Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 21.09.2014, 09:28   #1
Constantia
 
Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit) - Standard

Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit)



Hallo alle miteinander.
Auch ich habe ein Problem mit dem Programm softwareupdater.ui.exe, sobald ich den Rechner hochfahre möchte es ausgeführt werden.
Ich hab hier schon einiges darüber gelesen und auch das FRST-Tool heruntergeladen und ausgeführt.
Ich habe erst danach gesehen das ich das nicht auf eigene Faust versuchen sollte, und jetzt auch aufgehört selber etwas dagegen zu unternehmen.

FRST Logfile:
Zitat:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2014
Ran by Andrej (administrator) on ASUS-PC on 21-09-2014 10:12:33
Running from C:\Users\Andrej\Downloads
Platform: Microsoft Windows 7 Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
() C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Simplygen) C:\Program Files\Protected Search\ProtectedSearch.exe
(ASUS) C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
() C:\Program Files\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ATK) C:\Program Files\ASUS\Splendid\ACMON.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files\ASUS\ATK Media\DMedia.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\WDC.exe
(ASUSTeK) C:\Windows\System32\ACEngSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(ASUS) C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(ASUS) C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Users\Andrej\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrej\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrej\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Andrej\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6711840 2009-02-11] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [851968 2008-10-01] (ATK)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [ASUS Camera ScreenSaver] => C:\Windows\AsScrProlog.exe [47672 2009-07-25] ()
HKLM\...\Run: [ASUS Screen Saver Protector] => C:\Windows\AsScrPro.exe [3054136 2009-07-25] (ASUS)
HKLM\...\Run: [ATKMEDIA] => C:\Program Files\ASUS\ATK Media\DMedia.exe [159744 2008-12-29] (ASUS)
HKLM\...\Run: [ATKOSD2] => C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe [8105984 2008-09-03] (ASUS)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HControlUser] => C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe [98304 2008-08-18] (ASUS)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKU\S-1-5-21-469083165-4237764224-2399718049-1004\...\Run: [HP Photosmart 5510 series (NET)] => C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [1804648 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-469083165-4237764224-2399718049-1004\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ASUS\ASUS Data Security Manager\ASPWDFLT
Startup: C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Photosmart 5510 series (Netzwerk).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: ADSMOverlayIcon -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll ()
ShellIconOverlayIdentifiers: ADSMOverlayIcon1 -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.qone8.com/?type=hp&ts=1396185611&from=epom2&uid=ST9500325AS_5VEFKK10XXXX5VEFKK10
HKCU\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2938
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396185611&from=epom2&uid=ST9500325AS_5VEFKK10XXXX5VEFKK10&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&affID=116783&tt=0213_7&babsrc=SP_ss&mntrId=b45a54440000000000000025d303ed39
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.qone8.com/web/?type=ds&ts=1396185611&from=epom2&uid=ST9500325AS_5VEFKK10XXXX5VEFKK10&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - {C2040D05-668A-44E2-B654-61ED8FE664FC} URL = hxxp://nova.rambler.ru/search?query={searchTerms}&utm_source=r40&utm_medium=distribution&utm_content=e09&utm_campaign=c01
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb216/?search={searchTerms}&loc=IB_DS&a=6R8SqE9q0O&i=26
BHO: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll No File
BHO: DownTango Launcher -> {8d3ec233-b92d-4187-a506-284127cfba2d} -> C:\Users\Andrej\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
Toolbar: HKLM - DownTango Launcher - {8d3ec233-b92d-4187-a506-284127cfba2d} - C:\Users\Andrej\AppData\Roaming\DownTango4SToolbar\DownTango4SToolbar.dll (Simplytech Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default
FF NewTab: about:blank
FF DefaultSearchEngine: qone8
FF SelectedSearchEngine: qone8
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @canon.com/MycameraPlugin -> C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\user.js
FF SearchPlugin: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\searchplugins\babylon1.xml
FF SearchPlugin: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\searchplugins\MyStart Search.xml
FF SearchPlugin: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\searchplugins\rambler.xml
FF SearchPlugin: C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\Extensions\abs@avira.com [2014-09-13]
FF Extension: incredibar.com - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\Extensions\ffxtlbr@incredibar.com [2013-01-25]
FF Extension: Quick Start - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\Extensions\quick_start@gmail.com [2014-03-30]
FF Extension: QuickShare Widget - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\Extensions\{66860191-74d5-4ffc-8751-62411b1f929f} [2013-05-06]
FF Extension: DownTango Launcher - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\Extensions\{dac70ad0-e58c-4d0b-9ac7-eee894ffb0fa} [2012-10-26]
FF HKLM\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Andrej\AppData\Roaming\Mozilla\Firefox\Profiles\rulqnnbd.default\extensions\quick_start@gmail.com
FF HKLM\...\Firefox\Extensions: [{1F30D846-4BEF-4246-B19E-7E503B0E6639}] - C:\Program Files\FBFlicker\Firefox
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-05-23]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox

