Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 16.10.2014, 15:35   #1
Patrick1980
 
Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert - Standard

Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert



Hallo Trojaner-Board Team,

zeit einiger Zeit bekomme ich beim Start meines PC folgende Fehlermeldung:

RegSvr32 Fehler beim laden des Moduls

zudem lässt sich z.Z. mein Antivir-Programm von Avira nicht öffnen, es erscheint folgende Fehlermeldung:

Dieses Programm wurde durch eine Gruppenrichtlinie blockiert. Weitere Informationen erhalten Sie vom Systemadministrator.

Des weiteren öffnen in unregelmäßigen Abständen Online-Werbeseiten.

Ich habe bereits alle Schritte aus Punkt 2 "Informationen Zusammenstellen" durchgeführt.



Ich hoffe Ihr könnt mir weiterhelfen.

Vielen Dank im Voraus

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:46 on 16/10/2014 (Herminghaus)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Code:
ATTFilter
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Herminghaus (administrator) on HERMINGHAUS-PC on 16-10-2014 14:52:13
Running from C:\Users\Herminghaus\Desktop
Loaded Profile: Herminghaus (Available profiles: Herminghaus & Patrick)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
() C:\Program Files (x86)\ViewPassword-soft\ViewPasswordTA171.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Bench\Proxy\pwdg.exe
() C:\Program Files (x86)\fst_de_187\fst_de_187.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
() C:\Program Files (x86)\Bench\Proxy\proc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [171520 2009-11-09] (Sun Microsystems, Inc.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [323640 2009-11-24] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-09-02] (EasyBits Software AS)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [WirelessAssistant] => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [498744 2009-07-23] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2011-06-09] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-03-17] (Nullsoft, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1646216 2013-04-01] (Ask)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => "C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 8\Ereg\Ereg.ini"
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [Bench Communicator Watcher] => C:\Program Files (x86)\Bench\Proxy\pwdg.exe [113152 2014-06-17] ()
HKLM-x32\...\Run: [Bench Settings Cleaner] => C:\Program Files (x86)\Bench\Proxy\cl.exe [55296 2014-06-17] ()
HKLM-x32\...\Run: [fst_de_187] => C:\Program Files (x86)\fst_de_187\fst_de_187.exe [3970560 2014-09-29] ()
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard)
HKLM Group Policy restriction on software: C:\Program Files (x86)\Avira <====== ATTENTION
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-08-20] (Hewlett-Packard Company)
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [ctfmon32.exe] => C:\PROGRA~3\rundll32.exe XFG00 <===== ATTENTION
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [GoogleChromeAutoLaunch_13A3395BF2D4E00D480CF02761003B99] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [852808 2014-09-23] (Google Inc.)
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [ErivwAbnuv] => regsvr32.exe "
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [SSync] => C:\Users\Herminghaus\AppData\Roaming\SSync\SSync.exe [37376 2013-12-09] ()
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\Run: [Sixth] => C:\Users\Herminghaus\AppData\Roaming\Sixth\Sixth.exe [63618 2014-06-24] ()
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-2329064924-620678914-359712183-1000\...\MountPoints2: {e769ee86-cd4a-11e3-8e4f-00269edec106} - F:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Packer.exe.lnk
ShortcutTarget: Packer.exe.lnk -> C:\Users\Herminghaus\AppData\Local\Temp\is-OM2ME.tmp\Packer.exe (No File)
Startup: C:\Users\Herminghaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/?gws_rd=ssl
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1401994637&from=tugs&uid=WDCXWD3200BEVT-60ZCT1_WD-WX60AC9K2384K2384
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYyXLBoFW8vhWF5ci3pYBcCCJYNR8yChcQx9UDiY6927XKuu7SNdl52x9uQOfGsXUWQ6_dfwmKe1jMZBF_9-ISzuyxpKBCNARvJ43o615Rcy8R50OCxsZ9Ika8bomaZKg,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYyXLBoFW8vhWF5ci3pYBcCCJYNR8yChcQx9UDiY6927XKuu7SNdl52x9uQOfGsXUWQ6_dfwmKe1jMZBF_9-ISzuyxpKBCNARvJ43o615Rcy8R50OCxsZ9Ika8bomaZKg,,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1401994637&from=tugs&uid=WDCXWD3200BEVT-60ZCT1_WD-WX60AC9K2384K2384
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYyXLBoFW8vhWF5ci3pYBcCCJYNR8yChcQx9UDiY6927XKuu7SNdl52x9uQOfGsXUWQ6_dfwmKe1jMZBF_9-ISzuyxpKBCNARvJ43o615Rcy8R50OCxsZ9Ika8bomaZKg,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYyXLBoFW8vhWF5ci3pYBcCCJYNR8yChcQx9UDiY6927XKuu7SNdl52x9uQOfGsXUWQ6_dfwmKe1jMZBF_9-ISzuyxpKBCNARvJ43o615Rcy8R50OCxsZ9Ika8bomaZKg,,&q={searchTerms}
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: ViewPassword -> {52262CA2-D4CA-11D2-A424-DECF91ED1FC7} -> C:\Program Files (x86)\ViewPassword-soft\171.dll ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AcroIEToolbarHelper Class -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Avira SearchFree Toolbar plus Web Protection -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: SaveAs Class -> {F8730BFD-181B-3A1E-9179-CD41F5DB2772} -> C:\ProgramData\SaveAs\50c89ac4b664e.ocx No File
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-11-09] (EasyBits Software Corp.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default
FF DefaultSearchUrl: hxxp://websearch.mocaflix.com/?l=1&q=
FF SelectedSearchEngine: Mysearchdial
FF SelectedSearchEngine,S: WebSearch
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=irmsd1202&cd=2XzuyEtN2Y1L1Qzu0CyEtCyB0F0EtAyCyBtB0FtDyCyByDtAtN0D0Tzu0SyBtBtAtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=1069770843&ir=
FF Homepage: hxxp://start.iminent.com/?appId=E21073D6-81CB-41EB-A5F6-83E639601582
FF SelectedSearchEngine: StartWeb
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF Extension: SaveAs - C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\Extensions\50c89ac4b64b0@50c89ac4b64ea.com [2013-01-01]
FF Extension: Iminent Toolbar - C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\Extensions\ffxtlbr@iminent.com [2014-05-12]
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\Extensions\toolbar@ask.com [2013-03-10]
FF Extension: DVDVideoSoftTB DE  - C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\Extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2012-07-15]
FF Extension: Free YouTube Download (Free Studio) Menu - C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2012-07-15]
FF Extension: MySearchDial NewTab - C:\Users\Herminghaus\AppData\Roaming\Mozilla\Firefox\Profiles\8uvy6tdn.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2013-12-23]
FF Extension: Skype extension - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2011-04-10]
FF HKCU\...\Firefox\Extensions: [{562A5B8E-EE2E-6E2F-EDA9-A8B7F320660C}] - C:\Program Files (x86)\ViewPassword-soft\171.xpi
FF Extension: ViewPassword - C:\Program Files (x86)\ViewPassword-soft\171.xpi [2014-06-05]

