Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.11.2014, 15:56   #1
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Betriebssystem: Windows 7 Home Premium 32-Bit, Virenscanner Avira Personal Edition

Das ganze ging los, dass sich Google Chrome nicht mehr starten lies und folgende Meldung kam:
"Google Chrome ist abgestürtzt. Jetzt neu starten?" Bei "Ja", geht ein Fenster auf: " Chrome funktioniert nicht mehr. Es wird nach einer Lösung für das Problem gesucht." - dann nächstes Fenster "Das Programm wird aufgrund eines Problems ncícht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist."

Habe dann Chrome deinstalliert und eine Neuinstallation vorgenommen - hat nichts gebracht.

Zwischenzeitlich hat dass Avira immer wieder folgende Meldung gebracht:
"Der Zugriff auf die Datei c:\windows\temp\... tmp0000b265 mit dem Virus oder dem unerwünschten Programm TR/Patched.Ren.Gen wurde blockiert. Datei entfernen oder weitere Informationen erhalten.
Habe dann "Datei entfernen" gedrückt und das nächste Mal "weitere Informationen" - hat aber beidesmal nichts gebracht. Die Meldung kommt weiterhin!

Habe dann verschiedenste Programme laufen lassen:
CCleaner, Ad-Aware, Malwarebytes, Spybot, ADWcleaner, RegouKiller, Eset-Online-Scanner

Anbei die aktuellen Protokolle FRST und Addition:

*********************************************
Additional scan result of Farbar Recovery Scan Tool (x86) Version:

01-11-2014
Ran by XXXX at 2014-11-01 16:34:16
Running from C:\Users\Abra\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-

AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-

DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564

-3A83-A0F22C2DF32B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-

9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-

9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-

3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-

32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the

fixlist to unhide them. The adware programs should be uninstalled

manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-

Packard) Hidden
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version:

1.0 - Microsoft Corporation) Hidden
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}

_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems

Incorporated)
Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen (HKLM

\...\Adobe_b0efd5c6e27241b2a2a88dbddd25245) (Version: 1.0 - Adobe

Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin)

(Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-

7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-

C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player)

(Version: 12.1.3.153 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems

Incorporated) Hidden
AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF})

(Version: 9.0.1044.9177 - AKVIS)
AKVIS NatureArt (HKLM\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805})

(Version: 5.0.1319.9143 - AKVIS)
AKVIS Retoucher (HKLM\...\{3096C412-7636-45FD-9074-F596F4417076})

(Version: 5.5.869.8634 - AKVIS)
Alamy SizeCheck (HKLM\...\{8C1A4413-DE43-4A42-8C35-DA60BB3590F3})

(Version: 1.1.6 - Braeside Communication Services)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version: - Alien

Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version: -

Alien Skin)
Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version: -

Alien Skin)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.1.2 (HKLM\...\Any DVD Cloner Platinum_is1)

(Version: - dvdsmith.com)
AnyDVD (HKLM\...\AnyDVD) (Version: - SlySoft)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-

C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-

A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-

F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 9 Ultimate (HKLM\...\AquaSoft DiaShow 9 Ultimate)

(Version: 9.0.11 - AquaSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-

BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Audials (HKLM\...\{3726429A-5B2F-409B-AEB0-2C7F6B6A20E3}) (Version:

10.0.43701.100 - Audials AG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version:

14.0.7.306 - Avira)
Banger Einzelplatz Verlage 1.1 (HKLM\...\Banger Einzelplatz

Verlage_is1) (Version: - )
Bertelsmann Fotowelt (HKLM\...\Bertelsmann Fotowelt) (Version: - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version:

3.0.0.10 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BuddyW 1.1.10 (HKLM\...\BuddyW_is1) (Version: - BuddyWorX)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1)

(Version: - Bullzip)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-

C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560})

(Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E})

(Version: 1.0.13 - Cisco Systems, Inc.)
COLOR projects premium (32-Bit) (HKLM\...

\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.13 - Franzis Verlag

GmbH)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-

0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft

Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version: - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-

A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-

079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Das Telefonbuch Gelbe Seiten Map & Route (HKLM\...\DasTelefonbuch

Gelbe Seiten Map & Route) (Version: - TVG Telefonbuch- und

Verzeichnisverlag GmbH & Co. KG)
DER PUNKT - Richmedia Plus Converter (HKLM\...\RichConverter)

(Version: 1.01 - UNKNOWN)
DER PUNKT - Richmedia Plus Converter (Version: 1.01 - UNKNOWN)

Hidden
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-

970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison)
DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DRI Tool 2.0 (HKLM\...\DRI Tool 2.0_is1) (Version: 2.0 -

Traumflieger)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DxO Optics Pro 6 (HKLM\...\{F967C307-F5BF-4EDA-9634-8CF514180881})

(Version: 6.1.2 - DxO Labs)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-

B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free

Time)
Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1)

(Version: - DVDVideoSoft Limited.)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube

Download_is1) (Version: - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.5 (HKLM\...\Free YouTube to

MP3 Converter_is1) (Version: - DVDVideoSoft Limited.)
FreeFileSync 5.20 (HKLM\...\FreeFileSync) (Version: 5.20 - Zenju)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version: - )
Genuine Fractals 6.0 Professional Edition (HKLM\...\{FCADA4FF-142C-

42A8-B73C-0A54A7F83345}) (Version: 6.0 - onOne Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 -

Google Inc.)
Google Talk Plugin (HKLM\...\{95763F66-297E-30CE-9728-6D0F20BF97F5})

(Version: 5.38.5.0 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version:

1.0.26.151 - Google, Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 -

Artifex Software Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...

\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
HDR projects professional (32-Bit) (HKLM\...

\HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.24 - Franzis Verlag

GmbH)
Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version: - Helicon

Soft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-

Packard Company) Hidden
HomepageFIX (HKLM\...\HomepageFIX_is1) (Version: Aktuelle Version -

IN MEDIA KG)
HP Customer Participation Program 13.0 (HKLM\...

\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F})

(Version: 1.03.0001 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0

- HP)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1})

(Version: 3.7.0.5723 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device

Functions) (Version: 13.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-

537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-

BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing)

(Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging

Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM\...\{E35A3B13-78CD-4967-8AC8-

AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-

4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2})

(Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-

B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-

83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B})

(Version: 1.1.1963.2799 - Hewlett-Packard Company)
indii.org/tintii (HKLM\...\tintii) (Version: - )
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version:

10.7.0.21 - Apple Inc.)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1)

(Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF})

(Version: 7.0.710 - Oracle)
join.me (HKCU\...\JoinMe) (Version: 1.9.0.133 - LogMeIn, Inc.)
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-

0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
LightScribe System Software 1.14.17.1 (HKLM\...\{0E7DBD52-B097-

4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-

0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes

Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET

Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft

Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM

\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack)

(Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET

Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...

\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version:

4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030

-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-

199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0)

(Version: - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version:

12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-

0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft

Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24

-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...

\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 -

Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

(HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version:

8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-

4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft

Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

(HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version:

9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86

9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909})

(Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...

\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 -

Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM

\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 -

Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

(HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version:

9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

(HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:

9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM

\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 -

Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C})

(Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2

(x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService)

(Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird

24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version:

1.00.0000 - Hewlett-Packard)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-

8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-

8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC})

(Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version:

1.0.0.62 - WildTangent)
Namo WebEditor 8 (HKLM\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687})

(Version: 8.00.000 - Namo Interactive, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF})

(Version: 2.5.52 - BVRP Software, Inc)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NewsletterDesigner (HKLM\...\NewsletterDesigner_is1) (Version:

Aktuelle Version - IN MEDIA KG)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-

981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA

Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-

FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96})

(Version: 3.3.9567 - OpenOffice.org)
Pano2VR - Garden Gnome Software (HKLM\...\Pano2VR) (Version: - )
PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\...

\PanoramaStudio2Pro) (Version: - )
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-

AD153139297F}) (Version: 11.5.29.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-

BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-

D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pop Art Studio 6.5 (HKLM\...\{AE48B3F0-0288-46CA-9859-3C2109E9BE7B})

(Version: 6.5 - Fotoview)
Portrait Professional Studio 9.0 (HKLM\...\Portrait Professional

Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.)
PortraitPro Studio 12.2 (HKLM\...\PortraitProStudio12_is1) (Version:

12.2 - Anthropics Technology Ltd.)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-

0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-

0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-

CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port

Monitor) (Version: - )
RichKonverter (HKLM\...\de.derpunkt.richmediaplus.Konverter)

(Version: 4.7 - UNKNOWN)
RichKonverter (Version: 4.7 - UNKNOWN) Hidden
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version: - Punk

Software)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0

- HP)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version:

1.2.1 - Nik Software, Inc.)
SoftOrbits Photo Retoucher 1.3 (HKLM\...\SoftOrbits Photo

Retoucher_is1) (Version: 1.3 - SoftOrbits)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...

\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe

Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-

9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-

FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-

9005-EB058BBA0E14}_is1) (Version: - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version:

11.1.3.0 - Synaptics)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: -

)
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity

Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...

\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-

48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10

- VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-

0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM

\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008

7.0.0.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 -

win.rar GmbH)
XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet

Pierre-e)
XnViewMP 0.61 (HKLM\...\XnViewMP_is1) (Version: 0.61 - Gougelet

Pierre-e)
X-OOM Movie Clone 5 (HKLM\...\X-OOM Movie Clone_is1) (Version: 5 -

X-OOM)

==================== Custom CLSID (selected items):

==========================

(If an entry is included in the fixlist, it will be removed from

registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{022105BD-948A-40C9-AB42-

A3300DDF097F}\localserver32 -> C:\Users\Abra\AppData\Local\Google

\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-

D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll

(Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-

A6F44A80A208}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{22181302-A8A6-4F84-A541-

E5CBFC70CC43}\localserver32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-

114A56E93598}\localserver32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-

C5C455D89593}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google

\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{444785F1-DE89-4295-863A-

D46C3A781394}\InprocServer32 -> C:\Users\Abra\AppData\LocalLow

\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies

ApS)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-

C7EA6F30C119}\localserver32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{AB9F4455-E591-4132-A386-

0B91EAEDB96C}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google

\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-

41FFC1A3C19D}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-

7CDB4F245C55}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-

05271AE86750}\localserver32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-

948E6CB34B9F}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google

\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-

1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-

CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to

reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows

\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from

registry. Any associated file could be listed separately to be

moved.)

Task: {0189B5E2-D027-475B-92C3-5BD30B45B5BC} - System32\Tasks\Apple

\AppleSoftwareUpdate => C:\Program Files\Apple Software Update

\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0B3FAA9D-B9AD-43AA-8CE4-E8D5621CD5E6} - System32\Tasks\Java

Update Scheduler => C:\Program Files\Common Files\Java\Java Update

\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {1027FE25-0662-44F6-BEFA-FE03BD2E88AF} - System32\Tasks

\Abelssoft\Updater scan => C:\Program Files\CHIP Updater

\CHIPUpdater.exe
Task: {17D4CF18-1B36-49B8-B37A-1FE511DA6170} - System32\Tasks

\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common

Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems

Incorporated)
Task: {1AA37F21-EA1C-4E91-BE2A-542590832DEB} - System32\Tasks

\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick

Start => C:\Program Files\Hewlett-Packard\HP Support Framework

\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks

\Microsoft\Windows\MobilePC\TMM
Task: {1D591226-2AD0-4166-8CFE-5AF5771A4509} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-

1000Core => C:\Users\Abra\AppData\Local\Google\Update

\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks

\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows

\system32\gatherWiredInfo.vbs
Task: {5D6FA2BD-6BCD-4F63-A02F-DDCF530D9AAC} - System32\Tasks

\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09

-25] (Piriform Ltd)
Task: {6FC93961-F7EF-4C2E-83EA-978636AFD9B2} - System32\Tasks

\{2D04646A-6173-4B20-B08F-77BAE22E8D8F} => Chrome.exe
Task: {7719501C-195E-4D96-BB87-F7B4F5846F70} - System32\Tasks

\{A8796C35-190E-4BFF-A5B9-609BC6BE5DF5} => Chrome.exe
Task: {9B841344-248D-425B-9E98-7F7687F29CB9} - System32\Tasks

\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan =>

C:\Program Files\Hewlett-Packard\HP Support Framework\Resources

\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-

Packard)
Task: {9E76933B-518B-4492-A98C-C4B1CBE9EDCE} - System32\Tasks

\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:

\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-

11-04] (Hewlett-Packard Company)
Task: {9FE713D6-2BE1-4821-A2F6-FFA0670635A8} - System32\Tasks

\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft

\Connection Service\Bin\ACDaemon.exe
Task: {A7F4A989-0006-4B13-91A1-C4CA9CA26216} - System32\Tasks

\Safer-Networking\Spybot - Search and Destroy\Refresh immunization

=> C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B249A444-7CE8-41B0-949E-981AB3BAD597} - System32\Tasks

\Safer-Networking\Spybot - Search and Destroy\Check for updates =>

C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B8C25482-F04D-49B2-8748-414697DE72B0} - System32\Tasks

\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update

\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {D73C3837-DC35-433B-921E-D3960E5E5ED0} - System32\Tasks

\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-

1000UA => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe

[2013-12-06] (Google Inc.)
Task: {DB12B18F-923A-4505-BA3A-D5BAA6DB355D} - System32\Tasks

\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update

\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E1164DFF-D885-4FFB-ACC8-362D9F18738B} - System32\Tasks

\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:

\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks

\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows

\system32\gatherWirelessInfo.vbs
Task: {E9D79F23-CC88-4F18-9F19-B47626B0AE73} - System32\Tasks\HP-

Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software

Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {EF82D5E4-CD07-40AE-A249-10FF740128A0} - System32\Tasks