Chrome:
=======
CHR CustomProfile: C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-14]
CHR Extension: (Google Docs) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-24]
CHR Extension: (Google Drive) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-27]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-27]
CHR Extension: (Google Search) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (Google Sheets) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-27]
CHR HKLM\...\Chrome\Extension: [bcjagnifjocnddgeknajocbkkhlgibem] - C:\Program Files\Chrome\surfcanyon.crx [2011-06-11]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2011-06-11]
CHR HKLM\...\Chrome\Extension: [fnjancchhkabckonnimkjhcjhnaopfob] - C:\Program Files\DownTango4SToolbar\chrome\DownTango4SToolbar.crx [2011-06-11]
CHR HKLM\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files\Perion\NewTab\newTab.crx [2013-01-25]
CHR HKLM\...\Chrome\Extension: [kdmpheneajogfnlbplgmdbempjibfbok] - C:\Program Files\FBFlicker\source.crx [2013-01-25]
CHR HKLM\...\Chrome\Extension: [niogeckbkdcabhnapjbkeiklablhjoca] - C:\Program Files\Perion\ChromeInfoBar\ChromeInfoBar.crx [2013-01-25]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Andrej\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-30]
CHR StartMenuInternet: Google Chrome - C:\Users\ASUS\AppData\Local\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADSMService; C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe [100920 2008-08-14] ()
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S4 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [297984 2014-04-09] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AsDsm; C:\Windows\system32\Drivers\AsDsm.sys [30264 2009-07-25] (ASUSTek Computer Inc)
R2 ASMMAP; C:\Program Files\ATKGFNEX\ASMMAP.sys [13880 2007-07-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [97648 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-10-01] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15928 2008-06-03] ( )
R0 lullaby; C:\Windows\System32\DRIVERS\lullaby.sys [15416 2008-05-29] (Windows (R) Codename Longhorn DDK provider)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-14] (ATK0100)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [63352 2006-07-05] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [82296 2007-01-12] (Protection Technology (StarForce))
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1753984 2009-03-16] ()
S3 SRS_PremiumSound_Service; C:\Windows\System32\drivers\srs_PremiumSound_i386.sys [230952 2009-01-14] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-16] (Avira GmbH)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 10:12 - 2014-09-21 10:12 - 00018261 _____ () C:\Users\Andrej\Downloads\FRST.txt
2014-09-21 10:11 - 2014-09-21 10:12 - 00000000 ____D () C:\FRST
2014-09-21 10:09 - 2014-09-21 10:09 - 01097728 _____ (Farbar) C:\Users\Andrej\Downloads\FRST.exe
2014-09-21 10:00 - 2014-09-21 10:00 - 00003400 ____N () C:\bootsqm.dat
2014-09-21 09:48 - 2014-09-21 09:48 - 00000000 __SHD () C:\found.000
2014-09-20 20:36 - 2014-09-20 20:35 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-20 18:36 - 2014-09-20 18:36 - 00000000 ____D () C:\Users\Public\Programme
2014-09-20 18:36 - 2014-09-20 18:31 - 00000000 ____D () C:\Windows\Panther
2014-09-20 18:36 - 2009-11-25 11:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-09-20 18:36 - 2009-11-25 11:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-09-20 18:36 - 2009-11-25 11:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-09-20 18:36 - 2009-11-25 11:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-09-20 18:36 - 2009-11-25 11:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-09-20 18:35 - 2014-09-20 18:35 - 00057560 _____ () C:\Users\Andrej\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-20 18:34 - 2014-09-21 10:06 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-20 18:34 - 2014-09-20 18:34 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-09-20 18:34 - 2014-09-20 18:34 - 00001416 _____ () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 18:33 - 2012-06-03 00:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-09-20 18:33 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-09-20 18:33 - 2012-06-03 00:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-09-20 18:33 - 2012-06-03 00:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-09-20 18:33 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-09-20 18:33 - 2012-06-03 00:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-09-20 18:33 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-09-20 18:32 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-09-20 18:32 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-09-20 18:31 - 2014-09-20 18:31 - 00000020 ___SH () C:\Users\Andrej\ntuser.ini
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 __SHD () C:\Recovery
2014-09-20 18:26 - 2014-09-20 18:09 - 00000000 ___HD () C:\$WINDOWS.~Q
2014-09-20 18:25 - 2014-09-21 10:06 - 00272559 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 18:20 - 2014-09-20 18:24 - 00000000 ___HD () C:\$INPLACE.~TR
2014-09-20 18:07 - 2014-09-20 18:07 - 00021532 _____ () C:\Windows\system32\emptyregdb.dat
2014-09-20 18:03 - 2014-09-20 18:03 - 00000820 _____ () C:\Windows\PFRO.log
2014-09-20 18:02 - 2014-09-20 18:02 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-20 18:02 - 2014-09-20 18:02 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-20 17:42 - 2014-09-20 18:31 - 00000000 ____D () C:\Users\Andrej
2014-09-20 17:42 - 2014-09-20 18:01 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC
2014-09-20 17:42 - 2014-09-20 17:42 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-20 17:42 - 2014-09-20 17:42 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Startmenü
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Netzwerkumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Druckumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Documents\Eigene Musik
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Documents\Eigene Bilder
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\Verlauf
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Startmenü
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Netzwerkumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Druckumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Documents\Eigene Musik
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Documents\Eigene Bilder
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\AppData\Local\Verlauf
2014-09-20 17:42 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 17:42 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 17:42 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 17:42 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 17:41 - 2014-09-20 17:41 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-09-20 17:41 - 2014-09-20 17:41 - 00000000 ____D () C:\Program Files\Realtek
2014-09-20 17:40 - 2014-09-21 09:43 - 00009872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 17:40 - 2014-09-21 09:43 - 00009872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 17:40 - 2014-09-20 17:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-20 17:40 - 2009-07-02 01:59 - 00485920 _____ (NVIDIA Corporation) C:\Windows\system32\nvuninst.exe
2014-09-20 17:38 - 2014-09-20 17:42 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-09-20 16:49 - 2014-09-20 18:09 - 00006088 _____ () C:\Windows\comsetup.log
2014-09-20 16:43 - 2014-09-20 16:43 - 00002636 _____ () C:\Windows\diagwrn.xml
2014-09-20 16:43 - 2014-09-20 16:43 - 00001890 _____ () C:\Windows\diagerr.xml
2014-09-20 11:37 - 2014-09-20 14:27 - 2463242240 _____ () C:\Users\Andrej\Downloads\X15-65740.iso
2014-09-20 08:34 - 2014-09-20 17:56 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Microsoft Corporation
2014-09-20 08:33 - 2014-09-20 17:45 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-09-20 08:33 - 2014-09-20 08:33 - 00002003 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-09-20 08:32 - 2014-09-20 08:33 - 08676128 _____ (Microsoft Corporation) C:\Users\Andrej\Downloads\Windows7UpgradeAdvisorSetup.exe
2014-09-19 13:35 - 2014-09-19 13:35 - 00000481 _____ () C:\Windows\SynInst.log
2014-09-18 20:38 - 2014-09-20 17:52 - 00000000 ____D () C:\Windows\pss
2014-09-18 20:16 - 2014-09-20 17:55 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Adobe
2014-09-14 03:13 - 2014-08-15 16:42 - 01810432 ____N (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 20:26 - 2014-09-13 20:26 - 00001009 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-01 13:25 - 2014-09-20 17:44 - 00000000 ____D () C:\Program Files\Common Files\Skype