Chrome: 
=======
CHR HomePage: Default -> hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYyXLBoFW8vhWF5ci3pYBcCCJYNR8yChcQx9UDiY6927XKuu7SNdl52x9uQOfGsXUWcGPpHR3Yvg7haMyx351NnCURBeuYxaB1XoH5nweAcCE4uHGBtI3HJ69Z_5av6oA,,
CHR StartupUrls: Default -> "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJ_Xmyr4DsGS5n78vMqPWzn-RsCeYyXLBoFW8vhWF5ci3pYBcCCJYNR8yChcQx9UDiY6927XKuu7SNdl52x9uQOfGsXUWcGPpHR3Yvg7haMyx351NnCURBeuYxaB1XoH5nweAcCE4uHGBtI3HJ69Z_5av6oA,,"
CHR DefaultSearchKeyword: Default -> webssearches
CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=dspp&ts=1406120322&from=tugs&uid=WDCXWD3200BEVT-60ZCT1_WD-WX60AC9K2384K2384&q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Profile: C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Toolbar) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabfjnbeinlpljodiajipidiompfl [2014-08-06]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-13]
CHR Extension: (DVDVideoSoftTB DE) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhphemoobgnikcoofkgackkaimpfmenm [2014-08-06]
CHR Extension: (SaveAs) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiaiamoijhgajfdoedocmhdjooaegbjk [2014-08-06]
CHR Extension: (Google Wallet) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (Quick start) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-06-05]
CHR Extension: (MySearchDial) - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-08-06]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\HERMIN~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKCU\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Herminghaus\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-07-05]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\HERMIN~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKLM-x32\...\Chrome\Extension: [aaaaabfjnbeinlpljodiajipidiompfl] - C:\Users\Herminghaus\AppData\Local\APN\GoogleCRXs\aaaaabfjnbeinlpljodiajipidiompfl_7.15.18.0.crx [2013-03-10]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Herminghaus\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-07-05]
CHR HKLM-x32\...\Chrome\Extension: [hiaiamoijhgajfdoedocmhdjooaegbjk] - C:\ProgramData\SaveAs\hiaiamoijhgajfdoedocmhdjooaegbjk.crx [2012-12-12]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Herminghaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-05]
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\HERMIN~1\AppData\Local\mysearchdial-speeddial.crx [2013-12-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [89600 2009-03-02] (Andrea Electronics Corporation)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-05] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-05] (globalUpdate) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [File not signed]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [247808 2010-03-23] (IDT, Inc.)
R2 ViewPassword; C:\Program Files (x86)\ViewPassword-soft\ViewPasswordTA171.exe [180736 2014-06-05] () [File not signed]
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [573344 2014-06-05] (Fuyu LIMITED) <==== ATTENTION
S2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
U4 eabfiltr; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 14:52 - 2014-10-16 14:53 - 00029281 _____ () C:\Users\Herminghaus\Desktop\FRST.txt
2014-10-16 14:51 - 2014-10-16 14:52 - 00000000 ____D () C:\FRST
2014-10-16 14:47 - 2014-10-16 14:47 - 02111488 _____ (Farbar) C:\Users\Herminghaus\Desktop\FRST64.exe
2014-10-16 14:46 - 2014-10-16 14:46 - 00000484 _____ () C:\Users\Herminghaus\Desktop\defogger_disable.log
2014-10-16 14:45 - 2014-10-16 14:45 - 00050477 _____ () C:\Users\Herminghaus\Desktop\Defogger.exe
2014-10-16 14:41 - 2014-10-16 14:41 - 00000000 _____ () C:\Users\Herminghaus\defogger_reenable
2014-10-14 17:39 - 2014-10-14 17:38 - 00059392 _____ () C:\Users\Herminghaus\Desktop\RSK_027_Elektronischer Objektvergleich - Kopie.xls
2014-10-11 14:42 - 2014-10-14 19:31 - 00053248 _____ () C:\Users\Herminghaus\Desktop\RSK_027_Elektronischer Objektvergleich.xls
2014-10-11 14:42 - 2014-10-11 14:42 - 00000000 ____D () C:\Users\Herminghaus\AppData\Local\fst_de_187
2014-10-11 14:42 - 2014-10-11 14:42 - 00000000 ____D () C:\Program Files (x86)\fst_de_187
2014-09-25 21:37 - 2014-09-25 21:35 - 00945923 _____ () C:\Users\Herminghaus\Desktop\QS-Kalender ab Mai 2008  - Kopie.xlsx
2014-09-25 20:36 - 2014-09-25 20:36 - 00015385 _____ () C:\Users\Herminghaus\Desktop\Lerngemeinschaft Anhang zur Steuer 2014 (1).xlsx
2014-09-25 20:35 - 2014-09-25 20:35 - 00965117 _____ () C:\Users\Herminghaus\Desktop\QS-Kalender ab Mai 2008 .xlsx