\InternetServiceOffers => C:\Program Files\Hewlett-Packard\HP TCS

\RemEngine.exe [2008-10-01] ()
Task: {F69E8D8E-6AE6-495A-ABA4-826E22489983} - System32\Tasks

\Hewlett-Packard\HP Support Assistant\Update Check => C:

\ProgramData\Hewlett-Packard\HP Support Framework\Resources

\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F9054B7A-31D3-4FA8-86C9-1273BB98C59A} - System32\Tasks

\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d

sdengin2.dll,ExecuteScheduledBackup

(If an entry is included in the fixlist, the task (.job) file will

be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program

Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program

Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-

2210533201-1949205912-1000Core.job => C:\Users\Abra\AppData\Local

\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-

2210533201-1949205912-1000UA.job => C:\Users\Abra\AppData\Local

\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-16 09:22 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows

\System32\redmonnt.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program

Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program

Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\SecurityCenter.dll
2008-10-26 15:59 - 2008-10-06 09:54 - 00365952 _____ () C:\Program

Files\SMINST\BLService.exe
2008-10-26 15:59 - 2008-10-06 09:54 - 00132480 _____ () C:\Program

Files\SMINST\STWmiM.dll
2008-10-26 15:52 - 2008-09-15 15:13 - 00241734 _____ () C:\Program

Files\CyberLink\Shared files\RichVideo.exe
2014-10-28 15:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program

Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program

Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program

Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-28 15:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program

Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-28 15:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program

Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-04-18 12:21 - 2010-12-14 08:33 - 00398128 _____ () C:\Program

Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
2010-06-24 09:20 - 2007-09-02 12:57 - 00069632 _____ () C:\Program

Files\RocketDock\RocketDock.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program

Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\Localization.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00057344 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-09-30 16:56 - 2008-09-30 16:56 - 00032768 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00118784 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00040960 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00005632 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00028672 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows

\system32\msjetoledb40.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00010240 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00007168 _____ () C:\Program

Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 01581056 _____ () C:\Program

Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 12:59 - 2007-08-14 12:59 - 06365184 _____ () C:\Program

Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 00131072 _____ () C:\Program

Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-06-24 09:20 - 2007-09-02 12:58 - 00495616 _____ () C:\Program

Files\RocketDock\RocketDock.exe
2009-06-29 05:13 - 2008-09-23 16:21 - 00066856 _____ () C:\Program

Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2008-10-26 14:51 - 2008-04-11 09:04 - 00685360 _____ () C:\Program

Files\Hewlett-Packard\Shared\HpqToaster.exe
1998-05-31 23:00 - 1998-05-31 23:00 - 03792896 _____ () C:\Program

Files\Microsoft Office\Office\MSO97.DLL
2014-11-01 11:30 - 2014-11-01 11:30 - 00043008 _____ () c:\users

\abra\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-

8f84-3e3e7ecf0d81}.tmpzjf1yd.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users

\Abra\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program

Files\CCleaner\lang\lang-1031.dll
2011-01-17 16:19 - 2012-02-06 12:25 - 00985088 _____ () C:\Program

Files\OpenOffice.org 3\program\libxml2.dll
2014-10-30 20:58 - 2014-10-30 20:58 - 03649648 _____ () C:\Program

Files\Mozilla Firefox\mozjs.dll
2009-08-05 20:44 - 2008-08-08 06:04 - 00083392 _____ () C:

\Programme_NEU\totalcmd\wcmzip32.dll
2009-08-05 20:44 - 2008-08-08 06:04 - 00168448 _____ () C:

\Programme_NEU\totalcmd\unRAR.dll
2014-10-20 11:27 - 2014-10-20 11:27 - 16832176 _____ () C:\Windows

\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data

Streams will be removed.)

AlternateDataStreams: C:\Windows:3F0192B3D5C09180
AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Users\Abra\AppData\Local

\VcTuc86YT6Z:zuRfTVhHttXAFSR3lWD9nw9FH38
AlternateDataStreams: C:\ProgramData\Temp:3241321C
AlternateDataStreams: C:\ProgramData\Temp:810B9F0D
AlternateDataStreams: C:\ProgramData\Temp:B6AC352B
AlternateDataStreams: C:\ProgramData\Temp:B946D9EE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the

registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be

restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AnyDVD => "C:\Program Files\SlySoft\AnyDVD

\AnyDVD.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\MSN Messenger

\msnmsgr.exe" /background

========================= Accounts: ==========================

Abra (S-1-5-21-2602968799-2210533201-1949205912-1000 - Administrator

- Enabled) => C:\Users\Abra
Administrator (S-1-5-21-2602968799-2210533201-1949205912-500 -

Administrator - Disabled)
Gast (S-1-5-21-2602968799-2210533201-1949205912-501 - Limited -

Disabled)
HomeGroupUser$ (S-1-5-21-2602968799-2210533201-1949205912-1002 -

Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2014 04:29:19 PM) (Source: Application Error)

(EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version:

38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version:

2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x1ce4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (11/01/2014 11:31:52 AM) (Source: HP AdvisorUpdate) (EventID:

0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src

\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden

werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String

maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode,

FileAccess access, Int32 rights, Boolean useRights, FileShare share,

Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs,

String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize)
bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials

credentials)
bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String

role, Type ofObjectToReturn)
bei System.Xml.XmlReader.Create(String inputUri,

XmlReaderSettings settings, XmlParserContext inputContext)
bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace,

String schemaUri)
bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument

(String path) ValidateDocument failed Business\SearchTargets.xml

Error: (11/01/2014 11:25:45 AM) (Source: WinMgmt) (EventID: 10)

(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent

WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND

TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 04:57:26 PM) (Source: Application Hang) (EventID:

1002) (User: )
Description: Programm Snapseed.exe, Version 0.0.0.0 kann nicht mehr

unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie

den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach

weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d28

Startzeit: 01cff510fdd67570

Endzeit: 1383

Anwendungspfad: C:\Program Files\Nik Software\Snapseed\Snapseed.exe

Berichts-ID: 83850851-6116-11e4-ac82-001f16dbb3c2

Error: (10/31/2014 04:56:14 PM) (Source: Application Error)

(EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version:

38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version:

2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x1eac
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (10/31/2014 08:42:23 AM) (Source: HP AdvisorUpdate) (EventID:

0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src

\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden

werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String

maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode,

FileAccess access, Int32 rights, Boolean useRights, FileShare share,

Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs,

String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize)
bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials

credentials)
bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String

role, Type ofObjectToReturn)
bei System.Xml.XmlReader.Create(String inputUri,

XmlReaderSettings settings, XmlParserContext inputContext)
bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace,

String schemaUri)
bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument

(String path) ValidateDocument failed Business\SearchTargets.xml

Error: (10/31/2014 08:38:49 AM) (Source: WinMgmt) (EventID: 10)

(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent

WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND

TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 04:36:53 PM) (Source: Application Error)

(EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version:

38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version:

2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x268
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (10/30/2014 03:33:04 PM) (Source: Application Error)

(EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: xnview.exe, Version:

1.98.0.0, Zeitstempel: 0x4e259822
Name des fehlerhaften Moduls: gsdll32.dll, Version: 0.0.0.0,

Zeitstempel: 0x4e3bdc56
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00265900
ID des fehlerhaften Prozesses: 0x1634
Startzeit der fehlerhaften Anwendung: 0xxnview.exe0
Pfad der fehlerhaften Anwendung: xnview.exe1
Pfad des fehlerhaften Moduls: xnview.exe2
Berichtskennung: xnview.exe3

Error: (10/30/2014 08:36:44 AM) (Source: HP AdvisorUpdate) (EventID:

0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src

\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden

werden. bei System.IO.__Error.WinIOError(Int32 errorCode, String

maybeFullPath)
bei System.IO.FileStream.Init(String path, FileMode mode,

FileAccess access, Int32 rights, Boolean useRights, FileShare share,

Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs,

String msgPath, Boolean bFromProxy)
bei System.IO.FileStream..ctor(String path, FileMode mode,

FileAccess access, FileShare share, Int32 bufferSize)
bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials

credentials)
bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String

role, Type ofObjectToReturn)
bei System.Xml.XmlReader.Create(String inputUri,

XmlReaderSettings settings, XmlParserContext inputContext)
bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace,

String schemaUri)
bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument

(String path) ValidateDocument failed Business\SearchTargets.xml


System errors:
=============
Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311)

(User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der

Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle

zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem

Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine

Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-

Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311)

(User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der

Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle

zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem

Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine

Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-

Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/29/2014 05:18:55 PM) (Source: volsnap) (EventID: 25)

(User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht,

weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde.

Sie sollten die E/A-Last auf dem System verringern oder ein

Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt

wird, auswählen.

Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager)

(EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet.

Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen

werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager)

(EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem

dienstspezifischem Fehler beendet: %%-1073473535.

Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311)

(User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der

Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle

zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem

Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine

Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-

Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311)

(User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der

Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle

zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem

Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine

Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-

Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/28/2014 03:23:28 PM) (Source: Microsoft-Windows-WHEA-

Logger) (EventID: 20) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Komponente: AMD Northbridge
Fehlerquelle: 3
Fehlertyp: 11
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311)

(User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der

Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle

zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem

Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine

Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-

Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311)

(User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der

Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle

zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem

Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine

Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-

Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.


Microsoft Office Sessions:
=========================
Error: (09/13/2012 08:44:09 PM) (Source: Microsoft Office 12

Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word,

Application Version: 12.0.6661.5000, Microsoft Office Version:

12.0.6612.1000. This session lasted 880 seconds with 840 seconds of

active time. This session ended with a crash.

Error: (09/13/2012 08:28:36 PM) (Source: Microsoft Office 12

Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word,

Application Version: 12.0.6661.5000, Microsoft Office Version:

12.0.6612.1000. This session lasted 4045 seconds with 1980 seconds

of active time. This session ended with a crash.

Error: (08/20/2012 02:58:19 PM) (Source: Microsoft Office 12

Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word,

Application Version: 12.0.6661.5000, Microsoft Office Version:

12.0.6612.1000. This session lasted 726 seconds with 660 seconds of

active time. This session ended with a crash.


==================== Memory info ===========================

Processor: AMD Athlon Dual-Core QL-65
Percentage of memory in use: 64%
Total physical RAM: 2814.43 MB
Available physical RAM: 996.78 MB
Total Pagefile: 5628.85 MB
Available Pagefile: 3441.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.56 GB) (Free:14.89 GB) NTFS ==>[Drive

with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.76 GB) NTFS

==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID:

627525ED)
Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

****************************************

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-

11-2014
Ran by XXXX (administrator) on ARBEITSLAPTOP on 01-11-2014 16:31:55
Running from C:\Users\Abra\Downloads
Loaded Profile: Abra (Available profiles: Abra)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS

Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-

use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed.

The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir

Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir

Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe
(Nalpeiron Ltd.) C:\Windows\System32\ASTSRV.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe

\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy

2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy

2\SDUpdSvc.exe
() C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy

2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir

Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP

Support Framework\HPSA_Service.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files

\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files

\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared

\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office

\Office12\GrooveMonitor.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir

Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update

\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update

\jusched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files

\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus

\11.4.6792.0\AdAwareTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy

2\SDTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor

\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe

\LightScribeControlPanel.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin

\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office

\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office

\FINDFAST.EXE
(Dropbox, Inc.) C:\Users\Abra\AppData\Roaming\Dropbox\bin

\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office

\Office12\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program

\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program

\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin

\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin

\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin

\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF

\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(C. Ghisler & Co.) C:\Programme_NEU\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-

container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash

\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash

\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be

restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP

\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-

Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15]

(Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows

\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP

Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-

Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay

\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam

\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink

\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13]

(CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink

\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13]

(CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink

\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13]

(CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD

Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink

Corp.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office

\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft

Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple

\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple

Inc.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP

\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop

\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP

Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe

\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems

Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files

\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle

Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware

Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592

2014-10-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy

2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files\hewlett-

packard\hp health check\activecheck\product_line\NCPluginUpdater.exe

[21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run:

[ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20]

(Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run:

[HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor

\HPAdvisor.exe [972080 2008-09-30] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run:

[LightScribe Control Panel] => C:\Program Files\Common Files

\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09]

(Hewlett-Packard Company)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run:

[WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe

[65024 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run:

[RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616

2007-09-02] ()
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [Google

Update] => C:\Users\Abra\AppData\Local\Google\Update

\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run:

[CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe

[4810520 2014-09-25] (Piriform Ltd)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu

\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abra\AppData\Roaming

\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu

\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und

Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und

Startprogramm.lnk -> C:\Program Files\Microsoft Office

\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu

\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files

\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files

\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Startup\Microsoft Office Shortcut-Leiste.lnk
ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program

Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs

\Startup\Microsoft-Indexerstellung.lnk
ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files

\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it

will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

hxxp://ie.redirect.hp.com/svs/rdr?

TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

%SystemRoot%\system32\blank.htm
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-

D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle

Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-

9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle

Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922}

- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2}

file:///E:/viewer/ORDcmViewCD.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7}

hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -

C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

(Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:

\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft

Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:

\Program Files\Common Files\Microsoft Shared\Information Retrieval

\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program

Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704]

(Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.tixuma.de/?ref=46589
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed

\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe

\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme_NEU\Mozilla

Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programme_NEU

\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files

\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files

\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program

Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows

\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation

\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program

Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program

Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files

\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader

11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Abra

\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Abra\AppData

\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:

\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll

(Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:

\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll

(Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users

\Abra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity

Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox

\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox

\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming

\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming

\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox

\Profiles\4dl4mn8n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser

\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser

\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser

\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser

\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Abra\AppData\Roaming

\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\abs@avira.com

[2014-09-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Abra

\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default

\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02]
FF Extension: TinEye Reverse Image Search - C:\Users\Abra\AppData

\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions

\tineye@ideeinc.com.xpi [2013-12-08]
FF Extension: Web Developer - C:\Users\Abra\AppData\Roaming\Mozilla

\Firefox\Profiles\4dl4mn8n.default\Extensions\{c45c406e-ab73-11d8-

be73-000a95be3b12}.xpi [2012-10-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox

\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox

\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-

08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows

Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows

\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation

\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:

\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital

Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-22]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:

\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:

\Program Files\Mein Gutscheincode Finder\Firefox

Chrome:
=======
CHR Profile: C:\Users\Abra\AppData\Local\Google\Chrome\User Data

\Default
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] -

C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-

extension.crx []
CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] -

C:\Users\Abra\AppData\Local\Temp\tbch.crx []

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed

from the registry. The file will not be moved unless listed

separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop

\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop

\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop

\AVWEBGRD.EXE [994552 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 astcc; C:\Windows\system32\astsrv.exe [57344 2009-05-29]

(Nalpeiron Ltd.) [File not signed]
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03]

(EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files

\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

[654848 2010-06-03] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP

Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-

Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

[249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

[133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL

[694784 2009-09-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver

\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision

Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware

Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376

2014-10-15] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe

\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not

signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-

08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-

08-06] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST

\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe

[241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy

2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy

2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy

2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate

\OnlineUpdateSvc.exe [398128 2010-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed

from the registry. The file will not be moved unless listed

separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23]

(Arcsoft, Inc.) [File not signed]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [103360 2008-11-

12] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers

\Apowersoft_AudioDevice.sys [26032 2014-02-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-

10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-

07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26]

(Avira Operations GmbH & Co. KG)
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-

07] (Corel Corporation) [File not signed]
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-

07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-

07-21] (Elaborate Bytes AG)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-

10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012

-10-22] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-23]

(Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27]

(Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2012-10-22]

(RapidSolution Software AG)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-

10] (BitDefender S.R.L.)
R3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05]

(Magic Control Technology Corp.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the

registry. Any associated file could be listed separately to be

moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be

moved.)

2014-11-01 16:31 - 2014-11-01 16:32 - 00023469 _____ () C:\Users

\Abra\Downloads\FRST.txt
2014-11-01 14:16 - 2014-11-01 16:32 - 00000000 ____D () C:\FRST
2014-11-01 14:15 - 2014-11-01 14:15 - 01105920 _____ (Farbar) C:

\Users\Abra\Downloads\FRST.exe
2014-11-01 13:01 - 2014-11-01 13:01 - 00000000 ____D () C:\Program

Files\ESET
2014-11-01 13:00 - 2014-11-01 13:00 - 02347384 _____ (ESET) C:

\Users\Abra\Downloads\esetsmartinstaller_deu.exe
2014-10-31 08:38 - 2014-10-31 08:38 - 00000308 _____ () C:\Windows

\PFRO.log
2014-10-30 20:58 - 2014-10-30 20:58 - 00000000 ____D () C:\Program

Files\Mozilla Firefox
2014-10-30 16:36 - 2014-10-30 16:36 - 00002197 _____ () C:\Users

\Public\Desktop\Google Chrome.lnk
2014-10-30 16:36 - 2014-10-30 16:36 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-30 16:35 - 2014-11-01 15:40 - 00001094 _____ () C:\Windows

\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 16:34 - 2014-11-01 11:29 - 00001090 _____ () C:\Windows

\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 16:34 - 2014-10-30 16:44 - 00000000 ____D () C:\Users

\Abra\AppData\Local\Google
2014-10-30 09:15 - 2014-10-30 09:15 - 00002503 _____ () C:\Users

\Public\Desktop\Snapseed.lnk
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Users

\Abra\AppData\Local\Nik Software
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapseed
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Program

Files\Nik Software
2014-10-29 17:14 - 2014-11-01 16:05 - 02447996 _____ () C:\Windows

\setupact.log
2014-10-29 17:14 - 2014-10-29 17:14 - 00000000 _____ () C:\Windows

\setuperr.log
2014-10-29 12:21 - 2014-10-29 12:21 - 00880272 _____ (Google Inc.)

C:\Users\Abra\Downloads\ChromeSetup.exe
2014-10-29 09:32 - 2014-10-29 09:32 - 00012902 _____ () C:\Windows

\system32\cc_20141029_093205.reg
2014-10-28 18:16 - 2014-11-01 16:31 - 00000000 ____D () C:\Users

\Abra\AppData\Local\CrashDumps
2014-10-28 16:03 - 2014-10-28 16:03 - 00034808 _____ () C:\Windows

\system32\Drivers\TrueSight.sys
2014-10-28 16:03 - 2014-10-28 16:03 - 00000000 ____D () C:

\ProgramData\RogueKiller
2014-10-28 15:59 - 2014-10-28 16:02 - 17318026 _____ () C:\Users

\Abra\Downloads\RogueKiller_10.0.3.zip
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users

\Abra\AppData\Local\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:

\ProgramData\XDMessagingv4
2014-10-28 15:44 - 2014-10-28 15:52 - 00000000 ____D () C:\Program

Files\CHIP Updater
2014-10-28 15:33 - 2014-10-28 18:00 - 00000000 ____D () C:

\ProgramData\Spybot - Search & Destroy
2014-10-28 15:33 - 2014-10-28 15:51 - 00000000 ____D () C:\Program

Files\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:34 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search &

Destroy 2
2014-10-28 15:33 - 2014-10-28 15:33 - 00002135 _____ () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start

Center.lnk
2014-10-28 15:33 - 2014-10-28 15:33 - 00002123 _____ () C:\Users

\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2013-09-20 10:49 - 00018968 _____ (Safer

Networking Limited) C:\Windows\system32\sdnclean.exe
2014-10-28 15:31 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus

GmbH) C:\Windows\system32\dhRichClient3.dll
2014-10-28 15:31 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows

\system32\sqlite36_engine.dll
2014-10-28 15:08 - 2014-10-28 15:09 - 01125200 _____ () C:\Users

\Abra\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-10-28 15:03 - 2014-10-28 15:03 - 01998336 _____ () C:\Users

\Abra\Downloads\adwcleaner_4.002.exe
2014-10-25 10:10 - 2014-10-25 10:11 - 00633265 _____ () C:\Users

\Abra\Downloads\wirwarenunsterblich.epub
2014-10-24 15:36 - 2014-11-01 11:26 - 00002305 _____ () C:\Users

\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-24 15:36 - 2014-10-24 15:36 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Program

Files\Common Files\Lavasoft
2014-10-24 15:30 - 2014-10-24 15:30 - 01754248 _____ () C:\Users

\Abra\Downloads\Adaware_Installer.exe
2014-10-24 15:25 - 2014-10-24 15:25 - 00006624 _____ () C:\Windows

\system32\cc_20141024_162530.reg
2014-10-23 13:43 - 2014-10-23 13:43 - 00000000 ____D () C:\Users

\Abra\AppData\Local\AquaSoft
2014-10-23 13:41 - 2014-10-23 13:43 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\AquaSoft
2014-10-23 12:59 - 2014-10-23 12:59 - 00320120 _____ (Duplex Secure

Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-10-23 12:58 - 2014-10-23 12:58 - 00001129 _____ () C:\Users

\Public\Desktop\DiaShow 9 Ultimate.lnk
2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 __HDC () C:

\ProgramData\{BEB9E475-E659-4956-9850-27F51DD50863}
2014-10-23 12:57 - 2014-10-23 12:57 - 00000000 ____D () C:\Program

Files\Common Files\AquaSoft
2014-10-23 12:56 - 2014-10-23 12:56 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2014-10-23 12:55 - 2014-10-23 12:55 - 00000000 ____D () C:\Program

Files\AquaSoft
2014-10-22 17:59 - 2014-10-22 18:00 - 30843037 _____ () C:\Users

\Abra\Downloads\PDFsam_224.zip
2014-10-22 10:01 - 2014-10-22 10:01 - 13074360 _____ (SoftOrbits )

C:\Users\Abra\Downloads\SORetoucher.exe
2014-10-21 13:29 - 2014-10-21 13:29 - 00000000 ____D () C:\Program

Files\Common Files\Java
2014-10-21 13:29 - 2014-10-21 13:27 - 00272808 _____ (Oracle

Corporation) C:\Windows\system32\javaws.exe
2014-10-21 13:28 - 2014-10-21 13:28 - 00096680 _____ (Oracle

Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 13:28 - 2014-10-21 13:28 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle

Corporation) C:\Windows\system32\javaw.exe
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle

Corporation) C:\Windows\system32\java.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00701104 _____ (Adobe Systems

Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00071344 _____ (Adobe Systems

Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-18 13:34 - 2014-10-18 13:38 - 00002441 _____ () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader

XI.lnk
2014-10-18 13:34 - 2014-10-18 13:34 - 00001989 _____ () C:\Users

\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 21:52 - 2014-10-17 21:53 - 00034102 _____ () C:\Windows

\system32\cc_20141017_225226.reg
2014-10-16 17:00 - 2014-10-17 12:57 - 00114904 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:00 - 2014-10-16 17:00 - 00001064 _____ () C:\Users

\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

Anti-Malware
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:

\ProgramData\Malwarebytes
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\Program

Files\ Malwarebytes Anti-Malware
2014-10-16 16:59 - 2014-10-01 10:11 - 00075480 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes

Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-16 16:54 - 2014-10-16 16:54 - 19828376 _____ (Malwarebytes

Corporation ) C:\Users\Abra\Downloads\mbam-setup-2.0.3.1025_CB-DL-

Manager [1].exe
2014-10-15 10:24 - 2014-10-15 10:24 - 00000000 ____D () C:\Program

Files\Lavasoft
2014-10-15 10:02 - 2014-10-15 10:02 - 00000969 _____ () C:\Users

\Public\Desktop\CCleaner.lnk
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:

\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\Program

Files\CCleaner
2014-10-15 10:00 - 2014-10-15 10:00 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\LavasoftStatistics
2014-10-15 09:56 - 2014-10-15 09:56 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Lavasoft
2014-10-15 09:54 - 2014-10-15 09:54 - 00000000 ____D () C:

\ProgramData\Lavasoft
2014-10-15 09:39 - 2014-10-15 09:39 - 04964488 _____ (Piriform Ltd)

C:\Users\Abra\Downloads\ccsetup418.exe
2014-10-15 09:19 - 2014-10-15 09:19 - 00000000 ____D () C:\Windows

\system32\Adobe
2014-10-15 09:05 - 2014-10-28 15:19 - 00000000 ____D () C:

\AdwCleaner
2014-10-15 09:03 - 2014-09-29 01:41 - 02379264 _____ (Microsoft

Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft

Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft

Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft

Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft

Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft

Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft

Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft

Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft

Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft

Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:02 - 2014-09-19 02:14 - 00004096 _____ (Microsoft

Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft

Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft

Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft

Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft

Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft

Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft

Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft

Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft

Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft

Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:02 - 2014-09-19 01:50 - 00108032 _____ (Microsoft

Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft

Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:02 - 2014-09-19 01:44 - 00646144 _____ (Microsoft

Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft

Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft

Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:02 - 2014-09-19 01:20 - 00677888 _____ (Microsoft

Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft

Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft

Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft

Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft

Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft

Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft

Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft

Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft

Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft

Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft

Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft

Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft

Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft

Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft

Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft

Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft

Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:01 - 2014-07-17 02:02 - 00031232 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 09:01 - 2014-06-18 23:23 - 01131664 _____ (Microsoft

Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00156824 _____ (Microsoft

Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00081560 _____ (Microsoft

Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00259584 _____ (Microsoft

Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00247808 _____ (Microsoft

Corporation) C:\Windows\system32\schannel.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00220160 _____ (Microsoft

Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00172032 _____ (Microsoft

Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050688 _____ (Microsoft

Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050176 _____ (Microsoft

Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00027648 _____ (Microsoft

Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:00 - 2014-08-19 03:40 - 00096768 _____ (Microsoft

Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:00 - 2014-08-19 03:40 - 00016896 _____ (Microsoft

Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:00 - 2014-08-19 02:48 - 00050176 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:00 - 2014-07-07 02:40 - 11411456 _____ (Microsoft

Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 03208704 _____ (Microsoft

Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01329664 _____ (Microsoft

Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01174528 _____ (Microsoft

Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01005056 _____ (Microsoft

Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00988160 _____ (Microsoft

Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00744960 _____ (Microsoft

Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00617984 _____ (Microsoft

Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00516096 _____ (Microsoft

Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00504320 _____ (Microsoft

Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00489984 _____ (Microsoft

Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00473600 _____ (Microsoft

Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00442880 _____ (Microsoft

Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00406016 _____ (Microsoft

Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00374784 _____ (Microsoft

Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00354816 _____ (Microsoft

Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00275968 _____ (Microsoft

Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00265216 _____ (Microsoft

Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00195584 _____ (Microsoft

Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00179200 _____ (Microsoft

Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00157184 _____ (Microsoft

Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00143872 _____ (Microsoft

Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00103424 _____ (Microsoft

Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00081408 _____ (Microsoft

Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00008192 _____ (Microsoft

Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft

Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft

Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:00 - 2014-07-07 02:39 - 12625408 _____ (Microsoft

Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:00 - 2014-07-07 02:39 - 03970488 _____ (Microsoft

Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 03914680 _____ (Microsoft

Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00100864 _____ (Microsoft

Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00050176 _____ (Microsoft

Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00023040 _____ (Microsoft

Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:00 - 2014-07-07 02:37 - 00002048 _____ (Microsoft

Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:00 - 2014-07-07 02:28 - 00593920 _____ (Microsoft

Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:00 - 2014-06-28 01:21 - 00521384 _____ (Microsoft

Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00455752 _____ (Microsoft

Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00409272 _____ (Microsoft

Corporation) C:\Windows\system32\ci.dll
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users

\Abra\AppData\Local\EmieUserList
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users

\Abra\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be

moved.)