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-21 10:12 - 2014-09-21 10:12 - 00018261 _____ () C:\Users\Andrej\Downloads\FRST.txt
2014-09-21 10:12 - 2014-09-21 10:11 - 00000000 ____D () C:\FRST
2014-09-21 10:09 - 2014-09-21 10:09 - 01097728 _____ (Farbar) C:\Users\Andrej\Downloads\FRST.exe
2014-09-21 10:09 - 2011-05-21 16:37 - 00000416 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{3C650626-4CEA-4425-9744-2C7B5335A158}.job
2014-09-21 10:06 - 2014-09-20 18:34 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-21 10:06 - 2014-09-20 18:25 - 00272559 _____ () C:\Windows\WindowsUpdate.log
2014-09-21 10:03 - 2012-10-03 10:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-21 10:03 - 2012-06-19 19:13 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Skype
2014-09-21 10:01 - 2011-07-10 20:37 - 00000384 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job
2014-09-21 10:01 - 2011-05-10 09:43 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-21 10:01 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-21 10:01 - 2009-07-14 06:39 - 00186324 _____ () C:\Windows\setupact.log
2014-09-21 10:00 - 2014-09-21 10:00 - 00003400 ____N () C:\bootsqm.dat
2014-09-21 09:48 - 2014-09-21 09:48 - 00000000 __SHD () C:\found.000
2014-09-21 09:43 - 2014-09-20 17:40 - 00009872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-21 09:43 - 2014-09-20 17:40 - 00009872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-21 09:30 - 2011-04-19 14:35 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-09-21 09:29 - 2011-08-10 08:04 - 00001018 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1002UA.job
2014-09-20 21:01 - 2012-09-13 20:08 - 00000258 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-09-20 20:35 - 2014-09-20 20:36 - 00035848 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-09-20 20:28 - 2011-06-07 20:01 - 00001148 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1001UA.job
2014-09-20 20:28 - 2011-05-01 07:48 - 00000974 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1000UA.job
2014-09-20 20:21 - 2011-05-10 09:43 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 20:17 - 2012-12-01 15:11 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1004UA.job
2014-09-20 19:58 - 2012-06-14 20:57 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Google
2014-09-20 19:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-09-20 19:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-20 18:59 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-09-20 18:53 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-20 18:45 - 2012-06-14 20:58 - 00002302 _____ () C:\Users\Andrej\Desktop\Chrome.lnk
2014-09-20 18:36 - 2014-09-20 18:36 - 00000000 ____D () C:\Users\Public\Programme
2014-09-20 18:36 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-09-20 18:36 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-09-20 18:36 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-09-20 18:36 - 2008-04-16 13:27 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-09-20 18:35 - 2014-09-20 18:35 - 00057560 _____ () C:\Users\Andrej\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-20 18:34 - 2014-09-20 18:34 - 00262144 _____ () C:\Windows\system32\config\userdiff
2014-09-20 18:34 - 2014-09-20 18:34 - 00001416 _____ () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-20 18:33 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-20 18:32 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore
2014-09-20 18:31 - 2014-09-20 18:36 - 00000000 ____D () C:\Windows\Panther
2014-09-20 18:31 - 2014-09-20 18:31 - 00000020 ___SH () C:\Users\Andrej\ntuser.ini
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-09-20 18:31 - 2014-09-20 18:31 - 00000000 __SHD () C:\Recovery
2014-09-20 18:31 - 2014-09-20 17:42 - 00000000 ____D () C:\Users\Andrej
2014-09-20 18:31 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-09-20 18:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-09-20 18:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-09-20 18:28 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-09-20 18:24 - 2014-09-20 18:20 - 00000000 ___HD () C:\$INPLACE.~TR
2014-09-20 18:09 - 2014-09-20 18:26 - 00000000 ___HD () C:\$WINDOWS.~Q
2014-09-20 18:09 - 2014-09-20 16:49 - 00006088 _____ () C:\Windows\comsetup.log
2014-09-20 18:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Registration
2014-09-20 18:07 - 2014-09-20 18:07 - 00021532 _____ () C:\Windows\system32\emptyregdb.dat
2014-09-20 18:06 - 2009-07-14 04:37 - 00000000 __RSD () C:\Windows\Media
2014-09-20 18:04 - 2009-07-14 06:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-20 18:03 - 2014-09-20 18:03 - 00000820 _____ () C:\Windows\PFRO.log
2014-09-20 18:02 - 2014-09-20 18:02 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-09-20 18:02 - 2014-09-20 18:02 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-09-20 18:02 - 2009-07-14 06:34 - 00004141 _____ () C:\Windows\DtcInstall.log
2014-09-20 18:02 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 18:02 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 18:02 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 18:02 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 18:01 - 2014-09-20 17:42 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC
2014-09-20 18:01 - 2013-04-29 13:19 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Avira
2014-09-20 18:01 - 2011-10-19 12:31 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\Adobe
2014-09-20 18:01 - 2011-09-25 15:48 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\Desktop\Mukke
2014-09-20 18:01 - 2011-09-25 15:46 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Adobe
2014-09-20 18:01 - 2011-09-25 15:40 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Opera
2014-09-20 18:01 - 2011-09-25 15:40 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\Opera
2014-09-20 18:01 - 2011-09-25 15:36 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\AskToolbar
2014-09-20 18:01 - 2011-09-25 15:25 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\ArcSoft
2014-09-20 18:01 - 2011-09-25 15:24 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\ArcSoft
2014-09-20 18:01 - 2011-09-25 15:23 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Macromedia
2014-09-20 18:01 - 2011-09-25 15:23 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\VirtualStore
2014-09-20 18:01 - 2011-09-25 15:21 - 00000000 ____D () C:\Users\Contschiiiii.ASUS-PC\Desktop\contschiiiii
2014-09-20 18:01 - 2009-07-14 06:46 - 00001515 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-20 17:58 - 2014-03-30 15:20 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\qone8
2014-09-20 17:58 - 2013-05-30 17:39 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Notepad++
2014-09-20 17:58 - 2013-04-27 11:49 - 00000000 ____D () C:\Users\Andrej\Documents\samsung
2014-09-20 17:58 - 2013-04-27 11:49 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Samsung
2014-09-20 17:58 - 2013-04-04 21:11 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\TomTom
2014-09-20 17:58 - 2013-02-23 21:42 - 00000000 ____D () C:\Users\Andrej\Downloads\New MW2 Mod Menu Patch
2014-09-20 17:58 - 2013-02-17 20:45 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Rambler
2014-09-20 17:58 - 2013-02-17 20:29 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Zvu
2014-09-20 17:58 - 2013-01-21 14:15 - 00000000 ____D () C:\Users\Andrej\Downloads\Консульство России в Бонне 53177 Bonn Россия_files
2014-09-20 17:58 - 2012-11-16 20:08 - 00000000 ____D () C:\Users\Andrej\Documents\EA Games
2014-09-20 17:58 - 2012-11-15 15:10 - 00000000 ____D () C:\Users\Andrej\Documents\NFS Undercover
2014-09-20 17:58 - 2012-11-15 15:09 - 00000000 __RHD () C:\Users\Andrej\AppData\Roaming\SecuROM