2014-09-25 20:35 - 2014-09-25 20:35 - 00036535 _____ () C:\Users\Herminghaus\Desktop\Bewertung MA2014 Kreiser.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-16 14:48 - 2012-07-14 21:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 14:41 - 2011-04-10 14:39 - 00000000 ____D () C:\Users\Herminghaus
2014-10-16 14:40 - 2009-11-09 14:37 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-16 14:38 - 2012-07-10 20:39 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-16 14:37 - 2012-03-09 22:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-16 14:30 - 2013-01-27 19:31 - 00000000 ____D () C:\Users\Herminghaus\Desktop\Konzeptarbeit Ennepetal
2014-10-16 13:59 - 2014-08-06 18:12 - 00000003 _____ () C:\Users\Herminghaus\AppData\Local\proxy.log
2014-10-16 13:58 - 2012-11-17 05:10 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 13:12 - 2014-08-06 17:54 - 00000356 _____ () C:\Windows\Tasks\bench-S-1-5-21-2329064924-620678914-359712183-1000.job
2014-10-16 13:00 - 2011-11-13 20:28 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{05AD0865-DC74-4D5F-8492-8A5029595024}
2014-10-16 13:00 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 13:00 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 12:56 - 2009-11-05 02:28 - 01529839 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 12:54 - 2014-06-05 20:49 - 00000436 _____ () C:\Windows\Tasks\ViewPassword Update.job
2014-10-16 12:52 - 2011-12-13 18:46 - 00000000 ___RD () C:\Users\Herminghaus\Dropbox
2014-10-16 12:52 - 2011-12-13 18:28 - 00000000 ____D () C:\Users\Herminghaus\AppData\Roaming\Dropbox
2014-10-16 12:51 - 2014-06-05 21:00 - 00001400 _____ () C:\Windows\Tasks\32b680f6-a8a2-442b-a3e2-f38e5f18b673-5.job
2014-10-16 12:51 - 2014-06-05 21:00 - 00000916 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-16 12:51 - 2014-06-05 20:49 - 00000426 _____ () C:\Windows\Tasks\ViewPassword_wd.job
2014-10-16 12:51 - 2013-12-08 14:49 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef413e376e488.job
2014-10-16 12:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 12:51 - 2009-07-14 06:51 - 00164173 _____ () C:\Windows\setupact.log
2014-10-14 17:39 - 2011-04-25 21:49 - 00000450 _____ () C:\Users\Herminghaus\AppData\Roaming\wklnhst.dat
2014-10-14 16:33 - 2013-05-06 10:19 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-14 16:33 - 2013-03-27 23:32 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 16:33 - 2013-03-27 23:32 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 19:04 - 2013-03-10 17:46 - 00004096 _____ () C:\Users\Public\Documents\000016E5.LCS
2014-10-13 15:05 - 2014-06-05 21:00 - 00000920 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-11 15:39 - 2012-02-05 17:56 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-11 15:39 - 2011-04-28 19:32 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-11 15:23 - 2011-04-11 21:06 - 00000000 ____D () C:\Users\Patrick\Documents\Versicherung
2014-10-11 15:00 - 2014-09-12 07:13 - 00000000 ____D () C:\Program Files (x86)\fst_de_173
2014-10-11 14:59 - 2013-07-14 20:43 - 00000000 ____D () C:\Users\Patrick\Documents\Patrick
2014-10-11 14:59 - 2011-04-11 21:06 - 00000000 ____D () C:\Users\Patrick\Documents\meike
2014-10-11 14:42 - 2014-06-05 20:55 - 00000000 ____D () C:\Users\Herminghaus\AppData\Local\fst_de_31
2014-09-25 20:23 - 2014-08-06 17:54 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-09-25 20:21 - 2014-06-05 20:49 - 00000000 ____D () C:\Program Files (x86)\ViewPassword-soft
2014-09-25 20:21 - 2012-11-17 05:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 20:21 - 2011-08-29 22:23 - 00000000 ____D () C:\Users\TEMP
2014-09-25 20:21 - 2011-07-28 15:33 - 00000000 ____D () C:\Users\Patrick
2014-09-25 20:21 - 2009-11-05 11:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-09-25 20:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-25 17:48 - 2012-07-14 21:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-25 17:48 - 2012-07-14 21:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-25 17:48 - 2012-07-14 21:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-22 18:56 - 2013-01-11 21:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-22 18:55 - 2011-12-13 18:43 - 00000000 ____D () C:\Users\Herminghaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-17 09:08 - 2009-11-09 21:55 - 00700592 _____ () C:\Windows\system32\perfh007.dat
2014-09-17 09:08 - 2009-11-09 21:55 - 00149356 _____ () C:\Windows\system32\perfc007.dat
2014-09-17 09:08 - 2009-07-14 07:13 - 01622004 _____ () C:\Windows\system32\PerfStringBackup.INI