2014-11-01 16:22 - 2013-12-06 15:36 - 00001116 _____ () C:\Windows

\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-

1949205912-1000UA.job
2014-11-01 16:22 - 2010-05-13 18:05 - 01288881 _____ () C:\Windows

\WindowsUpdate.log
2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows

\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-

439d-8115-601632D005A0
2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows

\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-

439d-8115-601632D005A0
2014-11-01 11:38 - 2011-12-04 12:40 - 00000000 _____ () C:\Windows

\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-01 11:38 - 2009-08-22 16:58 - 00000052 _____ () C:\Windows

\system32\DOErrors.log
2014-11-01 11:31 - 2014-02-12 10:15 - 00000000 ___RD () C:\Users

\Abra\Dropbox
2014-11-01 11:31 - 2014-02-12 10:11 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Dropbox
2014-11-01 11:29 - 2010-05-13 18:21 - 00000248 _____ () C:

\ProgramData\hpqp.ini
2014-11-01 11:25 - 2012-04-25 08:12 - 00000000 ____D () C:\Program

Files\Mozilla Maintenance Service
2014-11-01 11:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows

\Tasks\SA.DAT
2014-10-31 16:54 - 2009-08-05 21:10 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\XnView
2014-10-31 14:26 - 2014-04-13 16:35 - 00001062 _____ () C:\Users

\Abra\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2014-10-31 13:33 - 2010-05-13 18:20 - 01612484 _____ () C:\Windows

\system32\PerfStringBackup.INI
2014-10-31 10:22 - 2013-12-06 15:36 - 00001064 _____ () C:\Windows

\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-

1949205912-1000Core.job
2014-10-30 16:35 - 2013-08-26 12:10 - 00000000 ____D () C:\Program

Files\Google
2014-10-30 08:55 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users

\Public
2014-10-29 20:22 - 2009-10-06 09:59 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Mozilla
2014-10-29 17:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows

\Microsoft.NET
2014-10-29 09:25 - 2014-01-07 11:49 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+

Auto Backup
2014-10-29 08:50 - 2009-07-14 05:33 - 01849920 _____ () C:\Windows

\system32\FNTCACHE.DAT
2014-10-28 15:58 - 2010-05-13 18:21 - 00145216 _____ () C:\Users

\Abra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 15:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows

\system32\de-DE
2014-10-28 15:35 - 2011-03-28 11:50 - 00000000 ____D () C:\Program

Files\Microsoft.NET
2014-10-28 06:35 - 2009-10-03 10:10 - 00229000 ____N (Microsoft

Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 14:13 - 2009-08-03 15:59 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Adobe
2014-10-27 10:30 - 2010-11-24 08:29 - 00000000 ____D () C:\Users

\Abra\Documents\Eigene Scans
2014-10-24 20:34 - 2014-02-14 21:44 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\PanoramaStudio2Pro
2014-10-24 15:54 - 2012-05-16 09:54 - 00000000 ____D () C:\Users

\Abra\AppData\Local\FreePDF_XP
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program

Files\Common Files\ArcSoft
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program

Files\ArcSoft
2014-10-23 14:37 - 2008-10-26 14:35 - 00000000 ___HD () C:\Program

Files\InstallShield Installation Information
2014-10-21 13:29 - 2013-10-28 18:47 - 00000000 ____D () C:

\ProgramData\Oracle
2014-10-21 13:27 - 2008-10-26 15:55 - 00000000 ____D () C:\Program

Files\Java
2014-10-20 11:32 - 2014-08-19 08:44 - 00000000 ____D () C:\Users

\Abra\AppData\Local\Adobe
2014-10-18 13:34 - 2009-11-23 10:32 - 00000000 ____D () C:\Program

Files\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:

\ProgramData\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\Program

Files\Common Files\Adobe
2014-10-16 11:41 - 2013-08-15 16:11 - 00000000 ____D () C:\Windows

\rescache
2014-10-15 14:01 - 2008-10-26 15:36 - 00000000 ____D () C:

\ProgramData\Microsoft Help
2014-10-15 13:56 - 2013-08-14 12:06 - 00000000 ____D () C:\Windows

\system32\MRT
2014-10-15 13:45 - 2010-05-14 09:40 - 100290944 _____ (Microsoft

Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:18 - 2010-06-09 13:32 - 00000000 ____D () C:\Users

\Abra\AppData\Roaming\Media Player Classic
2014-10-15 10:17 - 2010-05-15 17:02 - 00000000 ____D () C:\Windows

\Minidump
2014-10-15 10:17 - 2010-05-14 03:08 - 00000000 ____D () C:\Windows

\Panther
2014-10-14 10:50 - 2008-10-26 15:23 - 00000000 ____D () C:\Windows

\system32\Macromed
2014-10-14 05:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows

\system32\NDF
2014-10-07 09:37 - 2013-10-14 10:33 - 00037384 _____ (Avira

Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00136216 _____ (Avira

Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00098160 _____ (Avira

Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Abra\AppData\Local\Temp\avgnt.exe
C:\Users\Abra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-

5766-8f84-3e3e7ecf0d81}.tmpzjf1yd.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 20:14

==================== End Of Log ============================

***********************

Was kann ich jetzt noch machen? Vorab vielen, vielen ... Dank!

Alt 01.11.2014, 15:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.11.2014, 17:20   #3
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Hey Schrauber,
dankr für das Feedback.

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-11-2014
Ran by XXXX (administrator) on ARBEITSLAPTOP on 01-11-2014 16:31:55
Running from C:\Users\Abra\Downloads
Loaded Profile: Abra (Available profiles: Abra)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nalpeiron Ltd.) C:\Windows\System32\ASTSRV.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
(Dropbox, Inc.) C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(C. Ghisler & Co.) C:\Programme_NEU\totalcmd\TOTALCMD.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-09-30] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [Google Update] => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4810520 2014-09-25] (Piriform Ltd)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Shortcut-Leiste.lnk
ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft-Indexerstellung.lnk
ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Presario&pf=cnnb
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.tixuma.de/?ref=46589
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme_NEU\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programme_NEU\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02]
FF Extension: TinEye Reverse Image Search - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\tineye@ideeinc.com.xpi [2013-12-08]
FF Extension: Web Developer - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-10-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-22]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox

Chrome: 
=======
CHR Profile: C:\Users\Abra\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Abra\AppData\Local\Temp\tbch.crx []

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 astcc; C:\Windows\system32\astsrv.exe [57344 2009-05-29] (Nalpeiron Ltd.) [File not signed]
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-03] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe [398128 2010-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [103360 2008-11-12] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-02-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-23] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2012-10-22] (RapidSolution Software AG)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.)
R3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 16:31 - 2014-11-01 16:32 - 00023469 _____ () C:\Users\Abra\Downloads\FRST.txt
2014-11-01 14:16 - 2014-11-01 16:32 - 00000000 ____D () C:\FRST
2014-11-01 14:15 - 2014-11-01 14:15 - 01105920 _____ (Farbar) C:\Users\Abra\Downloads\FRST.exe
2014-11-01 13:01 - 2014-11-01 13:01 - 00000000 ____D () C:\Program Files\ESET
2014-11-01 13:00 - 2014-11-01 13:00 - 02347384 _____ (ESET) C:\Users\Abra\Downloads\esetsmartinstaller_deu.exe
2014-10-31 08:38 - 2014-10-31 08:38 - 00000308 _____ () C:\Windows\PFRO.log
2014-10-30 20:58 - 2014-10-30 20:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-30 16:36 - 2014-10-30 16:36 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-30 16:36 - 2014-10-30 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-30 16:35 - 2014-11-01 15:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 16:34 - 2014-11-01 11:29 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 16:34 - 2014-10-30 16:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Google
2014-10-30 09:15 - 2014-10-30 09:15 - 00002503 _____ () C:\Users\Public\Desktop\Snapseed.lnk
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Users\Abra\AppData\Local\Nik Software
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapseed
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Program Files\Nik Software
2014-10-29 17:14 - 2014-11-01 16:05 - 02447996 _____ () C:\Windows\setupact.log
2014-10-29 17:14 - 2014-10-29 17:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-29 12:21 - 2014-10-29 12:21 - 00880272 _____ (Google Inc.) C:\Users\Abra\Downloads\ChromeSetup.exe
2014-10-29 09:32 - 2014-10-29 09:32 - 00012902 _____ () C:\Windows\system32\cc_20141029_093205.reg
2014-10-28 18:16 - 2014-11-01 16:31 - 00000000 ____D () C:\Users\Abra\AppData\Local\CrashDumps
2014-10-28 16:03 - 2014-10-28 16:03 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-28 16:03 - 2014-10-28 16:03 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-28 15:59 - 2014-10-28 16:02 - 17318026 _____ () C:\Users\Abra\Downloads\RogueKiller_10.0.3.zip
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Local\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-28 15:44 - 2014-10-28 15:52 - 00000000 ____D () C:\Program Files\CHIP Updater
2014-10-28 15:33 - 2014-10-28 18:00 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-28 15:33 - 2014-10-28 15:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:33 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2014-10-28 15:33 - 00002123 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-10-28 15:31 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-10-28 15:31 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-10-28 15:08 - 2014-10-28 15:09 - 01125200 _____ () C:\Users\Abra\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-10-28 15:03 - 2014-10-28 15:03 - 01998336 _____ () C:\Users\Abra\Downloads\adwcleaner_4.002.exe
2014-10-25 10:10 - 2014-10-25 10:11 - 00633265 _____ () C:\Users\Abra\Downloads\wirwarenunsterblich.epub
2014-10-24 15:36 - 2014-11-01 11:26 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-24 15:36 - 2014-10-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-24 15:30 - 2014-10-24 15:30 - 01754248 _____ () C:\Users\Abra\Downloads\Adaware_Installer.exe
2014-10-24 15:25 - 2014-10-24 15:25 - 00006624 _____ () C:\Windows\system32\cc_20141024_162530.reg
2014-10-23 13:43 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Local\AquaSoft
2014-10-23 13:41 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\AquaSoft
2014-10-23 12:59 - 2014-10-23 12:59 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-10-23 12:58 - 2014-10-23 12:58 - 00001129 _____ () C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 __HDC () C:\ProgramData\{BEB9E475-E659-4956-9850-27F51DD50863}
2014-10-23 12:57 - 2014-10-23 12:57 - 00000000 ____D () C:\Program Files\Common Files\AquaSoft
2014-10-23 12:56 - 2014-10-23 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2014-10-23 12:55 - 2014-10-23 12:55 - 00000000 ____D () C:\Program Files\AquaSoft
2014-10-22 17:59 - 2014-10-22 18:00 - 30843037 _____ () C:\Users\Abra\Downloads\PDFsam_224.zip
2014-10-22 10:01 - 2014-10-22 10:01 - 13074360 _____ (SoftOrbits ) C:\Users\Abra\Downloads\SORetoucher.exe
2014-10-21 13:29 - 2014-10-21 13:29 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-21 13:29 - 2014-10-21 13:27 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-21 13:28 - 2014-10-21 13:28 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 13:28 - 2014-10-21 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-18 13:34 - 2014-10-18 13:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-18 13:34 - 2014-10-18 13:34 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 21:52 - 2014-10-17 21:53 - 00034102 _____ () C:\Windows\system32\cc_20141017_225226.reg
2014-10-16 17:00 - 2014-10-17 12:57 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:00 - 2014-10-16 17:00 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-10-16 16:59 - 2014-10-01 10:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-16 16:54 - 2014-10-16 16:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Abra\Downloads\mbam-setup-2.0.3.1025_CB-DL-Manager [1].exe
2014-10-15 10:24 - 2014-10-15 10:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-15 10:02 - 2014-10-15 10:02 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 10:00 - 2014-10-15 10:00 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\LavasoftStatistics
2014-10-15 09:56 - 2014-10-15 09:56 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Lavasoft
2014-10-15 09:54 - 2014-10-15 09:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-15 09:39 - 2014-10-15 09:39 - 04964488 _____ (Piriform Ltd) C:\Users\Abra\Downloads\ccsetup418.exe
2014-10-15 09:19 - 2014-10-15 09:19 - 00000000 ____D () C:\Windows\system32\Adobe
2014-10-15 09:05 - 2014-10-28 15:19 - 00000000 ____D () C:\AdwCleaner
2014-10-15 09:03 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:02 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:02 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:02 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:02 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:01 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 09:01 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:00 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:00 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:00 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:00 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:00 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:00 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:00 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:00 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:00 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieUserList
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 16:22 - 2013-12-06 15:36 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job
2014-11-01 16:22 - 2010-05-13 18:05 - 01288881 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 12:47 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 11:38 - 2011-12-04 12:40 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-01 11:38 - 2009-08-22 16:58 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-11-01 11:31 - 2014-02-12 10:15 - 00000000 ___RD () C:\Users\Abra\Dropbox
2014-11-01 11:31 - 2014-02-12 10:11 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Dropbox
2014-11-01 11:29 - 2010-05-13 18:21 - 00000248 _____ () C:\ProgramData\hpqp.ini
2014-11-01 11:25 - 2012-04-25 08:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-01 11:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-31 16:54 - 2009-08-05 21:10 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\XnView
2014-10-31 14:26 - 2014-04-13 16:35 - 00001062 _____ () C:\Users\Abra\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2014-10-31 13:33 - 2010-05-13 18:20 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-31 10:22 - 2013-12-06 15:36 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job
2014-10-30 16:35 - 2013-08-26 12:10 - 00000000 ____D () C:\Program Files\Google
2014-10-30 08:55 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-10-29 20:22 - 2009-10-06 09:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Mozilla
2014-10-29 17:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-29 09:25 - 2014-01-07 11:49 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-10-29 08:50 - 2009-07-14 05:33 - 01849920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 15:58 - 2010-05-13 18:21 - 00145216 _____ () C:\Users\Abra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 15:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-28 15:35 - 2011-03-28 11:50 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-28 06:35 - 2009-10-03 10:10 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 14:13 - 2009-08-03 15:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Adobe
2014-10-27 10:30 - 2010-11-24 08:29 - 00000000 ____D () C:\Users\Abra\Documents\Eigene Scans
2014-10-24 20:34 - 2014-02-14 21:44 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\PanoramaStudio2Pro
2014-10-24 15:54 - 2012-05-16 09:54 - 00000000 ____D () C:\Users\Abra\AppData\Local\FreePDF_XP
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\ArcSoft
2014-10-23 14:37 - 2008-10-26 14:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-21 13:29 - 2013-10-28 18:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 13:27 - 2008-10-26 15:55 - 00000000 ____D () C:\Program Files\Java
2014-10-20 11:32 - 2014-08-19 08:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Adobe
2014-10-18 13:34 - 2009-11-23 10:32 - 00000000 ____D () C:\Program Files\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-16 11:41 - 2013-08-15 16:11 - 00000000 ____D () C:\Windows\rescache
2014-10-15 14:01 - 2008-10-26 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 13:56 - 2013-08-14 12:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:45 - 2010-05-14 09:40 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:18 - 2010-06-09 13:32 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Media Player Classic
2014-10-15 10:17 - 2010-05-15 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-10-15 10:17 - 2010-05-14 03:08 - 00000000 ____D () C:\Windows\Panther
2014-10-14 10:50 - 2008-10-26 15:23 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-14 05:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-07 09:37 - 2013-10-14 10:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Abra\AppData\Local\Temp\avgnt.exe
C:\Users\Abra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjf1yd.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 20:14