2014-09-20 17:58 - 2012-09-28 16:19 - 00000000 ____D () C:\Users\Andrej\temp
2014-09-20 17:58 - 2012-09-28 16:19 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\TeamViewer
2014-09-20 17:58 - 2012-07-23 13:49 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\WinRAR
2014-09-20 17:58 - 2012-06-21 20:40 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\skypePM
2014-09-20 17:58 - 2012-04-12 12:59 - 00000000 ____D () C:\Users\Andrej\Documents\TomTom
2014-09-20 17:58 - 2012-04-12 12:58 - 00000000 ____D () C:\Users\Andrej\TomTom HOME 2
2014-09-20 17:58 - 2012-04-11 16:13 - 00000000 ____D () C:\Users\Andrej\Neuer Ordner
2014-09-20 17:58 - 2011-10-31 13:38 - 00000000 ____D () C:\Users\Andrej\Desktop\Johnny
2014-09-20 17:58 - 2011-10-28 22:57 - 00000000 ____D () C:\Users\Andrej\Documents\NFS Most Wanted Backups
2014-09-20 17:58 - 2011-10-28 22:05 - 00000000 ____D () C:\Users\Andrej\Documents\NFS Most Wanted
2014-09-20 17:58 - 2011-10-09 12:30 - 00000000 ____D () C:\Users\Andrej\Documents\TrackMania
2014-09-20 17:58 - 2011-10-02 18:29 - 00000000 ____D () C:\Users\Andrej\Documents\ASUS
2014-09-20 17:58 - 2011-08-16 21:11 - 00000000 ___HD () C:\Users\Andrej\Desktop\.picasaoriginals
2014-09-20 17:58 - 2011-08-12 15:37 - 00000000 ____D () C:\Users\Andrej\Documents\DVDVideoSoft
2014-09-20 17:57 - 2013-12-29 00:25 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Apple Computer
2014-09-20 17:57 - 2013-10-23 11:26 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\InstallShield
2014-09-20 17:57 - 2013-03-16 09:51 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Avira
2014-09-20 17:57 - 2013-02-08 10:50 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\GameTuts
2014-09-20 17:57 - 2013-01-12 22:49 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Babylon
2014-09-20 17:57 - 2012-11-15 15:08 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Leadertech
2014-09-20 17:57 - 2012-10-26 21:54 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\DownTango4SToolbar
2014-09-20 17:57 - 2012-10-19 16:40 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\FinalMediaPlayer
2014-09-20 17:57 - 2012-09-13 20:06 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\HpUpdate
2014-09-20 17:57 - 2012-07-19 21:38 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\DVDVideoSoft
2014-09-20 17:57 - 2012-06-14 20:58 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-20 17:57 - 2012-06-14 20:52 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Adobe
2014-09-20 17:57 - 2012-06-14 20:48 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Mozilla
2014-09-20 17:57 - 2012-06-14 19:56 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\ArcSoft
2014-09-20 17:57 - 2012-06-14 19:54 - 00000000 ____D () C:\Users\Andrej\AppData\Roaming\Macromedia
2014-09-20 17:56 - 2014-09-20 08:34 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Microsoft Corporation
2014-09-20 17:56 - 2014-07-17 08:21 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Spoon
2014-09-20 17:56 - 2014-05-01 09:13 - 00000000 ____D () C:\Users\Andrej\AppData\Local\SoftwareUpdater
2014-09-20 17:56 - 2014-03-04 08:47 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Skype
2014-09-20 17:56 - 2013-05-06 11:10 - 00000000 ____D () C:\Users\Andrej\AppData\Local\SwvUpdater
2014-09-20 17:56 - 2013-04-27 11:49 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Samsung
2014-09-20 17:56 - 2013-04-04 21:11 - 00000000 ____D () C:\Users\Andrej\AppData\Local\TomTom
2014-09-20 17:56 - 2013-02-17 20:45 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Zvu
2014-09-20 17:56 - 2013-02-17 20:45 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Rambler
2014-09-20 17:56 - 2013-01-26 19:13 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Xenocode
2014-09-20 17:56 - 2013-01-26 19:13 - 00000000 ____D () C:\Users\Andrej\AppData\Local\XboxMB
2014-09-20 17:56 - 2013-01-25 21:48 - 00000000 ____D () C:\Users\Andrej\AppData\Local\WebPlayer
2014-09-20 17:56 - 2012-11-15 15:10 - 00000000 ____D () C:\Users\Andrej\AppData\Local\PunkBuster
2014-09-20 17:56 - 2012-10-03 10:38 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Macromedia
2014-09-20 17:56 - 2012-09-13 20:03 - 00000000 ____D () C:\Users\Andrej\AppData\Local\HP
2014-09-20 17:56 - 2012-06-15 14:57 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Microsoft Games
2014-09-20 17:56 - 2012-06-14 20:48 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Mozilla
2014-09-20 17:56 - 2012-06-14 19:54 - 00000000 ____D () C:\Users\Andrej\AppData\Local\VirtualStore
2014-09-20 17:55 - 2014-09-18 20:16 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Adobe
2014-09-20 17:55 - 2013-12-29 00:25 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Apple Computer
2014-09-20 17:55 - 2013-12-29 00:22 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Apple
2014-09-20 17:55 - 2013-05-06 10:56 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Babylon
2014-09-20 17:55 - 2013-05-04 08:52 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Freetec
2014-09-20 17:55 - 2013-05-04 08:49 - 00000000 ____D () C:\Users\Andrej\AppData\Local\DownloadGuide
2014-09-20 17:55 - 2013-02-08 10:50 - 00000000 ____D () C:\Users\Andrej\AppData\Local\GameTuts
2014-09-20 17:55 - 2012-11-15 15:08 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Downloaded Installations
2014-09-20 17:55 - 2012-10-26 21:54 - 00000000 ____D () C:\Users\Andrej\AppData\Local\DownTango
2014-09-20 17:55 - 2012-06-23 22:29 - 00000000 ____D () C:\Users\Andrej\AppData\Local\Facebook
2014-09-20 17:55 - 2012-06-23 21:27 - 00000000 ____D () C:\Users\Andrej\AppData\Local\ASUS
2014-09-20 17:55 - 2012-06-14 19:57 - 00000000 ____D () C:\Users\Andrej\AppData\Local\ArcSoft
2014-09-20 17:52 - 2014-09-18 20:38 - 00000000 ____D () C:\Windows\pss
2014-09-20 17:52 - 2012-10-19 17:10 - 00000000 ____D () C:\Windows\system32\ms-MY
2014-09-20 17:52 - 2011-10-16 20:21 - 00000000 ____D () C:\Windows\system32\EventProviders
2014-09-20 17:52 - 2011-07-10 20:41 - 00000000 __SHD () C:\Windows\system32\AI_RecycleBin
2014-09-20 17:52 - 2009-07-25 08:52 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-20 17:52 - 2009-07-25 08:52 - 00000000 ____D () C:\Windows\system32\Asus_Camera_ScreenSaver dir
2014-09-20 17:52 - 2009-07-14 10:47 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-09-20 17:52 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-TW
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\zh-CN
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sv-SE
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ru-RU
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\pl-PL
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\nb-NO
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ko-KR
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\ja-JP
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\hu-HU
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\fi-FI
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\el-GR
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system
2014-09-20 17:52 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-09-20 17:52 - 2006-11-02 14:42 - 00000000 ____D () C:\Windows\WindowsMobile
2014-09-20 17:52 - 2006-11-02 14:42 - 00000000 ____D () C:\Windows\system32\Branding
2014-09-20 17:52 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\RemInst
2014-09-20 17:52 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\nap
2014-09-20 17:51 - 2011-08-29 12:46 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\PhotoScape
2014-09-20 17:51 - 2011-08-12 15:37 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\DVDVideoSoftIEHelpers
2014-09-20 17:51 - 2011-07-14 12:30 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\com.w3i.FlipToast