Files to move or delete:
====================
C:\ProgramData\89oct.bat
C:\ProgramData\89oct.js
C:\ProgramData\89oct.pad
C:\ProgramData\89oct.reg
C:\ProgramData\odgdljwteufrmwikwbt.bat
C:\ProgramData\odgdljwteufrmwikwbt.reg
C:\ProgramData\rundll32.exe
C:\Users\Herminghaus\AppData\Roaming\AltShell.ini


Some content of TEMP:
====================
C:\Users\Herminghaus\AppData\Local\Temp\3IMBB52.exe
C:\Users\Herminghaus\AppData\Local\Temp\47088uninstall.exe
C:\Users\Herminghaus\AppData\Local\Temp\4t7D69F.exe
C:\Users\Herminghaus\AppData\Local\Temp\8Zx8545.exe
C:\Users\Herminghaus\AppData\Local\Temp\A2DD539.exe
C:\Users\Herminghaus\AppData\Local\Temp\amsetup_activeris_default_010414_installer.exe
C:\Users\Herminghaus\AppData\Local\Temp\avgnt.exe
C:\Users\Herminghaus\AppData\Local\Temp\cloud_backup_setup.exe
C:\Users\Herminghaus\AppData\Local\Temp\CLZip.exe
C:\Users\Herminghaus\AppData\Local\Temp\DivXSetup.exe
C:\Users\Herminghaus\AppData\Local\Temp\dlLogic.exe
C:\Users\Herminghaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqphox5.dll
C:\Users\Herminghaus\AppData\Local\Temp\dunzip32.dll
C:\Users\Herminghaus\AppData\Local\Temp\DWPUpgradeInstaller.exe
C:\Users\Herminghaus\AppData\Local\Temp\dzip32.dll
C:\Users\Herminghaus\AppData\Local\Temp\Extract.exe
C:\Users\Herminghaus\AppData\Local\Temp\f978377c-b7d4-4536-8e10-14ca97b13394.exe
C:\Users\Herminghaus\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Herminghaus\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Herminghaus\AppData\Local\Temp\FP_PL_PFS_INSTALLER.exe
C:\Users\Herminghaus\AppData\Local\Temp\freesofttoday.exe
C:\Users\Herminghaus\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Herminghaus\AppData\Local\Temp\HPQSi.exe
C:\Users\Herminghaus\AppData\Local\Temp\InstallAX.exe
C:\Users\Herminghaus\AppData\Local\Temp\InstallPlugin.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-6u38-windows-i586-iftw.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Herminghaus\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Herminghaus\AppData\Local\Temp\lly_webssearches.exe
C:\Users\Herminghaus\AppData\Local\Temp\media.exe
C:\Users\Herminghaus\AppData\Local\Temp\newvideoplayersetup.exe
C:\Users\Herminghaus\AppData\Local\Temp\nsa73EC.exe
C:\Users\Herminghaus\AppData\Local\Temp\nsb14BF.exe
C:\Users\Herminghaus\AppData\Local\Temp\nsg5A0.exe
C:\Users\Herminghaus\AppData\Local\Temp\nsqC162.exe
C:\Users\Herminghaus\AppData\Local\Temp\nssCD0.exe
C:\Users\Herminghaus\AppData\Local\Temp\Resource.exe
C:\Users\Herminghaus\AppData\Local\Temp\ShoppinH2.exe
C:\Users\Herminghaus\AppData\Local\Temp\SP47275.exe
C:\Users\Herminghaus\AppData\Local\Temp\SP48755.exe
C:\Users\Herminghaus\AppData\Local\Temp\sp52110.exe.exe
C:\Users\Herminghaus\AppData\Local\Temp\sp54620.exe
C:\Users\Herminghaus\AppData\Local\Temp\sp58915.exe
C:\Users\Herminghaus\AppData\Local\Temp\sp64126.exe
C:\Users\Herminghaus\AppData\Local\Temp\speedupmypc.exe
C:\Users\Herminghaus\AppData\Local\Temp\SpOrder.dll
C:\Users\Herminghaus\AppData\Local\Temp\spstub.exe
C:\Users\Herminghaus\AppData\Local\Temp\Sqlite3.dll
C:\Users\Herminghaus\AppData\Local\Temp\tbDVDV.dll
C:\Users\Herminghaus\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Herminghaus\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Herminghaus\AppData\Local\Temp\vopackage.exe
C:\Users\Herminghaus\AppData\Local\Temp\wajam_download.exe
C:\Users\Herminghaus\AppData\Local\Temp\xehhktncxabbqesgpfl.bfg
C:\Users\Herminghaus\AppData\Local\Temp\yhebfubaqbkjbuvjbia.bfg
C:\Users\Patrick\AppData\Local\Temp\AskSLib.dll
C:\Users\Patrick\AppData\Local\Temp\FlashPlayerUpdate.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-12 10:54