==================== End Of Log ============================
         
--- --- ---


***************************************************

Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-11-2014
Ran by XXXX at 2014-11-01 16:34:16
Running from C:\Users\Abra\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen (HKLM\...\Adobe_b0efd5c6e27241b2a2a88dbddd25245) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF}) (Version: 9.0.1044.9177 - AKVIS)
AKVIS NatureArt (HKLM\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 5.0.1319.9143 - AKVIS)
AKVIS Retoucher (HKLM\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)
Alamy SizeCheck (HKLM\...\{8C1A4413-DE43-4A42-8C35-DA60BB3590F3}) (Version: 1.1.6 - Braeside Communication Services)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version:  - Alien Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version:  - Alien Skin)
Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version:  - Alien Skin)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.1.2 (HKLM\...\Any DVD Cloner Platinum_is1) (Version:  - dvdsmith.com)
AnyDVD (HKLM\...\AnyDVD) (Version:  - SlySoft)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 9 Ultimate (HKLM\...\AquaSoft DiaShow 9 Ultimate) (Version: 9.0.11 - AquaSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Audials (HKLM\...\{3726429A-5B2F-409B-AEB0-2C7F6B6A20E3}) (Version: 10.0.43701.100 - Audials AG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Banger Einzelplatz Verlage 1.1 (HKLM\...\Banger Einzelplatz Verlage_is1) (Version:  - )
Bertelsmann Fotowelt (HKLM\...\Bertelsmann Fotowelt) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BuddyW 1.1.10 (HKLM\...\BuddyW_is1) (Version:  - BuddyWorX)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1) (Version:  - Bullzip)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
COLOR projects premium (32-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.13 - Franzis Verlag GmbH)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version:  - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Das Telefonbuch Gelbe Seiten Map & Route (HKLM\...\DasTelefonbuch Gelbe Seiten Map & Route) (Version:  - TVG Telefonbuch- und Verzeichnisverlag GmbH & Co. KG)
DER PUNKT - Richmedia Plus Converter (HKLM\...\RichConverter) (Version: 1.01 - UNKNOWN)
DER PUNKT - Richmedia Plus Converter (Version: 1.01 - UNKNOWN) Hidden
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison)
DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DRI Tool 2.0 (HKLM\...\DRI Tool 2.0_is1) (Version: 2.0 - Traumflieger)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DxO Optics Pro 6 (HKLM\...\{F967C307-F5BF-4EDA-9634-8CF514180881}) (Version: 6.1.2 - DxO Labs)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free Time)
Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.5 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
FreeFileSync 5.20 (HKLM\...\FreeFileSync) (Version: 5.20 - Zenju)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
Genuine Fractals 6.0 Professional Edition (HKLM\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 6.0 - onOne Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Talk Plugin (HKLM\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version:  - )
HDR projects professional (32-Bit) (HKLM\...\HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.24 - Franzis Verlag GmbH)
Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version:  - Helicon Soft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HomepageFIX (HKLM\...\HomepageFIX_is1) (Version: Aktuelle Version - IN MEDIA KG)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
indii.org/tintii (HKLM\...\tintii) (Version:  - )
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
join.me (HKCU\...\JoinMe) (Version: 1.9.0.133 - LogMeIn, Inc.)
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version:  - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Namo WebEditor 8 (HKLM\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NewsletterDesigner (HKLM\...\NewsletterDesigner_is1) (Version: Aktuelle Version - IN MEDIA KG)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Pano2VR - Garden Gnome Software (HKLM\...\Pano2VR) (Version:  - )
PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\...\PanoramaStudio2Pro) (Version:  - )
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pop Art Studio 6.5 (HKLM\...\{AE48B3F0-0288-46CA-9859-3C2109E9BE7B}) (Version: 6.5 - Fotoview)
Portrait Professional Studio 9.0 (HKLM\...\Portrait Professional Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.)
PortraitPro Studio 12.2 (HKLM\...\PortraitProStudio12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RichKonverter (HKLM\...\de.derpunkt.richmediaplus.Konverter) (Version: 4.7 - UNKNOWN)
RichKonverter (Version: 4.7 - UNKNOWN) Hidden
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version:  - Punk Software)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
SoftOrbits Photo Retoucher 1.3 (HKLM\...\SoftOrbits Photo Retoucher_is1) (Version: 1.3 - SoftOrbits)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version:  - )
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e)
XnViewMP 0.61 (HKLM\...\XnViewMP_is1) (Version: 0.61 - Gougelet Pierre-e)
X-OOM Movie Clone 5 (HKLM\...\X-OOM Movie Clone_is1) (Version: 5 - X-OOM)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0189B5E2-D027-475B-92C3-5BD30B45B5BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0B3FAA9D-B9AD-43AA-8CE4-E8D5621CD5E6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {1027FE25-0662-44F6-BEFA-FE03BD2E88AF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {17D4CF18-1B36-49B8-B37A-1FE511DA6170} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {1AA37F21-EA1C-4E91-BE2A-542590832DEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1D591226-2AD0-4166-8CFE-5AF5771A4509} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5D6FA2BD-6BCD-4F63-A02F-DDCF530D9AAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {6FC93961-F7EF-4C2E-83EA-978636AFD9B2} - System32\Tasks\{2D04646A-6173-4B20-B08F-77BAE22E8D8F} => Chrome.exe 
Task: {7719501C-195E-4D96-BB87-F7B4F5846F70} - System32\Tasks\{A8796C35-190E-4BFF-A5B9-609BC6BE5DF5} => Chrome.exe 
Task: {9B841344-248D-425B-9E98-7F7687F29CB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {9E76933B-518B-4492-A98C-C4B1CBE9EDCE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9FE713D6-2BE1-4821-A2F6-FFA0670635A8} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {A7F4A989-0006-4B13-91A1-C4CA9CA26216} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B249A444-7CE8-41B0-949E-981AB3BAD597} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B8C25482-F04D-49B2-8748-414697DE72B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {D73C3837-DC35-433B-921E-D3960E5E5ED0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {DB12B18F-923A-4505-BA3A-D5BAA6DB355D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E1164DFF-D885-4FFB-ACC8-362D9F18738B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E9D79F23-CC88-4F18-9F19-B47626B0AE73} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {EF82D5E4-CD07-40AE-A249-10FF740128A0} - System32\Tasks\InternetServiceOffers => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-01] ()
Task: {F69E8D8E-6AE6-495A-ABA4-826E22489983} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F9054B7A-31D3-4FA8-86C9-1273BB98C59A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-16 09:22 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2008-10-26 15:59 - 2008-10-06 09:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-26 15:59 - 2008-10-06 09:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-26 15:52 - 2008-09-15 15:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-10-28 15:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-28 15:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-28 15:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-04-18 12:21 - 2010-12-14 08:33 - 00398128 _____ () C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
2010-06-24 09:20 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-09-30 16:56 - 2008-09-30 16:56 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00118784 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 12:59 - 2007-08-14 12:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-06-24 09:20 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe
2009-06-29 05:13 - 2008-09-23 16:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2008-10-26 14:51 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
1998-05-31 23:00 - 1998-05-31 23:00 - 03792896 _____ () C:\Program Files\Microsoft Office\Office\MSO97.DLL
2014-11-01 11:30 - 2014-11-01 11:30 - 00043008 _____ () c:\users\abra\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzjf1yd.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Abra\AppData\Roaming\Dropbox\bin\libcef.dll
2014-09-25 19:44 - 2014-09-25 19:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-01-17 16:19 - 2012-02-06 12:25 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-10-30 20:58 - 2014-10-30 20:58 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2009-08-05 20:44 - 2008-08-08 06:04 - 00083392 _____ () C:\Programme_NEU\totalcmd\wcmzip32.dll
2009-08-05 20:44 - 2008-08-08 06:04 - 00168448 _____ () C:\Programme_NEU\totalcmd\unRAR.dll
2014-10-20 11:27 - 2014-10-20 11:27 - 16832176 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:3F0192B3D5C09180
AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Users\Abra\AppData\Local\VcTuc86YT6Z:zuRfTVhHttXAFSR3lWD9nw9FH38
AlternateDataStreams: C:\ProgramData\Temp:3241321C
AlternateDataStreams: C:\ProgramData\Temp:810B9F0D
AlternateDataStreams: C:\ProgramData\Temp:B6AC352B
AlternateDataStreams: C:\ProgramData\Temp:B946D9EE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AnyDVD => "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

========================= Accounts: ==========================

Abra (S-1-5-21-2602968799-2210533201-1949205912-1000 - Administrator - Enabled) => C:\Users\Abra
Administrator (S-1-5-21-2602968799-2210533201-1949205912-500 - Administrator - Disabled)
Gast (S-1-5-21-2602968799-2210533201-1949205912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2602968799-2210533201-1949205912-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/01/2014 04:29:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x1ce4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (11/01/2014 11:31:52 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden.   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
   bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
   bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
   bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
   bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
   bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
   bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml

Error: (11/01/2014 11:25:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2014 04:57:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Snapseed.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d28

Startzeit: 01cff510fdd67570

Endzeit: 1383

Anwendungspfad: C:\Program Files\Nik Software\Snapseed\Snapseed.exe

Berichts-ID: 83850851-6116-11e4-ac82-001f16dbb3c2

Error: (10/31/2014 04:56:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x1eac
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (10/31/2014 08:42:23 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden.   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
   bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
   bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
   bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
   bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
   bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
   bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml

Error: (10/31/2014 08:38:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/30/2014 04:36:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 38.0.2125.111, Zeitstempel: 0x5447163b
Name des fehlerhaften Moduls: YCWebCameraSource.ax, Version: 2.0.0.1427, Zeitstempel: 0x47c5225b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00014aee
ID des fehlerhaften Prozesses: 0x268
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (10/30/2014 03:33:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: xnview.exe, Version: 1.98.0.0, Zeitstempel: 0x4e259822
Name des fehlerhaften Moduls: gsdll32.dll, Version: 0.0.0.0, Zeitstempel: 0x4e3bdc56
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00265900
ID des fehlerhaften Prozesses: 0x1634
Startzeit der fehlerhaften Anwendung: 0xxnview.exe0
Pfad der fehlerhaften Anwendung: xnview.exe1
Pfad des fehlerhaften Moduls: xnview.exe2
Berichtskennung: xnview.exe3

Error: (10/30/2014 08:36:44 AM) (Source: HP AdvisorUpdate) (EventID: 0) (User: )
Description: Ein Teil des Pfades "C:\_pack6\hp-advisor\src\HPAdvisor\Shared\Content\xsd\HPAdvisor.xsd" konnte nicht gefunden werden.   bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   bei System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
   bei System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
   bei System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
   bei System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
   bei System.Xml.XmlReader.Create(String inputUri, XmlReaderSettings settings, XmlParserContext inputContext)
   bei System.Xml.Schema.XmlSchemaSet.Add(String targetNamespace, String schemaUri)
   bei HPAdvisor.Common.Content.CategoryCollection.ValidateDocument(String path) ValidateDocument failed Business\SearchTargets.xml


System errors:
=============
Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/30/2014 08:32:50 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/29/2014 05:18:55 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "C:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.

Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/29/2014 10:31:56 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/29/2014 08:50:22 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/28/2014 03:23:28 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 20) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.

Komponente: AMD Northbridge
Fehlerquelle: 3
Fehlertyp: 11
Prozessor-ID: 0

Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.

Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.

Error: (10/28/2014 08:47:42 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "001F16DBB3C2", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die 
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung 
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar 
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.


Microsoft Office Sessions:
=========================
Error: (09/13/2012 08:44:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 880 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (09/13/2012 08:28:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4045 seconds with 1980 seconds of active time.  This session ended with a crash.