2014-09-20 17:51 - 2011-07-13 15:16 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\Opera
2014-09-20 17:51 - 2011-07-13 15:16 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\Opera
2014-09-20 17:51 - 2011-06-07 20:06 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\Adobe
2014-09-20 17:51 - 2011-06-07 20:05 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-20 17:51 - 2011-06-04 22:59 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\Macromedia
2014-09-20 17:51 - 2011-06-04 22:59 - 00000000 ____D () C:\Users\contschiiiii\AppData\Roaming\ArcSoft
2014-09-20 17:51 - 2011-06-04 22:58 - 00000000 ___RD () C:\Users\contschiiiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 17:51 - 2011-06-04 22:58 - 00000000 ___RD () C:\Users\contschiiiii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 17:51 - 2011-06-04 22:58 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\VirtualStore
2014-09-20 17:51 - 2011-06-04 22:58 - 00000000 ____D () C:\Users\contschiiiii
2014-09-20 17:51 - 2009-07-14 10:56 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-20 17:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Help
2014-09-20 17:51 - 2008-04-16 12:43 - 00000000 ____D () C:\Windows\ASUS
2014-09-20 17:51 - 2008-04-16 12:43 - 00000000 ____D () C:\Windows\ABLKSR
2014-09-20 17:50 - 2011-09-10 14:08 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\AskToolbar
2014-09-20 17:50 - 2011-08-26 21:33 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\ASUS
2014-09-20 17:50 - 2011-07-14 12:30 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\Adobe
2014-09-20 17:50 - 2011-07-10 20:41 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\W3i, LLC
2014-09-20 17:50 - 2011-06-07 20:01 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\Google
2014-09-20 17:50 - 2011-06-04 23:00 - 00000000 ____D () C:\Users\contschiiiii\AppData\Local\ArcSoft
2014-09-20 17:50 - 2011-05-02 21:05 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\skypePM
2014-09-20 17:50 - 2011-05-02 21:01 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Skype
2014-09-20 17:50 - 2011-05-01 07:51 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-20 17:50 - 2011-04-19 14:35 - 00000000 ___RD () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-20 17:50 - 2011-04-19 14:35 - 00000000 ___RD () C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 17:50 - 2011-04-19 14:35 - 00000000 ____D () C:\Users\ASUS
2014-09-20 17:49 - 2011-07-10 20:41 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\com.w3i.fliptoast
2014-09-20 17:49 - 2011-07-10 20:37 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\FinalMediaPlayer
2014-09-20 17:49 - 2011-06-08 16:19 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\IDoser
2014-09-20 17:49 - 2011-05-29 19:28 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\go
2014-09-20 17:49 - 2011-05-03 19:24 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\DVDVideoSoftIEHelpers
2014-09-20 17:49 - 2011-05-02 20:44 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\ArcSoft
2014-09-20 17:49 - 2011-05-01 10:19 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Microsoft Games
2014-09-20 17:49 - 2011-05-01 07:52 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Adobe
2014-09-20 17:49 - 2011-04-19 14:38 - 00000000 ____D () C:\Users\ASUS\AppData\Roaming\Macromedia
2014-09-20 17:49 - 2011-04-19 14:35 - 00000000 ____D () C:\Users\ASUS\AppData\Local\VirtualStore
2014-09-20 17:47 - 2014-06-22 11:34 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-20 17:47 - 2014-03-30 15:21 - 00000000 ____D () C:\ProgramData\WPM
2014-09-20 17:47 - 2013-04-27 11:43 - 00000000 ____D () C:\ProgramData\Samsung
2014-09-20 17:47 - 2013-02-07 17:25 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-09-20 17:47 - 2012-06-14 19:02 - 00000000 ____D () C:\ProgramData\tlaztpqqbrxkipq
2014-09-20 17:47 - 2012-04-12 12:59 - 00000000 ____D () C:\ProgramData\TomTom
2014-09-20 17:47 - 2011-05-02 21:05 - 00000000 ____D () C:\ProgramData\Skype Extras
2014-09-20 17:47 - 2011-05-02 21:00 - 00000000 ____D () C:\ProgramData\Skype
2014-09-20 17:47 - 2011-05-02 20:46 - 00000000 ____D () C:\Users\ASUS\AppData\Local\ArcSoft
2014-09-20 17:47 - 2011-05-01 09:46 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Adobe
2014-09-20 17:47 - 2011-05-01 07:48 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Google
2014-09-20 17:47 - 2011-05-01 07:47 - 00000000 ____D () C:\Users\ASUS\AppData\Local\Apps\2.0
2014-09-20 17:47 - 2011-04-20 07:21 - 00000000 ____D () C:\Users\ASUS\AppData\Local\ASUS
2014-09-20 17:47 - 2009-07-25 08:52 - 00000000 ____D () C:\ProgramData\Symantec
2014-09-20 17:46 - 2014-08-07 12:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-20 17:46 - 2014-06-26 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-09-20 17:46 - 2014-03-04 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-20 17:46 - 2013-12-29 00:23 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-20 17:46 - 2013-12-29 00:21 - 00000000 ____D () C:\ProgramData\Apple
2014-09-20 17:46 - 2013-12-14 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-09-20 17:46 - 2013-05-04 08:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RAR Password Unlocker
2014-09-20 17:46 - 2013-04-27 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-09-20 17:46 - 2013-03-16 09:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-20 17:46 - 2013-03-12 20:27 - 00000000 ____D () C:\ProgramData\McAfee
2014-09-20 17:46 - 2013-03-07 22:25 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-09-20 17:46 - 2012-11-15 15:08 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-20 17:46 - 2012-10-26 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
2014-09-20 17:46 - 2012-10-19 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2014-09-20 17:46 - 2012-09-13 20:08 - 00000000 ____D () C:\ProgramData\HP Photo Creations
2014-09-20 17:46 - 2012-09-13 20:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-09-20 17:46 - 2012-09-13 20:04 - 00000000 ____D () C:\ProgramData\HP
2014-09-20 17:46 - 2012-04-29 21:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-09-20 17:46 - 2012-04-03 20:41 - 00000000 ____D () C:\ProgramData\Avira
2014-09-20 17:46 - 2012-04-03 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2014-09-20 17:46 - 2011-11-23 10:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-20 17:46 - 2011-09-10 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever
2014-09-20 17:46 - 2011-09-10 14:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mario Forever 5.05
2014-09-20 17:46 - 2011-08-16 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-09-20 17:46 - 2011-07-10 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalMediaPlayer
2014-09-20 17:46 - 2011-07-10 20:27 - 00000000 ____D () C:\ProgramData\Fighters
2014-09-20 17:46 - 2011-05-29 19:28 - 00000000 ____D () C:\ProgramData\Easybits GO
2014-09-20 17:46 - 2011-05-17 12:34 - 00000000 ____D () C:\ProgramData\PassMark
2014-09-20 17:46 - 2011-05-02 20:45 - 00000000 ____D () C:\ProgramData\ArcSoft
2014-09-20 17:46 - 2011-04-20 07:21 - 00000000 ____D () C:\ProgramData\ASUS
2014-09-20 17:46 - 2009-07-25 08:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-20 17:46 - 2009-07-25 08:53 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-20 17:46 - 2009-07-25 08:52 - 00000000 ____D () C:\ProgramData\Norton
2014-09-20 17:46 - 2009-07-25 08:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Gate
2014-09-20 17:46 - 2009-07-25 08:49 - 00000000 ____D () C:\ProgramData\P4G
2014-09-20 17:46 - 2009-07-25 08:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
2014-09-20 17:46 - 2009-07-25 08:43 - 00000000 ____D () C:\ProgramData\Atheros