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-10-2014 02
Ran by Herminghaus at 2014-10-16 14:54:11
Running from C:\Users\Herminghaus\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 7.0 Professional - English, Français, Deutsch - V) (Version: 7.0.0 - Adobe Systems)
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (x32 Version: 7.0.0 - Adobe Systems) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.24.0 - Ask.com) <==== ATTENTION
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Avira SearchFree Toolbar plus Web Protection Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.5.42066 - Ask.com) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Camera WIA Driver (x32 Version: 5.1 - Canon) Hidden
Canon Camera WIA Driver (x32 Version: 5.2 - Canon) Hidden
Canon EOS 10D WIA-Treiber (HKLM-x32\...\InstallShield_{095659A2-739F-4D9A-A916-66C7CAD16F9E}) (Version: 5.1 - Canon)
Canon EOS Kiss REBEL 300D WIA-Treiber (HKLM-x32\...\InstallShield_{31A57C3E-30DD-421F-B5C7-974DACB0D05F}) (Version: 5.2 - Canon)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EGR-ShellExtension (HKLM-x32\...\EGR-ShellExtension) (Version: 1.1.0.100 - EasternGraphics)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeSoftToday 014.173 (HKLM-x32\...\fst_de_173_is1) (Version:  - FREESOFTTODAY) <==== ATTENTION
FreeSoftToday 014.187 (HKLM-x32\...\fst_de_187_is1) (Version:  - FREESOFTTODAY) <==== ATTENTION
fst_de_31 (HKLM-x32\...\fst_de_31_is1) (Version:  - fst) <==== ATTENTION
G DATA Logox4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version:  - G DATA Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.13.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HQPro-2 (HKLM-x32\...\HQPro-2) (Version: 1.34.5.29 - HQ-1.9)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 15 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416015FF}) (Version: 6.0.150 - Sun Microsystems, Inc.)
Java(TM) 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216015FF}) (Version: 6.0.290 - Sun Microsystems, Inc.)
Java(TM) SE Development Kit 6 Update 15 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160150}) (Version: 1.6.0.150 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lernwerkstatt 8 (HKLM-x32\...\InstallShield_{08BE0A17-0AB8-4B0C-88E2-EB1B4977A511}) (Version: 8.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH)
Lernwerkstatt 8 (x32 Version: 8.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH) Hidden
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OpenProj (HKLM-x32\...\{13702021-43FB-480C-912F-D9B74A538288}) (Version: 1.4.0 - Serena Software Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
QLBCASL (x32 Version: 6.40.17.2 - Hewlett-Packard) Hidden
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
Search Assistant MocaFlix 1.66 (HKLM-x32\...\SP_8e4eb48d) (Version:  - ) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Skype Toolbars (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.3.7280 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
TeamViewer 6 (HKLM-x32\...\TeamViewer 6) (Version: 6.0.10462 - TeamViewer GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewPassword (HKLM-x32\...\B4065F66-A0DA-2B5E-E25E-20F64200E01E) (Version:  - ViewPassword-software) <==== ATTENTION
VLC media player 1.1.8 (HKLM-x32\...\VLC media player) (Version: 1.1.8 - VideoLAN)
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches) <==== ATTENTION
Winamp (HKLM-x32\...\Winamp) (Version: 5.61  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WindowsProtectManger20.0.0.339 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.339 - Fuyu LIMITED) <==== ATTENTION
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{7A8CA4E5-A3BF-45A9-8A8C-D6ACFB7A39E0}) (Version: 21.00.8480 - Buhl Data Service GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Herminghaus\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Herminghaus\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Herminghaus\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Herminghaus\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2329064924-620678914-359712183-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