Error: (08/20/2012 02:58:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 726 seconds with 660 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: AMD Athlon Dual-Core QL-65
Percentage of memory in use: 64%
Total physical RAM: 2814.43 MB
Available physical RAM: 996.78 MB
Total Pagefile: 5628.85 MB
Available Pagefile: 3441.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1912.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.56 GB) (Free:14.89 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 627525ED)
Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
VG
__________________

Alt 02.11.2014, 12:27   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.11.2014, 15:07   #5
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Hier das Logfile von Combofix:

Code:
ATTFilter
ComboFix 14-10-29.01 - Abra 02.11.2014  14:19:54.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.2814.1470 [GMT 1:00]
ausgeführt von:: c:\users\Abra\Downloads\ComboFix.exe
AV: Ad-Aware Antivirus *Disabled/Outdated* {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
FW: Ad-Aware Firewall *Disabled* {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
SP: Ad-Aware Antivirus *Disabled/Outdated* {631A84A5-349B-D564-3A83-A0F22C2DF32B}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Abra\4.0
c:\windows\system32\cc_20141029_093205.reg
c:\windows\unin0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-02 bis 2014-11-02  ))))))))))))))))))))))))))))))
.
.
2014-11-02 13:34 . 2014-11-02 13:34	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-01 13:16 . 2014-11-01 15:37	--------	d-----w-	C:\FRST
2014-11-01 10:38 . 2014-11-02 13:24	62576	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{99FAED11-AC52-4BA6-A44D-24AC334DF704}\offreg.dll
2014-10-31 07:49 . 2014-10-14 20:13	8901368	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{99FAED11-AC52-4BA6-A44D-24AC334DF704}\mpengine.dll
2014-10-30 15:34 . 2014-10-30 15:44	--------	d-----w-	c:\users\Abra\AppData\Local\Google
2014-10-30 08:15 . 2014-10-30 08:15	--------	d-----w-	c:\users\Abra\AppData\Local\Nik Software
2014-10-30 08:15 . 2014-10-30 08:15	--------	d-----w-	c:\program files\Nik Software
2014-10-28 17:16 . 2014-11-01 15:31	--------	d-----w-	c:\users\Abra\AppData\Local\CrashDumps
2014-10-28 15:03 . 2014-10-28 15:03	34808	----a-w-	c:\windows\system32\drivers\TrueSight.sys
2014-10-28 15:03 . 2014-10-28 15:03	--------	d-----w-	c:\programdata\RogueKiller
2014-10-28 14:45 . 2014-10-28 14:45	--------	d-----w-	c:\programdata\XDMessagingv4
2014-10-28 14:45 . 2014-10-28 14:45	--------	d-----w-	c:\users\Abra\AppData\Roaming\Abelssoft
2014-10-28 14:45 . 2014-10-28 14:45	--------	d-----w-	c:\users\Abra\AppData\Local\Abelssoft
2014-10-28 14:44 . 2014-10-28 14:52	--------	d-----w-	c:\program files\CHIP Updater
2014-10-28 14:33 . 2013-09-20 09:49	18968	----a-w-	c:\windows\system32\sdnclean.exe
2014-10-28 14:33 . 2014-11-02 13:16	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2014-10-28 14:33 . 2014-10-28 14:51	--------	d-----w-	c:\program files\Spybot - Search & Destroy 2
2014-10-28 14:31 . 2011-05-13 11:16	493056	----a-w-	c:\windows\system32\dhRichClient3.dll
2014-10-28 14:31 . 2011-03-25 19:42	338432	----a-w-	c:\windows\system32\sqlite36_engine.dll
2014-10-24 14:33 . 2014-10-24 14:33	--------	d-----w-	c:\program files\Common Files\Lavasoft
2014-10-24 14:25 . 2014-10-24 14:25	6624	----a-w-	c:\windows\system32\cc_20141024_162530.reg
2014-10-23 12:43 . 2014-10-23 12:43	--------	d-----w-	c:\users\Abra\AppData\Local\AquaSoft
2014-10-23 12:41 . 2014-10-23 12:43	--------	d-----w-	c:\users\Abra\AppData\Roaming\AquaSoft
2014-10-23 11:59 . 2014-10-23 11:59	320120	----a-w-	c:\windows\system32\drivers\sptd.sys
2014-10-23 11:58 . 2014-10-23 11:58	--------	dc-h--w-	c:\programdata\{BEB9E475-E659-4956-9850-27F51DD50863}
2014-10-23 11:57 . 2014-10-23 11:57	--------	d-----w-	c:\program files\Common Files\AquaSoft
2014-10-23 11:55 . 2014-10-23 11:55	--------	d-----w-	c:\program files\AquaSoft
2014-10-21 12:29 . 2014-10-21 12:29	--------	d-----w-	c:\program files\Common Files\Java
2014-10-21 12:28 . 2014-10-21 12:28	96680	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2014-10-20 10:27 . 2014-10-20 10:27	71344	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2014-10-20 10:27 . 2014-10-20 10:27	701104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2014-10-17 20:52 . 2014-10-17 20:53	34102	----a-w-	c:\windows\system32\cc_20141017_225226.reg
2014-10-16 16:00 . 2014-10-17 11:57	114904	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-16 15:59 . 2014-10-01 09:11	51928	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-10-16 15:59 . 2014-10-01 09:11	75480	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-10-16 15:59 . 2014-10-01 09:11	23256	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-10-16 15:59 . 2014-10-16 15:59	--------	d-----w-	c:\program files\ Malwarebytes Anti-Malware 
2014-10-16 15:59 . 2014-10-16 15:59	--------	d-----w-	c:\programdata\Malwarebytes
2014-10-15 09:24 . 2014-10-15 09:24	--------	d-----w-	c:\program files\Lavasoft
2014-10-15 09:02 . 2014-10-15 09:02	--------	d-----w-	c:\program files\CCleaner
2014-10-15 08:56 . 2014-10-15 08:56	--------	d-----w-	c:\users\Abra\AppData\Roaming\Lavasoft
2014-10-15 08:54 . 2014-10-15 08:54	--------	d-----w-	c:\programdata\Lavasoft
2014-10-15 08:19 . 2014-10-15 08:19	--------	d-----w-	c:\windows\system32\Adobe
2014-10-15 08:05 . 2014-10-28 14:19	--------	d-----w-	C:\AdwCleaner
2014-10-15 08:03 . 2014-09-29 00:41	2379264	----a-w-	c:\windows\system32\win32k.sys
2014-10-15 08:01 . 2014-07-17 01:39	3221504	----a-w-	c:\windows\system32\mstscax.dll
2014-10-15 08:00 . 2014-07-07 01:40	988160	----a-w-	c:\windows\system32\drmv2clt.dll
2014-10-13 16:57 . 2014-10-13 16:57	--------	d-sh--w-	c:\users\Abra\AppData\Local\EmieUserList
2014-10-13 16:57 . 2014-10-13 16:57	--------	d-sh--w-	c:\users\Abra\AppData\Local\EmieSiteList
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-28 05:35 . 2009-10-03 09:10	229000	------w-	c:\windows\system32\MpSigStub.exe
2014-10-07 08:37 . 2013-10-14 09:33	37384	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-10-07 08:37 . 2013-10-14 09:31	98160	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-10-07 08:37 . 2013-10-14 09:31	136216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-08-23 01:46 . 2014-08-28 05:49	305152	----a-w-	c:\windows\system32\gdi32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
"HPAdvisor"="c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-09-30 972080]
"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-06-09 2363392]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-07-14 65024]
"RocketDock"="c:\program files\RocketDock\RocketDock.exe" [2007-09-02 495616]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2014-09-25 4810520]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-17 1049896]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-23 13797920]
"QlbCtrl.exe"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-08-01 202032]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2008-09-23 468264]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-12-24 222504]
"UpdateLBPShortCut"="c:\program files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdateP2GoShortCut"="c:\program files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePDIRShortCut"="c:\program files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]
"UpdatePSTShortCut"="c:\program files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2008-10-06 210216]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"FreePDF Assistant"="c:\program files\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2014-10-07 703736]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-09-12 959176]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-09-26 271744]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe" [2014-10-15 7670592]
"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2014-06-24 4101576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-10-21 21720]
.
c:\users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
OpenOffice.org 3.3.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2010-12-13 1198592]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
Microsoft Office Shortcut-Leiste.lnk - c:\program files\Microsoft Office\Office\MSOFFICE.EXE [1997-9-3 339456]
Microsoft-Indexerstellung.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-9-3 111376]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0\0sdnclean.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AnyDVD]
2008-11-12 17:29	89024	----a-w-	c:\program files\SlySoft\AnyDVD\AnyDVD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2007-01-19 11:55	5674352	----a-w-	c:\program files\MSN Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ArcSoft Connection Service"=c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files\Hp\HP Software Update\HPWuSchd2.exe
"iTunesHelper"="c:\programme_neu\iTunesHelper.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
.
R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2009-07-14 20992]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-09-19 108032]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2011-08-02 18432]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys [2012-10-22 31848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2013-10-27 1343400]
R4 AntiVirWebService;Avira Browser-Schutz;c:\program files\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-10-07 994552]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-11-26 37352]
S1 crlscsi;crlscsi; [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files\Avira\AntiVir Desktop\sched.exe [2014-10-07 431920]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [2014-10-15 656376]
S2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\SMINST\BLService.exe [2008-10-06 365952]
S2 TVGOnlineUpdateSvc;TVG OnlineUpdate-Service;c:\program files\TVG\OnlineUpdate\OnlineUpdateSvc.exe [2010-12-14 398128]
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice;c:\windows\system32\drivers\Apowersoft_AudioDevice.sys [2014-02-02 26032]
S3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys [2012-10-22 31848]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12	REG_MULTI_SZ   	Pml Driver HPZ12 Net Driver HPZ12
HPService	REG_MULTI_SZ   	HPSLPSVC
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-30 15:35	1089352	----a-w-	c:\program files\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-10-30 15:34]
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2014-10-30 15:34]
.
2014-10-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job
- c:\users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06 14:36]
.
2014-11-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job
- c:\users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06 14:36]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uDefault_Search_URL = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &AOL Toolbar-Suche - c:\programdata\AOL\ieToolbar\resources\de-DE\local\search.html
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube Download - c:\users\Abra\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Abra\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} - file:///E:/viewer/ORDcmViewCD.ocx
FF - ProfilePath - c:\users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.tixuma.de/?ref=46589
FF - ExtSQL: !HIDDEN! 2010-05-13 18:34; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2010-09-22 22:26; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Notify-SDWinLogon - SDWinLogon.dll
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2602968799-2210533201-1949205912-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*0*#*8*&*2*d*b*c*b*7*7*0*&*0*&*c*n*0*6*4*5*q*2*,±d\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-2602968799-2210533201-1949205912-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*0*0*#*8*&*2*d*b*c*b*7*7*0*&*0*&*c*n*0*6*4*5*q*2*@„0B\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-11-02  14:39:03
ComboFix-quarantined-files.txt  2014-11-02 13:39
.
Vor Suchlauf: 10 Verzeichnis(se), 14.647.734.272 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 14.530.506.752 Bytes frei
.
- - End Of File - - 4C14ACEBAC7B2938E85094F471D6F0EF
A36C5E4F47E84449FF07ED3517B43A31
         
Hallo "schrauber",
nach der Ausführung der Combofix.exe und dem anschließenden Neubooten des PC feht das Windows-Hintergrundbild (Screen komplett schwarz) und die Bildschirmauflösung hat sich verstellt. Ist das normal?


Alt 03.11.2014, 10:51   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Zitat:
nach der Ausführung der Combofix.exe und dem anschließenden Neubooten des PC feht das Windows-Hintergrundbild (Screen komplett schwarz) und die Bildschirmauflösung hat sich verstellt. Ist das normal?
Eigentlich nicht. Kannst Du es wieder umstellen?


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen

Alt 04.11.2014, 14:53   #7
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Hallo "schrauber",

über Systemeinstellungen konnte ich den PC wieder "einstellen".