2014-09-20 17:46 - 2009-07-14 10:56 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
2014-09-20 17:45 - 2014-09-20 08:33 - 00000000 ____D () C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-09-20 17:45 - 2014-08-15 12:24 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-20 17:45 - 2014-06-26 21:15 - 00000000 ____D () C:\Program Files\Tinypic
2014-09-20 17:45 - 2013-12-29 00:23 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-09-20 17:45 - 2013-07-10 18:14 - 00000000 ____D () C:\Program Files\MarkAny
2014-09-20 17:45 - 2013-05-04 08:51 - 00000000 ____D () C:\Program Files\SoftwareUpdater
2014-09-20 17:45 - 2013-04-27 11:43 - 00000000 ____D () C:\Program Files\Samsung
2014-09-20 17:45 - 2013-03-07 22:23 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-20 17:45 - 2013-01-25 21:47 - 00000000 ____D () C:\Program Files\Perion
2014-09-20 17:45 - 2012-10-26 21:54 - 00000000 ____D () C:\Program Files\Protected Search
2014-09-20 17:45 - 2012-10-26 21:49 - 00000000 ____D () C:\Program Files\Red Sky
2014-09-20 17:45 - 2012-10-19 17:10 - 00000000 ____D () C:\Program Files\Zune
2014-09-20 17:45 - 2012-09-13 21:40 - 00000000 ____D () C:\Program Files\MSECache
2014-09-20 17:45 - 2012-09-13 21:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-20 17:45 - 2012-09-13 20:08 - 00000000 ____D () C:\Program Files\HP Photo Creations
2014-09-20 17:45 - 2012-09-13 20:04 - 00000000 ____D () C:\Program Files\HP
2014-09-20 17:45 - 2011-11-23 10:47 - 00000000 ____D () C:\Program Files\WinRAR
2014-09-20 17:45 - 2011-09-10 14:39 - 00000000 ____D () C:\Program Files\Mario Forever
2014-09-20 17:45 - 2011-08-29 12:45 - 00000000 ____D () C:\Program Files\PhotoScape
2014-09-20 17:45 - 2011-07-10 20:37 - 00000000 ____D () C:\Program Files\FinalMediaPlayer
2014-09-20 17:45 - 2011-05-27 13:41 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-09-20 17:45 - 2011-05-10 09:43 - 00000000 ____D () C:\Program Files\Google
2014-09-20 17:45 - 2011-05-02 21:00 - 00000000 ___RD () C:\Program Files\Skype
2014-09-20 17:45 - 2009-07-25 08:49 - 00000000 ____D () C:\Program Files\P4G
2014-09-20 17:45 - 2009-07-25 08:45 - 00000000 ____D () C:\Program Files\Wireless Console 2
2014-09-20 17:45 - 2009-07-25 08:39 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-20 17:45 - 2009-07-14 06:52 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-09-20 17:45 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-09-20 17:45 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-09-20 17:45 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Calendar
2014-09-20 17:44 - 2014-09-01 13:25 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-09-20 17:44 - 2013-03-16 09:44 - 00000000 ____D () C:\Program Files\Avira
2014-09-20 17:44 - 2012-11-17 18:35 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-09-20 17:44 - 2012-04-03 16:46 - 00000000 ____D () C:\Program Files\Canon
2014-09-20 17:44 - 2012-04-03 16:44 - 00000000 ____D () C:\Program Files\Common Files\Canon
2014-09-20 17:44 - 2011-10-28 21:57 - 00000000 ____D () C:\Program Files\EA GAMES
2014-09-20 17:44 - 2011-07-10 20:41 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-09-20 17:44 - 2011-07-10 20:18 - 00000000 ____D () C:\Program Files\Chrome
2014-09-20 17:44 - 2011-05-03 19:23 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-09-20 17:44 - 2011-05-02 20:45 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-09-20 17:44 - 2009-07-25 08:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-09-20 17:44 - 2009-07-25 08:53 - 00000000 ____D () C:\Program Files\Adobe
2014-09-20 17:44 - 2009-07-25 08:50 - 00000000 ____D () C:\Program Files\Downloaded Installations
2014-09-20 17:44 - 2009-07-25 08:41 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-20 17:44 - 2009-07-25 08:40 - 00000000 ____D () C:\Program Files\ATKGFNEX
2014-09-20 17:44 - 2009-07-25 08:40 - 00000000 ____D () C:\Program Files\ASUS
2014-09-20 17:44 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-20 17:42 - 2014-09-20 17:42 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-09-20 17:42 - 2014-09-20 17:42 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Startmenü
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Netzwerkumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Druckumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Documents\Eigene Musik
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\Documents\Eigene Bilder
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Contschiiiii.ASUS-PC\AppData\Local\Verlauf
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Startmenü
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Netzwerkumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Druckumgebung
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Documents\Eigene Musik
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\Documents\Eigene Bilder
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-09-20 17:42 - 2014-09-20 17:42 - 00000000 _SHDL () C:\Users\Andrej\AppData\Local\Verlauf
2014-09-20 17:42 - 2014-09-20 17:38 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-09-20 17:42 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-20 17:42 - 2009-07-14 04:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-20 17:41 - 2014-09-20 17:41 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-09-20 17:41 - 2014-09-20 17:41 - 00000000 ____D () C:\Program Files\Realtek
2014-09-20 17:40 - 2014-09-20 17:40 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-09-20 17:16 - 2009-07-25 08:29 - 01306143 _____ () C:\Windows\WindowsUpdate (1).log
2014-09-20 17:16 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 17:16 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 16:43 - 2014-09-20 16:43 - 00002636 _____ () C:\Windows\diagwrn.xml
2014-09-20 16:43 - 2014-09-20 16:43 - 00001890 _____ () C:\Windows\diagerr.xml
2014-09-20 14:28 - 2011-06-07 20:01 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1001Core.job
2014-09-20 14:27 - 2014-09-20 11:37 - 2463242240 _____ () C:\Users\Andrej\Downloads\X15-65740.iso
2014-09-20 13:29 - 2011-08-10 08:04 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1002Core.job
2014-09-20 12:32 - 2012-12-01 15:11 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1004Core.job
2014-09-20 12:32 - 2011-05-01 07:48 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1000Core.job
2014-09-20 08:33 - 2014-09-20 08:33 - 00002003 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 7 Upgrade Advisor.lnk
2014-09-20 08:33 - 2014-09-20 08:32 - 08676128 _____ (Microsoft Corporation) C:\Users\Andrej\Downloads\Windows7UpgradeAdvisorSetup.exe
2014-09-19 13:35 - 2014-09-19 13:35 - 00000481 _____ () C:\Windows\SynInst.log
2014-09-19 13:34 - 2013-11-02 22:32 - 00000000 ____D () C:\Program Files\MyFree Codec
2014-09-19 13:26 - 2012-03-21 18:49 - 377814977 _____ () C:\Windows\MEMORY.DMP
2014-09-19 07:27 - 2013-12-29 00:21 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-18 08:31 - 2012-09-13 20:28 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-14 03:12 - 2013-08-14 21:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-13 21:04 - 2012-10-03 10:26 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-13 21:04 - 2011-07-14 12:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-13 20:26 - 2014-09-13 20:26 - 00001009 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-25 06:53 - 2011-08-07 12:28 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\Andrej\AppData\Local\Temp\avgnt.exe
C:\Users\ASUS\AppData\Local\Temp\AdobeAIRInstaller.exe
C:\Users\ASUS\AppData\Local\Temp\dotNetFx40_Web_Setup.exe
C:\Users\ASUS\AppData\Local\Temp\SkypeSetup.exe
C:\Users\contschiiiii\AppData\Local\Temp\GUR695C.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-20 17:37