12-09-2014 05:14:16 Windows Update
13-09-2014 17:37:46 Windows Update
13-09-2014 18:33:15 Windows Update
15-09-2014 18:32:14 Windows Live Essentials
15-09-2014 18:35:27 DirectX wurde installiert
15-09-2014 18:36:32 DirectX wurde installiert
15-09-2014 18:37:08 DirectX wurde installiert
15-09-2014 18:39:20 WLSetup
25-09-2014 15:47:34 Geplanter Prüfpunkt
25-09-2014 18:16:00 Wiederherstellungsvorgang
12-10-2014 09:01:21 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-03-09 23:03 - 2012-07-10 19:58 - 00001163 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 adobeereg.com
127.0.0.1 hxxp://www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 192.150.18.108
127.0.0.1 activate.adobe.com:443


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2102D026-E290-48B6-BAAA-3CE446F11B6C} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()
Task: {4E0844E9-2E13-4244-8B7E-E170C9A7EDCE} - System32\Tasks\ViewPassword Update => C:\Program Files (x86)\ViewPassword-soft\ViewPasswordf46.exe [2014-06-05] () <==== ATTENTION
Task: {504119BF-31B1-4149-8BB9-9466D5E42E59} - System32\Tasks\GoogleUpdateTaskMachineCore1cef413e376e488 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.)
Task: {561F45EA-A439-475A-BF4A-3C6534D6B4CA} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-05] (globalUpdate) <==== ATTENTION
Task: {5859BF0A-4F77-42B3-8102-86F4A3C9D342} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {60FE5156-8A98-45AA-81F7-4A2E3A5899E9} - System32\Tasks\AdobeAAMUpdater-1.0-Herminghaus-PC-Herminghaus => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {7284A47C-4432-4EDA-8348-FC16CF9D9222} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-04-01] () <==== ATTENTION
Task: {7E0DD92D-A5E3-4B64-81C9-12BA8CCC4A1A} - System32\Tasks\bench-S-1-5-21-2329064924-620678914-359712183-1000 => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: {8BCD6715-C3F5-48F2-BAF5-221A42D29E47} - System32\Tasks\32b680f6-a8a2-442b-a3e2-f38e5f18b673-5 => C:\Program Files (x86)\HQPro-2\32b680f6-a8a2-442b-a3e2-f38e5f18b673-5.exe
Task: {8EDDFF5A-F3EE-47F2-9A2B-18717478EDF4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-10-07] (Microsoft)
Task: {9AECB386-4587-427E-826D-3C73245E02D0} - System32\Tasks\ViewPassword_wd => C:\Program Files (x86)\ViewPassword-soft\ViewPasswordFIXQNw.exe <==== ATTENTION
Task: {9CBD7C0B-62ED-4F56-9F71-54F962AFBE40} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.)
Task: {9D5909FF-FC15-4114-9C9A-916B6DCE00E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-08-04] (Hewlett-Packard)
Task: {A0DD72F7-3756-413D-AC0F-2026BB14AC0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {AC85FE32-58B7-4B82-BC71-0383C07D7C65} - System32\Tasks\{09C03FFC-418F-4E24-99D2-161B99FAF863} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {CADE1D0F-3BBC-449B-A7CC-735F8740767C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-17] (Google Inc.)
Task: {CDE3F478-A0D8-4DC5-9E2B-F1B52BFF9349} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-25] (Adobe Systems Incorporated)
Task: {CE61488F-DCF4-4E49-B6C0-EDD9B0711667} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-05] (globalUpdate) <==== ATTENTION
Task: {D012E929-03F3-4329-9D92-D60D5723E307} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DF4C2574-99F1-4AF6-8523-BBA405DBF3B9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {EB5F42E9-CEE5-4E0F-9B52-EE41ED44D397} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-07] ()
Task: C:\Windows\Tasks\32b680f6-a8a2-442b-a3e2-f38e5f18b673-5.job => C:\Program Files (x86)\HQPro-2\32b680f6-a8a2-442b-a3e2-f38e5f18b673-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-S-1-5-21-2329064924-620678914-359712183-1000.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef413e376e488.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ViewPassword Update.job => C:\Program Files (x86)\ViewPassword-soft\ViewPasswordf46.exe
Task: C:\Windows\Tasks\ViewPassword_wd.job => C:\Program Files (x86)\ViewPassword-soft\ViewPasswordFIXQNw.exe