Zwischenzeitlich habe ich auch alle Files zusammen:

mbam.txt

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.11.2014
Suchlauf-Zeit: 10:37:40
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.04.02
Rootkit Datenbank: v2014.11.01.02
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Abra

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 324102
Verstrichene Zeit: 37 Min, 16 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-2602968799-2210533201-1949205912-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [606256e186f661d5d555f55eda29e21e], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
***********************
AdwCleaner[S3].txt:

Code:
ATTFilter
# AdwCleaner v4.002 - Bericht erstellt am 04/11/2014 um 13:22:27
# DB v2014-11-02.1
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Abra - ARBEITSLAPTOP
# Gestartet von : C:\Users\Abra\Downloads\adwcleaner_4.002.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.0.2 (x86 de)


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [23408 octets] - [15/10/2014 09:05:30]
AdwCleaner[R1].txt - [23469 octets] - [15/10/2014 09:40:01]
AdwCleaner[R2].txt - [23528 octets] - [15/10/2014 09:46:42]
AdwCleaner[R3].txt - [23452 octets] - [15/10/2014 11:43:47]
AdwCleaner[R4].txt - [1840 octets] - [28/10/2014 15:05:53]
AdwCleaner[R5].txt - [2505 octets] - [04/11/2014 11:47:13]
AdwCleaner[S0].txt - [344 octets] - [15/10/2014 09:52:12]
AdwCleaner[S1].txt - [18470 octets] - [15/10/2014 11:53:55]
AdwCleaner[S2].txt - [1893 octets] - [28/10/2014 15:19:00]
AdwCleaner[S3].txt - [2418 octets] - [04/11/2014 13:22:27]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2478 octets] ##########
         
***************************************

JRT.txt:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.5 (10.31.2014:1)
OS: Windows 7 Home Premium x86
Ran by Abra on 04.11.2014 at 14:49:59,56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\Users\Abra\AppData\Roaming\mozilla\firefox\profiles\4dl4mn8n.default\searchplugins\avira-safesearch.xml
Emptied folder: C:\Users\Abra\AppData\Roaming\mozilla\firefox\profiles\4dl4mn8n.default\minidumps [632 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.11.2014 at 14:54:10,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
*******************************

FRST.txt:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Abra (administrator) on ARBEITSLAPTOP on 04-11-2014 15:19:55
Running from C:\Users\Abra\Downloads
Loaded Profile: Abra (Available profiles: Abra)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nalpeiron Ltd.) C:\Windows\System32\ASTSRV.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
(Dropbox, Inc.) C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-09-30] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4810520 2014-09-25] (Piriform Ltd)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Shortcut-Leiste.lnk
ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft-Indexerstellung.lnk
ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.tixuma.de/?ref=46589
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme_NEU\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programme_NEU\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02]
FF Extension: TinEye Reverse Image Search - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\tineye@ideeinc.com.xpi [2013-12-08]
FF Extension: Web Developer - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-10-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-22]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox

Chrome: 
=======
CHR Profile: C:\Users\Abra\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Abra\AppData\Local\Temp\tbch.crx []

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 astcc; C:\Windows\system32\astsrv.exe [57344 2009-05-29] (Nalpeiron Ltd.) [File not signed]
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-03] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe [398128 2010-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [103360 2008-11-12] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-02-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-23] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2012-10-22] (RapidSolution Software AG)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.)
R3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Abra\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 15:19 - 2014-11-04 15:21 - 00023010 _____ () C:\Users\Abra\Downloads\FRST.txt
2014-11-04 15:19 - 2014-11-04 15:19 - 00000000 ____D () C:\Users\Abra\Downloads\FRST-OlderVersion
2014-11-04 14:54 - 2014-11-04 14:54 - 00000963 _____ () C:\Users\Abra\Desktop\JRT.txt
2014-11-04 14:49 - 2014-11-04 14:49 - 00000000 ____D () C:\Windows\ERUNT
2014-11-04 14:46 - 2014-11-04 14:47 - 01706359 _____ (Thisisu) C:\Users\Abra\Downloads\JRT.exe
2014-11-04 11:29 - 2014-11-04 11:29 - 00001375 _____ () C:\Users\Abra\Desktop\mbam.txt
2014-11-02 14:39 - 2014-11-02 14:39 - 00017468 _____ () C:\ComboFix.txt
2014-11-02 14:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-02 14:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-02 14:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-02 14:14 - 2014-11-02 14:39 - 00000000 ____D () C:\Qoobox
2014-11-02 14:13 - 2014-11-02 14:36 - 00000000 ____D () C:\Windows\erdnt
2014-11-02 14:06 - 2014-11-02 14:06 - 05591672 ____R (Swearware) C:\Users\Abra\Downloads\ComboFix.exe
2014-11-01 14:16 - 2014-11-04 15:20 - 00000000 ____D () C:\FRST
2014-11-01 14:15 - 2014-11-04 15:19 - 01106432 _____ (Farbar) C:\Users\Abra\Downloads\FRST.exe
2014-11-01 13:00 - 2014-11-01 13:00 - 02347384 _____ (ESET) C:\Users\Abra\Downloads\esetsmartinstaller_deu.exe
2014-10-31 08:38 - 2014-11-04 13:24 - 00001168 _____ () C:\Windows\PFRO.log
2014-10-30 20:58 - 2014-10-30 20:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-30 16:36 - 2014-10-30 16:36 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-30 16:36 - 2014-10-30 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-30 16:35 - 2014-11-04 14:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 16:34 - 2014-11-04 14:26 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 16:34 - 2014-10-30 16:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Google
2014-10-30 09:15 - 2014-10-30 09:15 - 00002503 _____ () C:\Users\Public\Desktop\Snapseed.lnk
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Users\Abra\AppData\Local\Nik Software
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapseed
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Program Files\Nik Software
2014-10-29 17:14 - 2014-11-04 15:16 - 04177938 _____ () C:\Windows\setupact.log
2014-10-29 17:14 - 2014-10-29 17:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-29 12:21 - 2014-10-29 12:21 - 00880272 _____ (Google Inc.) C:\Users\Abra\Downloads\ChromeSetup.exe
2014-10-28 18:16 - 2014-11-02 16:32 - 00000000 ____D () C:\Users\Abra\AppData\Local\CrashDumps
2014-10-28 16:03 - 2014-10-28 16:03 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-28 16:03 - 2014-10-28 16:03 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-28 15:59 - 2014-10-28 16:02 - 17318026 _____ () C:\Users\Abra\Downloads\RogueKiller_10.0.3.zip
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Local\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-28 15:44 - 2014-10-28 15:52 - 00000000 ____D () C:\Program Files\CHIP Updater
2014-10-28 15:33 - 2014-11-02 14:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-28 15:33 - 2014-10-28 15:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:33 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2014-10-28 15:33 - 00002123 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-10-28 15:31 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-10-28 15:31 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-10-28 15:08 - 2014-10-28 15:09 - 01125200 _____ () C:\Users\Abra\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-10-28 15:03 - 2014-10-28 15:03 - 01998336 _____ () C:\Users\Abra\Downloads\adwcleaner_4.002.exe
2014-10-25 10:10 - 2014-10-25 10:11 - 00633265 _____ () C:\Users\Abra\Downloads\wirwarenunsterblich.epub
2014-10-24 15:36 - 2014-11-04 13:25 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-24 15:36 - 2014-10-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-24 15:30 - 2014-10-24 15:30 - 01754248 _____ () C:\Users\Abra\Downloads\Adaware_Installer.exe
2014-10-24 15:25 - 2014-10-24 15:25 - 00006624 _____ () C:\Windows\system32\cc_20141024_162530.reg
2014-10-23 13:43 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Local\AquaSoft
2014-10-23 13:41 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\AquaSoft
2014-10-23 12:59 - 2014-10-23 12:59 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-10-23 12:58 - 2014-10-23 12:58 - 00001129 _____ () C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 __HDC () C:\ProgramData\{BEB9E475-E659-4956-9850-27F51DD50863}
2014-10-23 12:57 - 2014-10-23 12:57 - 00000000 ____D () C:\Program Files\Common Files\AquaSoft
2014-10-23 12:56 - 2014-10-23 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2014-10-23 12:55 - 2014-10-23 12:55 - 00000000 ____D () C:\Program Files\AquaSoft
2014-10-22 17:59 - 2014-10-22 18:00 - 30843037 _____ () C:\Users\Abra\Downloads\PDFsam_224.zip
2014-10-22 10:01 - 2014-10-22 10:01 - 13074360 _____ (SoftOrbits ) C:\Users\Abra\Downloads\SORetoucher.exe
2014-10-21 13:29 - 2014-10-21 13:29 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-21 13:29 - 2014-10-21 13:27 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-21 13:28 - 2014-10-21 13:28 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 13:28 - 2014-10-21 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-18 13:34 - 2014-10-18 13:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-18 13:34 - 2014-10-18 13:34 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 21:52 - 2014-10-17 21:53 - 00034102 _____ () C:\Windows\system32\cc_20141017_225226.reg
2014-10-16 17:00 - 2014-11-04 10:37 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:00 - 2014-10-16 17:00 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-10-16 16:59 - 2014-10-01 10:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-16 16:54 - 2014-10-16 16:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Abra\Downloads\mbam-setup-2.0.3.1025_CB-DL-Manager [1].exe
2014-10-15 10:24 - 2014-10-15 10:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-15 10:02 - 2014-10-15 10:02 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 10:00 - 2014-10-15 10:00 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\LavasoftStatistics
2014-10-15 09:56 - 2014-10-15 09:56 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Lavasoft
2014-10-15 09:54 - 2014-10-15 09:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-15 09:39 - 2014-10-15 09:39 - 04964488 _____ (Piriform Ltd) C:\Users\Abra\Downloads\ccsetup418.exe
2014-10-15 09:19 - 2014-10-15 09:19 - 00000000 ____D () C:\Windows\system32\Adobe
2014-10-15 09:05 - 2014-11-04 13:22 - 00000000 ____D () C:\AdwCleaner
2014-10-15 09:03 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:02 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:02 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:02 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:02 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:01 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 09:01 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:00 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:00 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:00 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:00 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:00 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:00 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:00 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:00 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:00 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieUserList
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-04 15:22 - 2013-12-06 15:36 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job
2014-11-04 14:34 - 2014-02-12 10:15 - 00000000 ___RD () C:\Users\Abra\Dropbox
2014-11-04 14:34 - 2014-02-12 10:11 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Dropbox
2014-11-04 14:31 - 2010-05-13 18:05 - 01440611 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 14:26 - 2010-05-13 18:21 - 00000248 _____ () C:\ProgramData\hpqp.ini
2014-11-04 13:33 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 13:33 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 13:25 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 10:34 - 2010-05-13 18:20 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 10:22 - 2013-12-06 15:36 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job
2014-11-02 21:58 - 2014-02-14 21:44 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\PanoramaStudio2Pro
2014-11-02 20:18 - 2009-08-05 21:10 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\XnView
2014-11-02 14:39 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-11-02 14:39 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-11-02 14:34 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2014-11-02 14:33 - 2010-05-13 17:19 - 00000000 ____D () C:\Users\Abra
2014-11-01 11:38 - 2011-12-04 12:40 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-01 11:38 - 2009-08-22 16:58 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-11-01 11:25 - 2012-04-25 08:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-31 14:26 - 2014-04-13 16:35 - 00001062 _____ () C:\Users\Abra\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2014-10-30 16:35 - 2013-08-26 12:10 - 00000000 ____D () C:\Program Files\Google
2014-10-29 20:22 - 2009-10-06 09:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Mozilla
2014-10-29 17:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-29 09:25 - 2014-01-07 11:49 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-10-29 08:50 - 2009-07-14 05:33 - 01849920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 15:58 - 2010-05-13 18:21 - 00145216 _____ () C:\Users\Abra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 15:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-28 15:35 - 2011-03-28 11:50 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-28 06:35 - 2009-10-03 10:10 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 14:13 - 2009-08-03 15:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Adobe
2014-10-27 10:30 - 2010-11-24 08:29 - 00000000 ____D () C:\Users\Abra\Documents\Eigene Scans
2014-10-24 15:54 - 2012-05-16 09:54 - 00000000 ____D () C:\Users\Abra\AppData\Local\FreePDF_XP
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\ArcSoft
2014-10-23 14:37 - 2008-10-26 14:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-21 13:29 - 2013-10-28 18:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 13:27 - 2008-10-26 15:55 - 00000000 ____D () C:\Program Files\Java
2014-10-20 11:32 - 2014-08-19 08:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Adobe
2014-10-18 13:34 - 2009-11-23 10:32 - 00000000 ____D () C:\Program Files\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-16 11:41 - 2013-08-15 16:11 - 00000000 ____D () C:\Windows\rescache
2014-10-15 14:01 - 2008-10-26 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 13:56 - 2013-08-14 12:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:45 - 2010-05-14 09:40 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:18 - 2010-06-09 13:32 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Media Player Classic
2014-10-15 10:17 - 2010-05-15 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-10-15 10:17 - 2010-05-14 03:08 - 00000000 ____D () C:\Windows\Panther
2014-10-14 10:50 - 2008-10-26 15:23 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-14 05:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-07 09:37 - 2013-10-14 10:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Abra\AppData\Local\Temp\avgnt.exe
C:\Users\Abra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjoloqj.dll
C:\Users\Abra\AppData\Local\Temp\Quarantine.exe
C:\Users\Abra\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 20:14