==================== End Of Log ============================
--

Addition.txt
Zitat:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-09-2014
Ran by Andrej at 2014-09-21 10:13:21
Running from C:\Users\Andrej\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.7.0.19530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
ASUS CopyProtect (HKLM\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0010 - ASUS)
ASUS Data Security Manager (HKLM\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0008 - ASUS)
ASUS FancyStart (HKLM\...\{F9F20920-313D-4D6F-866B-2737B77E1857}) (Version: 1.0.3 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.15 - ASUS)
ASUS Live Update (HKLM\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.7 - ASUS)
ASUS MultiFrame (HKLM\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0018 - )
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.10 - ASUS)
ASUS SmartLogon (HKLM\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0005 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0025 - ASUS)
ASUS Virtual Camera (HKLM\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.13 - ASUS)
Asus_Camera_ScreenSaver (HKLM\...\Asus_Camera_ScreenSaver) (Version: 2.0.0007 - ASUS)
ATK Generic Function Service (HKLM\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0047 - ASUS)
ATK Media (HKLM\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0002 - ASUS)
ATKOSD2 (HKLM\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0002 - ASUS)
Avira (HKLM\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.)
Canon Utilities EOS Utility (HKLM\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities Movie Uploader for YouTube (HKLM\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
Express Gate (HKLM\...\{E8CC51B4-F039-4A13-8C23-57661C5A90AC}) (Version: 1.1.6.0 - DeviceVM, Inc.)
Final Media Player 2011 (HKLM\...\FinalMediaPlayer_is1) (Version: - Bitberry Software) <==== ATTENTION
Free Audio CD Burner version 1.4.8 (HKLM\...\Free Audio CD Burner_is1) (Version: - DVDVideoSoft Limited.)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Photosmart 5510 series - Grundlegende Software für das Gerät (HKLM\...\{9A8C75F6-E5CC-47F9-962A-73FE54A8AF41}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Hilfe (HKLM\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
Microsoft .NET Framework 4.5.1 (DEU) (HKLM\...\{9E871D09-064D-3BC9-963B-3AB8ABE1273D}) (Version: - )
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{4903D172-DCCB-392F-93A3-34CA9D47FE3D}) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - )
Norton Internet Security (Version: 16.0.0.125 - Symantec Corporation) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
Online Weather (HKCU\...\Online Weather) (Version: 1.0 - )
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Protected Search 1.1 (HKLM\...\Protected Search_is1) (Version: - Protected Search) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5780 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: - Realtek Semiconductor Corp.)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.43.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Tinypic 3.18 (HKLM\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
USB 2.0 UVC 1.3M WebCam (HKLM\...\USB 2.0 UVC 1.3M WebCam) (Version: - )
Windows 7 Upgrade Advisor (HKLM\...\{9A4D182C-35C7-4791-8484-4304EBC9101A}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinFlash (HKLM\...\{DE10AB76-4756-4913-BE25-55D1C1051F9A}) (Version: - )
WinRAR 4.01 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireless Console 2 (HKLM\...\{83F73CB1-7705-49D1-9852-84D839CA2A45}) (Version: 2.0.10 - ATK)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\Andrej\AppData\Local\Google\Chrome\Application\37.0.2062.120\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{5F387297-4BDB-48CD-8DB0-ACAD1415FABA}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.21.129\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-469083165-4237764224-2399718049-1004_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Andrej\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File

==================== Restore Points =========================

20-09-2014 16:32:09 Windows Update
20-09-2014 16:36:00 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {12E68927-3B7F-4F42-9D13-30106A4EDEB8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1000UA => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-01] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {20517495-E8DE-4A80-B1E5-89991AF5F8AE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1002UA => C:\Users\Natascha&amp;Andrej\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {240545D0-8740-4A9B-924D-2020C7888903} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1001UA => C:\Users\contschiiiii\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-01] (Google Inc.)
Task: {34B79200-AA35-4283-A200-E5EDA8A8C1EB} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files\Protected Search\ProtectedSearch.exe [2012-10-11] (Simplygen) <==== ATTENTION
Task: {3FB14243-B4A9-430D-B9D0-6DA547579771} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Andrej => C:\Program Files\Windows Calendar\wincal.exe
Task: {472333B8-78CF-4E8E-92D9-C8A027704100} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {4994AAA6-5ECB-49F3-8A92-47FCE13E58EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-10] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {59A219CB-D37E-4941-9B51-6B5E2A051C06} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files\ASUS\SmartLogon\sensorsrv.exe [2008-06-18] (ASUS)
Task: {5D1A3B6E-6A7E-43AA-888F-674D10824056} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1002Core => C:\Users\Natascha&amp;Andrej\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {62A407AA-432F-409A-BF7E-1F4077C07785} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-19] ()
Task: {664932BC-5372-42DA-AC01-99A9441BD22A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2009-07-14] (Microsoft Corporation)
Task: {674DEC3F-0022-4B10-8B05-9465B1434DEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1001Core => C:\Users\contschiiiii\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-01] (Google Inc.)
Task: {6F4DBE8B-2589-4E2C-A7D5-45D978A35559} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-05-10] (Google Inc.)
Task: {729B32CB-AE29-4F2C-BB0D-B27360F26EFA} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader\YourFileUpdater.exe <==== ATTENTION
Task: {72E78AE3-0892-48C2-BAD2-4D84D5D8059C} - System32\Tasks\ASPG => C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe [2008-12-27] (ASUS)
Task: {73971214-C65F-498B-AEFC-34B36FF8C2D1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1004Core => C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {8D1C8872-1CC8-470F-91E3-FCFDD81865AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-13] (Adobe Systems Incorporated)
Task: {9380A911-B90E-47BE-ABF3-B4A20D6125B7} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-03-11] (Bitberry Software)
Task: {94C3A16A-AB24-4CC5-BE05-F695EB3A299B} - System32\Tasks\ASUS P4G => C:\Program files\P4G\BatteryLife.exe [2008-11-27] (ATK)
Task: {A7881322-B77F-4DA9-B25F-8D3A950C8FFB} - System32\Tasks\{C8A9B985-A03B-4E07-9957-AC6C6FEB71E0} => C:\Program Files\Skype\\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {BC52730A-BC09-43A9-85A4-E8D3580F0290} - System32\Tasks\ASUS Live Update => C:\Program Files\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {E2C13360-506E-450F-81B1-0202BA226B3A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1000Core => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-01] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F41D8B68-B61A-4F04-A6B2-A7856D9CCACB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1004UA => C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {F8CB33AB-107C-4245-A527-9BAA9659DE8E} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-19] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1000Core.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1000UA.job => C:\Users\ASUS\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1001Core.job => C:\Users\contschiiiii\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1001UA.job => C:\Users\contschiiiii\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1002Core.job => C:\Users\Natascha&Andrej\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1002UA.job => C:\Users\Natascha&Andrej\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1004Core.job => C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469083165-4237764224-2399718049-1004UA.job => C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{3C650626-4CEA-4425-9744-2C7B5335A158}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2008-08-14 05:59 - 2008-08-14 05:59 - 00100920 _____ () C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
2009-07-25 08:40 - 2007-08-08 09:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2007-06-15 19:28 - 2007-06-15 19:28 - 00147456 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
2007-06-02 02:08 - 2007-06-02 02:08 - 00143360 _____ () C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
2009-07-25 08:48 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files\ASUS\ASUS Live Update\ALU.exe
2008-08-21 00:49 - 2008-08-21 00:49 - 00016384 _____ () C:\Program files\P4G\DevMng.dll
2008-10-31 00:37 - 2008-10-31 00:37 - 00015360 _____ () C:\Program files\P4G\OvrClk.dll
2009-07-25 08:40 - 2007-03-10 01:16 - 00106496 _____ () C:\Program Files\ATKGFNEX\AGFNEX.dll
2008-10-01 08:02 - 2008-10-01 08:02 - 00009216 _____ () C:\Program Files\ASUS\Splendid\GLCDdll.dll
2009-07-25 08:45 - 2007-07-06 01:53 - 01040384 _____ () C:\Program Files\Wireless Console 2\wcourier.exe
2014-09-20 18:34 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Andrej\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2007-11-13 00:41 - 2007-11-13 00:41 - 00106496 _____ () C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
2014-09-14 11:01 - 2014-09-04 05:01 - 01098056 _____ () C:\Users\Andrej\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-14 11:01 - 2014-09-04 05:01 - 00174408 _____ () C:\Users\Andrej\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-14 11:01 - 2014-09-04 05:01 - 08577864 _____ () C:\Users\Andrej\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-14 11:01 - 2014-09-04 05:01 - 00331592 _____ () C:\Users\Andrej\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-14 11:01 - 2014-09-04 05:01 - 01660232 _____ () C:\Users\Andrej\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Andrej\Downloads\HUK-COBURG-Allgemeine_Versicherung_AG_Mail-Info_13-11-608_244508-E.eml:OECustomProperty
AlternateDataStreams: C:\Users\Andrej\Downloads\Meinungsbild.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: IePluginService => 2
MSCONFIG\Services: SystemStoreService => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupreg: ADSMTray => C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Andrej\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Andrej\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: Online Weather => C:\Users\Andrej\AppData\Local\WebPlayer\Online Weather\WebPlayer.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