==================== Loaded Modules (whitelisted) =============

2014-06-05 20:49 - 2014-06-05 20:49 - 00180736 _____ () C:\Program Files (x86)\ViewPassword-soft\ViewPasswordTA171.exe
2014-06-17 17:44 - 2014-06-17 17:44 - 00113152 _____ () C:\Program Files (x86)\Bench\Proxy\pwdg.exe
2014-10-11 14:42 - 2014-09-29 12:38 - 03970560 _____ () C:\Program Files (x86)\fst_de_187\fst_de_187.exe
2009-07-01 16:44 - 2009-07-01 16:44 - 00632888 _____ () C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
2014-06-17 17:44 - 2014-06-17 17:44 - 00422912 _____ () C:\Program Files (x86)\Bench\Proxy\proc.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-05 20:49 - 2014-06-05 20:49 - 00171520 _____ () C:\Program Files (x86)\ViewPassword-soft\ViewPasswordTA171.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-08-20 13:35 - 2009-08-20 13:35 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-10-16 12:52 - 2014-10-16 12:52 - 00043008 _____ () c:\Users\Herminghaus\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqphox5.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:AEC0AC81

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2329064924-620678914-359712183-500 - Administrator - Disabled)
Gast (S-1-5-21-2329064924-620678914-359712183-501 - Limited - Disabled)
Herminghaus (S-1-5-21-2329064924-620678914-359712183-1000 - Administrator - Enabled) => C:\Users\Herminghaus
HomeGroupUser$ (S-1-5-21-2329064924-620678914-359712183-1002 - Limited - Enabled)
Patrick (S-1-5-21-2329064924-620678914-359712183-1003 - Limited - Enabled) => C:\Users\Patrick

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2014 04:35:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6178

Error: (10/13/2014 04:35:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6178

Error: (10/13/2014 04:35:44 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/13/2014 04:35:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6552

Error: (10/13/2014 04:35:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6552

Error: (10/13/2014 04:35:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/12/2014 07:24:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6224

Error: (10/12/2014 07:24:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6224

Error: (10/12/2014 07:24:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/12/2014 10:57:49 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (10/16/2014 01:03:08 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 01:01:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (10/16/2014 01:01:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (10/16/2014 00:55:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 00:55:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 00:55:11 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 00:54:55 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 00:53:17 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 00:53:16 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (10/16/2014 00:51:38 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 59%
Total physical RAM: 4062.93 MB
Available physical RAM: 1664.19 MB
Total Pagefile: 8124.03 MB
Available Pagefile: 5315.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:285.13 GB) (Free:24.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:12.76 GB) (Free:2.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (LWS 8 Privat) (CDROM) (Total:0.66 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 11C88990)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=285.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-16 15:12:53
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-60ZCT1 rev.13.01A13 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\HERMIN~1\AppData\Local\Temp\kxrcqaod.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528                                                                                                                                                            fffff80002fc0000 45 bytes [00, 00, 51, 02, 54, 68, 72, ...]
INITKDBG  C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 575                                                                                                                                                            fffff80002fc002f 16 bytes [00, 01, 00, 00, 00, 00, 00, ...]

---- User code sections - GMER 2.1 ----

.text     C:\ProgramData\WindowsProtectManger\wprotectmanager.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                         00000000758a1465 2 bytes [8A, 75]
.text     C:\ProgramData\WindowsProtectManger\wprotectmanager.exe[1476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                        00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2168] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                      00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe[2168] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                     00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\ViewPassword-soft\ViewPasswordTA171.exe[2520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                  00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\ViewPassword-soft\ViewPasswordTA171.exe[2520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                 00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3480] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                               00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe[3548] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                                                                                    00000000758a1465 2 bytes [8A, 75]
.text     C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe[3548] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                                                                                   00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Ask.com\Updater\Updater.exe[3640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                              00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\Ask.com\Updater\Updater.exe[3640] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                             00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Bench\Proxy\pwdg.exe[3696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                     00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\Bench\Proxy\pwdg.exe[3696] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                                    00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\fst_de_187\fst_de_187.exe[3712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                                00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\fst_de_187\fst_de_187.exe[3712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                               00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[9188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                00000000758a1465 2 bytes [8A, 75]
.text     C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[9188] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                               00000000758a14bb 2 bytes [8A, 75]
.text     ...                                                                                                                                                                                                                           * 2
---- Processes - GMER 2.1 ----

