2.1 ----

Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654eb87                      
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654edff                      
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654f56e                      
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b654f652                      
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b66b6864                      
Reg   HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0026b66b6982                      
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654eb87 (not active ControlSet)  
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654edff (not active ControlSet)  
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654f56e (not active ControlSet)  
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b654f652 (not active ControlSet)  
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b66b6864 (not active ControlSet)  
Reg   HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0026b66b6982 (not active ControlSet)  

---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0                                                                            unknown MBR code

---- EOF - GMER 2.1 ----
         
--- --- ---

Oke alles gut! Problem gelöst

Alt 23.04.2015, 11:29   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Avira lässt sich nicht installieren - Standard

Avira lässt sich nicht installieren



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    DMUninstaller

    PriceSparrow


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Avira lässt sich nicht installieren
antivir, appdata, avira, detected, failed, fehlermeldung, format, free, hijack, installation, log, not, registry, scan, seite, server, soft, software, temp, tracking, updates, version, w32, web, windows



Ähnliche Themen: Avira lässt sich nicht installieren


  1. Windows7 taskmgr lässt sich nicht starten, Avira Echtzeitscanner lässt sich nicht aktivieren, USB wird nicht angenommen, ohne Meldung,
    Log-Analyse und Auswertung - 01.06.2015 (15)
  2. Avira lässt sich nicht installieren, Firefox macht zig Fenster auf
    Plagegeister aller Art und deren Bekämpfung - 29.03.2015 (31)
  3. Avira Antivir lässt sich nicht mehr installieren/ Programme lassen sich nicht öffnen
    Antiviren-, Firewall- und andere Schutzprogramme - 23.03.2015 (10)
  4. Chrome lässt sich nicht installieren.
    Alles rund um Windows - 02.07.2014 (17)
  5. Avira lässt sich nicht installieren und kein Download funktioniert!
    Plagegeister aller Art und deren Bekämpfung - 17.03.2014 (16)
  6. OTl lässt sich nicht installieren
    Plagegeister aller Art und deren Bekämpfung - 09.06.2013 (18)
  7. Program lässt sich nicht installieren
    Alles rund um Windows - 28.12.2012 (3)
  8. .NET Framework 4 (x86 and x64) lässt sich nicht installieren
    Alles rund um Windows - 06.04.2012 (1)
  9. Otl by Oldtime lässt sich nicht Installieren
    Log-Analyse und Auswertung - 18.03.2012 (1)
  10. KIS 2011 lässt sich nicht Installieren
    Antiviren-, Firewall- und andere Schutzprogramme - 03.04.2011 (14)
  11. Ubuntu 9.10 lässt sich nicht installieren
    Alles rund um Mac OSX & Linux - 06.02.2010 (2)
  12. msn lässt sich nicht mehr installieren
    Log-Analyse und Auswertung - 04.02.2010 (1)
  13. Treiber lässt sich nicht installieren
    Alles rund um Windows - 20.08.2009 (10)
  14. Virenscanner lässt sich nicht installieren
    Antiviren-, Firewall- und andere Schutzprogramme - 22.08.2007 (7)
  15. XP lässt sich nicht mehr installieren
    Alles rund um Windows - 10.06.2007 (5)
  16. Antivir lässt sich nicht installieren / Regedit beendet sich ...
    Log-Analyse und Auswertung - 01.12.2006 (1)
  17. Bitdefender 8 lässt sich nicht installieren???
    Plagegeister aller Art und deren Bekämpfung - 30.06.2006 (3)

Zum Thema Avira lässt sich nicht installieren - Ich hab avira 2015 free direkt von deren seite runtergeladen, doch immer wenn ich es installieren will kommt eine fehlermeldung mit dem log: Code: Alles auswählen Aufklappen ATTFilter Anhang 73815 - Avira lässt sich nicht installieren...
Archiv
Du betrachtest: Avira lässt sich nicht installieren auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.