==================== Faulty Device Manager Devices =============

Name: StarForce Protection Environment Driver (version 1.x.a)
Description: StarForce Protection Environment Driver (version 1.x.a)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sfdrv01a
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: StarForce Protection Synchronization Driver (version 2.x)
Description: StarForce Protection Synchronization Driver (version 2.x)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: sfsync02
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/21/2014 10:02:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 09:41:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Volume "VistaOS (C" wurde aufgrund eines Fehlers nicht defragmentiert: Das Dirty Bit wird auf diesem Volume festgelegt. (0x89000015)

Error: (09/21/2014 09:30:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 06:56:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 06:33:07 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3876) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (09/20/2014 06:32:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/20/2014 06:32:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/20/2014 06:32:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.

Error: (09/20/2014 06:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 01:36:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x80070422).


System errors:
=============
Error: (09/21/2014 10:02:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01a
sfsync02

Error: (09/21/2014 10:02:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (09/21/2014 10:01:00 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.

Error: (09/21/2014 10:00:58 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.

Error: (09/21/2014 09:40:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "VistaOS" den Befehl "chkdsk" aus.

Error: (09/21/2014 09:40:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "VistaOS" den Befehl "chkdsk" aus.

Error: (09/21/2014 09:40:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "VistaOS" den Befehl "chkdsk" aus.

Error: (09/21/2014 09:40:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "VistaOS" den Befehl "chkdsk" aus.

Error: (09/21/2014 09:40:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "VistaOS" den Befehl "chkdsk" aus.

Error: (09/21/2014 09:40:47 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "VistaOS" den Befehl "chkdsk" aus.


Microsoft Office Sessions:
=========================
Error: (09/21/2014 10:02:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/21/2014 09:41:58 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: VistaOS (CDas Dirty Bit wird auf diesem Volume festgelegt. (0x89000015)

Error: (09/21/2014 09:30:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 06:56:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 06:33:07 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3876WindowsMail0:

Error: (09/20/2014 06:32:19 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/20/2014 06:32:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/20/2014 06:32:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabEin erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.

Error: (09/20/2014 06:28:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/20/2014 01:36:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x80070422


CodeIntegrity Errors:
===================================
Date: 2012-03-04 12:26:41.669
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-03-04 12:26:41.551
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-03-04 12:26:41.437
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-03-04 12:26:41.167
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-02-13 08:02:23.031
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-02-13 08:02:22.969
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-02-13 08:02:22.906
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-02-13 08:02:22.844
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-02-13 08:02:22.766
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-02-13 08:02:22.313
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz
Percentage of memory in use: 35%
Total physical RAM: 3071.34 MB
Available physical RAM: 1996.13 MB
Total Pagefile: 6140.95 MB
Available Pagefile: 4635.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.76 MB

==================== Drives ================================

Drive c: (VistaOS) (Fixed) (Total:232.88 GB) (Free:173.66 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:232.88 GB) (Free:232.44 GB) NTFS
Drive e: (DATA) (Fixed) (Total:226.04 GB) (Free:225.93 GB) NTFS
Drive f: () (Fixed) (Total:232.88 GB) (Free:232.44 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 19C2F2AF)
Partition 1: (Not Active) - (Size=6.8 GB) - (Type=1C)
Partition 2: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=226 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================

--


Danke im voraus!

Alt 21.09.2014, 10:14   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit) - Standard

Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit)



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________

__________________

Antwort

Themen zu Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit)
0x8007042, antivir, antivirus, avira, browser, computer, desktop, error, excel, flash player, google, helper, home, homepage, logfile, newtab, object, popup, problem, programm, quick_start, realtek, registry, scan, security, svchost.exe, system, tablet, windows, windows 7 32 bit softwareupdater.ui.exe



Ähnliche Themen: Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit)


  1. edealspop und n10.adshostnet.com/ads? stört mich beim Surfen
    Log-Analyse und Auswertung - 19.02.2015 (21)
  2. Widows Vista 32bit. "Softwareupdater.UI.exe" möchte sich bei jedem Start öffnen
    Log-Analyse und Auswertung - 02.09.2014 (15)
  3. SoftwareUpdater.ui.exe öffnet sich beim Start
    Log-Analyse und Auswertung - 27.07.2014 (7)
  4. SoftwareUdater.Ui.exe stört bei Systemstart
    Plagegeister aller Art und deren Bekämpfung - 11.02.2014 (19)
  5. Deal Finder Firefox stört beim surfen wie löschen?
    Plagegeister aller Art und deren Bekämpfung - 17.01.2014 (17)
  6. Softwareupdater.UI.EXE meldet sich nach jedem Systemstart
    Log-Analyse und Auswertung - 20.11.2013 (13)
  7. C:\Programm Files\HomeTab\TBUpdater.dll erscheint beim Win7 Start / toolbar web1Enhance stört
    Log-Analyse und Auswertung - 16.11.2013 (7)
  8. Windows Vista: SoftwareUpdater.Ui.exe öffnet sich bei jedem Systemstart
    Plagegeister aller Art und deren Bekämpfung - 20.10.2013 (9)
  9. Riesen-Dank an M-K-D-B beim Entfernen der Softwareupdater.ui.exe
    Lob, Kritik und Wünsche - 28.09.2013 (0)
  10. Whitescreen beim starten meines Win7-, 32bit-Systems
    Plagegeister aller Art und deren Bekämpfung - 15.09.2013 (8)
  11. C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper nicht zu löschen
    Log-Analyse und Auswertung - 05.09.2013 (7)
  12. Softwareupdater.ui.exe Popup beim Hochfahren. Was kann ich tun?
    Plagegeister aller Art und deren Bekämpfung - 27.08.2013 (17)
  13. SoftwareUpdater.ui.exe will sich beim Start ausführen.
    Plagegeister aller Art und deren Bekämpfung - 31.07.2013 (13)
  14. Softwareupdater.ui.exe öffnet sich bei jedem Systemstart
    Plagegeister aller Art und deren Bekämpfung - 28.06.2013 (16)
  15. Window 7 32Bit, Weißer Bildschirm nach Systemstart.
    Plagegeister aller Art und deren Bekämpfung - 25.05.2013 (3)
  16. Fehlermeldung beim Systemstart: Problem beim Starten von C/User...appdata..exe
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (25)
  17. Hohe CPU Last, Cmd.exe startet unaufgerufen bei Systemstart, Win7 32bit
    Log-Analyse und Auswertung - 16.12.2010 (6)

Zum Thema Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit) - Hallo alle miteinander. Auch ich habe ein Problem mit dem Programm softwareupdater.ui.exe, sobald ich den Rechner hochfahre möchte es ausgeführt werden. Ich hab hier schon einiges darüber gelesen und auch - Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit)...
Archiv
Du betrachtest: Softwareupdater.ui.exe stört beim Systemstart (Win 7, 32bit) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.