Library   C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe [3548](2014-09-13 00:20:58)                                             0000000003f10000
Library   c:\users\hermin~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqphox5.dll (*** suspicious ***) @ C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe [3548](2014-10-16 10:52:25)  00000000047c0000
Library   C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe [3548](2013-08-23 19:01:44)                                                   000000006d7e0000
Library   C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\Herminghaus\AppData\Roaming\Dropbox\bin\Dropbox.exe [3548] (ICU Data DLL/The ICU Project)(2013-08-23 19:01:42)                     000000006ce50000

---- Disk sectors - GMER 2.1 ----

Disk      \Device\Harddisk0\DR0                                                                                                                                                                                                         unknown MBR code

---- EOF - GMER 2.1 ----
         

Gruß Patrick1980

Geändert von Patrick1980 (16.10.2014 um 15:42 Uhr)

Alt 16.10.2014, 16:02   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert - Standard

Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert



ein Thema reicht

http://www.trojaner-board.de/159806-...blockiert.html
__________________

__________________

 

Themen zu Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert
ask toolbar entfernen, blockiert, device driver, freesofttoday 014.173 entfernen, freesofttoday 014.187 entfernen, fst_de_31 entfernen, gruppenrichtlinie, launch, newtab, nicht öffnen, onedrive, search assistant mocaflix 1.66 entfernen, shopping helper smartbar entfernen, unregelmäßige, viewpassword entfernen, webssearches uninstaller entfernen, windowsprotectmanger, windowsprotectmanger20.0.0.339 entfernen



Ähnliche Themen: Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert


  1. RegSvr32 Fehler beim Laden des Moduls
    Plagegeister aller Art und deren Bekämpfung - 07.07.2015 (21)
  2. Win7 64: Fehler beim Laden des Moduls RegSvr32
    Plagegeister aller Art und deren Bekämpfung - 10.12.2014 (11)
  3. Windows 7: Start/ Fehlermeldung RegSvr32 Fehler beim Laden des Moduls + Avira Control Center blockiert
    Log-Analyse und Auswertung - 25.10.2014 (11)
  4. Windows 7: Fehler beim Laden des Moduls; RegSvr32; Avira Antivir öffnet nicht mehr
    Log-Analyse und Auswertung - 22.10.2014 (5)
  5. Fehler beim Laden des Moduls RegSvr32
    Plagegeister aller Art und deren Bekämpfung - 15.09.2014 (9)
  6. Fehler beim Laden des Moduls RegSvr32
    Plagegeister aller Art und deren Bekämpfung - 13.09.2014 (17)
  7. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls
    Log-Analyse und Auswertung - 01.09.2014 (13)
  8. Antivir wegen Gruppenrichtlinien blockiert und Fehler beim Laden des Moduls
    Log-Analyse und Auswertung - 30.08.2014 (5)
  9. Fehlermeldung bei Systemstart von WINDOWS 7 64-bit: RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 17.08.2014 (10)
  10. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Alles rund um Windows - 12.08.2014 (18)
  11. RegSvr32 Fehler beim Laden des Moduls/ Avira durch Gruppenrichtline blockiert
    Log-Analyse und Auswertung - 06.08.2014 (41)
  12. Win 7 - Regsvr32 - fehler beim laden des moduls
    Alles rund um Windows - 02.07.2014 (27)
  13. Win 7 - Regsvr32 - fehler beim laden des moduls III.
    Alles rund um Windows - 29.06.2014 (4)
  14. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 16.06.2014 (11)
  15. Regsvr32 Fehler beim Laden des Moduls
    Plagegeister aller Art und deren Bekämpfung - 12.06.2014 (15)
  16. Win 7: beim Start kommt eine Fehlermeldung: Regsvr32 Fehler beim laden des Moduls
    Alles rund um Windows - 11.06.2014 (1)
  17. Fehler beim Laden des Moduls RegSvr32
    Plagegeister aller Art und deren Bekämpfung - 08.06.2014 (23)

Zum Thema Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert - Hallo Trojaner-Board Team, zeit einiger Zeit bekomme ich beim Start meines PC folgende Fehlermeldung: RegSvr32 Fehler beim laden des Moduls zudem lässt sich z.Z. mein Antivir-Programm von Avira nicht öffnen, - Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert...
Archiv
Du betrachtest: Windows7: Fehlermeldung RegSvr32 Fehler beim Laden des Moduls/ Antivir-Programm wird blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.