==================== End Of Log ============================
         
--- --- ---


***************************

Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Abra at 2014-11-04 15:22:26
Running from C:\Users\Abra\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen (HKLM\...\Adobe_b0efd5c6e27241b2a2a88dbddd25245) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF}) (Version: 9.0.1044.9177 - AKVIS)
AKVIS NatureArt (HKLM\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 5.0.1319.9143 - AKVIS)
AKVIS Retoucher (HKLM\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)
Alamy SizeCheck (HKLM\...\{8C1A4413-DE43-4A42-8C35-DA60BB3590F3}) (Version: 1.1.6 - Braeside Communication Services)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version:  - Alien Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version:  - Alien Skin)
Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version:  - Alien Skin)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.1.2 (HKLM\...\Any DVD Cloner Platinum_is1) (Version:  - dvdsmith.com)
AnyDVD (HKLM\...\AnyDVD) (Version:  - SlySoft)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 9 Ultimate (HKLM\...\AquaSoft DiaShow 9 Ultimate) (Version: 9.0.11 - AquaSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Audials (HKLM\...\{3726429A-5B2F-409B-AEB0-2C7F6B6A20E3}) (Version: 10.0.43701.100 - Audials AG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Banger Einzelplatz Verlage 1.1 (HKLM\...\Banger Einzelplatz Verlage_is1) (Version:  - )
Bertelsmann Fotowelt (HKLM\...\Bertelsmann Fotowelt) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BuddyW 1.1.10 (HKLM\...\BuddyW_is1) (Version:  - BuddyWorX)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1) (Version:  - Bullzip)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
COLOR projects premium (32-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.13 - Franzis Verlag GmbH)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version:  - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Das Telefonbuch Gelbe Seiten Map & Route (HKLM\...\DasTelefonbuch Gelbe Seiten Map & Route) (Version:  - TVG Telefonbuch- und Verzeichnisverlag GmbH & Co. KG)
DER PUNKT - Richmedia Plus Converter (HKLM\...\RichConverter) (Version: 1.01 - UNKNOWN)
DER PUNKT - Richmedia Plus Converter (Version: 1.01 - UNKNOWN) Hidden
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison)
DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DRI Tool 2.0 (HKLM\...\DRI Tool 2.0_is1) (Version: 2.0 - Traumflieger)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DxO Optics Pro 6 (HKLM\...\{F967C307-F5BF-4EDA-9634-8CF514180881}) (Version: 6.1.2 - DxO Labs)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free Time)
Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.5 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
FreeFileSync 5.20 (HKLM\...\FreeFileSync) (Version: 5.20 - Zenju)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
Genuine Fractals 6.0 Professional Edition (HKLM\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 6.0 - onOne Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Talk Plugin (HKLM\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version:  - )
HDR projects professional (32-Bit) (HKLM\...\HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.24 - Franzis Verlag GmbH)
Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version:  - Helicon Soft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HomepageFIX (HKLM\...\HomepageFIX_is1) (Version: Aktuelle Version - IN MEDIA KG)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
indii.org/tintii (HKLM\...\tintii) (Version:  - )
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
join.me (HKCU\...\JoinMe) (Version: 1.9.0.133 - LogMeIn, Inc.)
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version:  - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Namo WebEditor 8 (HKLM\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NewsletterDesigner (HKLM\...\NewsletterDesigner_is1) (Version: Aktuelle Version - IN MEDIA KG)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Pano2VR - Garden Gnome Software (HKLM\...\Pano2VR) (Version:  - )
PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\...\PanoramaStudio2Pro) (Version:  - )
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pop Art Studio 6.5 (HKLM\...\{AE48B3F0-0288-46CA-9859-3C2109E9BE7B}) (Version: 6.5 - Fotoview)
Portrait Professional Studio 9.0 (HKLM\...\Portrait Professional Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.)
PortraitPro Studio 12.2 (HKLM\...\PortraitProStudio12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RichKonverter (HKLM\...\de.derpunkt.richmediaplus.Konverter) (Version: 4.7 - UNKNOWN)
RichKonverter (Version: 4.7 - UNKNOWN) Hidden
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version:  - Punk Software)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
SoftOrbits Photo Retoucher 1.3 (HKLM\...\SoftOrbits Photo Retoucher_is1) (Version: 1.3 - SoftOrbits)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version:  - )
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e)
XnViewMP 0.61 (HKLM\...\XnViewMP_is1) (Version: 0.61 - Gougelet Pierre-e)
X-OOM Movie Clone 5 (HKLM\...\X-OOM Movie Clone_is1) (Version: 5 - X-OOM)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

04-11-2014 07:31:46 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2014-11-02 14:34 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0189B5E2-D027-475B-92C3-5BD30B45B5BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0B3FAA9D-B9AD-43AA-8CE4-E8D5621CD5E6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {1027FE25-0662-44F6-BEFA-FE03BD2E88AF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {17D4CF18-1B36-49B8-B37A-1FE511DA6170} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {1AA37F21-EA1C-4E91-BE2A-542590832DEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1D591226-2AD0-4166-8CFE-5AF5771A4509} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5D6FA2BD-6BCD-4F63-A02F-DDCF530D9AAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {6FC93961-F7EF-4C2E-83EA-978636AFD9B2} - System32\Tasks\{2D04646A-6173-4B20-B08F-77BAE22E8D8F} => Chrome.exe 
Task: {7719501C-195E-4D96-BB87-F7B4F5846F70} - System32\Tasks\{A8796C35-190E-4BFF-A5B9-609BC6BE5DF5} => Chrome.exe 
Task: {9B841344-248D-425B-9E98-7F7687F29CB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {9E76933B-518B-4492-A98C-C4B1CBE9EDCE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9FE713D6-2BE1-4821-A2F6-FFA0670635A8} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {A7F4A989-0006-4B13-91A1-C4CA9CA26216} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {AEFDB7BB-5BD4-4D42-901F-A39E3D8E135A} - System32\Tasks\InternetServiceOffers => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-01] ()
Task: {B249A444-7CE8-41B0-949E-981AB3BAD597} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {B8C25482-F04D-49B2-8748-414697DE72B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {D73C3837-DC35-433B-921E-D3960E5E5ED0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {DB12B18F-923A-4505-BA3A-D5BAA6DB355D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E1164DFF-D885-4FFB-ACC8-362D9F18738B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E9D79F23-CC88-4F18-9F19-B47626B0AE73} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {F69E8D8E-6AE6-495A-ABA4-826E22489983} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F9054B7A-31D3-4FA8-86C9-1273BB98C59A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-16 09:22 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2008-10-26 15:59 - 2008-10-06 09:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-26 15:59 - 2008-10-06 09:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-26 15:52 - 2008-09-15 15:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-10-28 15:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-28 15:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-28 15:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-04-18 12:21 - 2010-12-14 08:33 - 00398128 _____ () C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
2010-06-24 09:20 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-09-30 16:56 - 2008-09-30 16:56 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00118784 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 12:59 - 2007-08-14 12:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2010-06-24 09:20 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe
2009-06-29 05:13 - 2008-09-23 16:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
1998-05-31 23:00 - 1998-05-31 23:00 - 03792896 _____ () C:\Program Files\Microsoft Office\Office\MSO97.DLL
2014-11-04 14:26 - 2014-11-04 14:26 - 00043008 _____ () c:\users\abra\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjoloqj.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Abra\AppData\Roaming\Dropbox\bin\libcef.dll
2011-01-17 16:19 - 2012-02-06 12:25 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2008-10-26 14:51 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2014-10-30 20:58 - 2014-10-30 20:58 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Users\Abra\AppData\Local\VcTuc86YT6Z:zuRfTVhHttXAFSR3lWD9nw9FH38
AlternateDataStreams: C:\ProgramData\Temp:3241321C
AlternateDataStreams: C:\ProgramData\Temp:810B9F0D
AlternateDataStreams: C:\ProgramData\Temp:B6AC352B
AlternateDataStreams: C:\ProgramData\Temp:B946D9EE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AnyDVD => "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

========================= Accounts: ==========================

Abra (S-1-5-21-2602968799-2210533201-1949205912-1000 - Administrator - Enabled) => C:\Users\Abra
Administrator (S-1-5-21-2602968799-2210533201-1949205912-500 - Administrator - Disabled)
Gast (S-1-5-21-2602968799-2210533201-1949205912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2602968799-2210533201-1949205912-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (11/04/2014 03:04:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/13/2012 08:44:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 880 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (09/13/2012 08:28:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4045 seconds with 1980 seconds of active time.  This session ended with a crash.

Error: (08/20/2012 02:58:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 726 seconds with 660 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: AMD Athlon Dual-Core QL-65
Percentage of memory in use: 53%
Total physical RAM: 2814.43 MB
Available physical RAM: 1309.44 MB
Total Pagefile: 5628.85 MB
Available Pagefile: 3728 MB
Total Virtual: 2047.88 MB
Available Virtual: 1911.28 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.56 GB) (Free:14.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 627525ED)
Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Hoffe, habe nichts vergessen! DANKE!

Alt 04.11.2014, 20:17   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.11.2014, 16:51   #9
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Logfile ESET-Online-Scanner:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e4be092a71edb7488f1bb0c5c41b9ab1
# engine=20939
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-05 01:19:45
# local_time=2014-11-05 02:19:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 21028 280616875 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 16952 166824776 0 0
# scanned=331808
# found=3
# cleaned=0
# scan_time=13723
sh=8F18725F30CEEE19ECF630C1F875F93027BA22AA ft=0 fh=0000000000000000 vn="OSX/ChatZum.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\ChatZum Toolbar\Chrome_softonic.zip.vir"
sh=8B1575F925C0933A7F1516C93D0B95E438A423BC ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung" ac=I fn="C:\Daten\Beruf\Easymobilehomepage\easymobilehomepage.zip"
sh=961781B2C865F426A245CAB5189A81EB5216102D ft=0 fh=0000000000000000 vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\Users\Abra\Downloads\Test\CRMPlus\CRM-Plus.v2012.1.15.German-LAXiTY.rar"
         
Log Security-Check:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x86   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop        
Ad-Aware Antivirus   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 Spybot - Search & Destroy 
 CCleaner     
 Java 7 Update 71  
 Java version out of Date! 
 Adobe Flash Player 	15.0.0.189  
 Adobe Reader 9  
 Adobe Reader XI  
 Mozilla Firefox (33.0.2) 
 Mozilla Thunderbird (24.6.0) 
 Google Chrome 38.0.2125.111  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled! 
 Ad-Aware AAWTray.exe is disabled! 
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.4.6792.0\AdAwareService.exe 
 Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.4.6792.0\AdAwareTray.exe 
 TVG OnlineUpdate OnlineUpdateSvc.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Log Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Abra at 2014-11-05 17:33:30
Running from C:\Users\Abra\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
8500A909_eDocs (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
8500A909a (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Web Premium hinzufügen oder entfernen (HKLM\...\Adobe_b0efd5c6e27241b2a2a88dbddd25245) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AKVIS Coloriage (HKLM\...\{4833435D-7A4D-4D15-86F4-51C2D15549CF}) (Version: 9.0.1044.9177 - AKVIS)
AKVIS NatureArt (HKLM\...\{592B6EFD-B341-4802-B3B4-A808AF6CC805}) (Version: 5.0.1319.9143 - AKVIS)
AKVIS Retoucher (HKLM\...\{3096C412-7636-45FD-9074-F596F4417076}) (Version: 5.5.869.8634 - AKVIS)
Alamy SizeCheck (HKLM\...\{8C1A4413-DE43-4A42-8C35-DA60BB3590F3}) (Version: 1.1.6 - Braeside Communication Services)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version:  - Alien Skin)
Alien Skin Exposure 5 (HKLM\...\Alien Skin Exposure 5) (Version:  - Alien Skin)
Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version:  - Alien Skin)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Any DVD Cloner Platinum 1.1.2 (HKLM\...\Any DVD Cloner Platinum_is1) (Version:  - dvdsmith.com)
AnyDVD (HKLM\...\AnyDVD) (Version:  - SlySoft)
AOL Toolbar 5.0 (HKLM\...\AOL Toolbar) (Version: 5.2.78.2 - AOL LLC)
Apple Application Support (HKLM\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}) (Version: 6.0.0.59 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaSoft DiaShow 9 Ultimate (HKLM\...\AquaSoft DiaShow 9 Ultimate) (Version: 9.0.11 - AquaSoft)
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Audials (HKLM\...\{3726429A-5B2F-409B-AEB0-2C7F6B6A20E3}) (Version: 10.0.43701.100 - Audials AG)
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Banger Einzelplatz Verlage 1.1 (HKLM\...\Banger Einzelplatz Verlage_is1) (Version:  - )
Bertelsmann Fotowelt (HKLM\...\Bertelsmann Fotowelt) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BPD_DSWizards (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
BuddyW 1.1.10 (HKLM\...\BuddyW_is1) (Version:  - BuddyWorX)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bullzip PDF Printer 6.0.0.702 (HKLM\...\Bullzip PDF Printer_is1) (Version:  - Bullzip)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Cisco EAP-FAST Module (HKLM\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
COLOR projects premium (32-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.13 - Franzis Verlag GmbH)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel Applications (HKLM\...\Corel Applications) (Version:  - )
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.1616 - CyberLink Corp.)
Das Telefonbuch Gelbe Seiten Map & Route (HKLM\...\DasTelefonbuch Gelbe Seiten Map & Route) (Version:  - TVG Telefonbuch- und Verzeichnisverlag GmbH & Co. KG)
DER PUNKT - Richmedia Plus Converter (HKLM\...\RichConverter) (Version: 1.01 - UNKNOWN)
DER PUNKT - Richmedia Plus Converter (Version: 1.01 - UNKNOWN) Hidden
DesignPro 5 (HKLM\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.3.705 - Avery Dennison)
DesignPro 5 (Version: 5.3.705 - Avery Dennison) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
DRI Tool 2.0 (HKLM\...\DRI Tool 2.0_is1) (Version: 2.0 - Traumflieger)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DxO Optics Pro 6 (HKLM\...\{F967C307-F5BF-4EDA-9634-8CF514180881}) (Version: 6.1.2 - DxO Labs)
ESU for Microsoft Vista (HKLM\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FormatFactory 2.95 (HKLM\...\FormatFactory) (Version: 2.95 - Free Time)
Free Audio CD Burner version 1.3 (HKLM\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.0.20.1228 (HKLM\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.5 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version:  - DVDVideoSoft Limited.)
FreeFileSync 5.20 (HKLM\...\FreeFileSync) (Version: 5.20 - Zenju)
FreePDF (Remove only) (HKLM\...\FreePDF_XP) (Version:  - )
Genuine Fractals 6.0 Professional Edition (HKLM\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 6.0 - onOne Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Talk Plugin (HKLM\...\{95763F66-297E-30CE-9728-6D0F20BF97F5}) (Version: 5.38.5.0 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKCU\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version:  - )
HDR projects professional (32-Bit) (HKLM\...\HDR_PROJECTS_1_3_3BF7CE82_is1) (Version: 1.24 - Franzis Verlag GmbH)
Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version:  - Helicon Soft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HomepageFIX (HKLM\...\HomepageFIX_is1) (Version: Aktuelle Version - IN MEDIA KG)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP DVD Play 3.7 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.5723 - Hewlett-Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Total Care Advisor (HKLM\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP User Guides 0118 (HKLM\...\{B6D0B141-B2BE-4DD0-B08F-B9186F3E36B3}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM\...\{846DDADA-0239-4B67-A6B1-33658863793B}) (Version: 1.1.1963.2799 - Hewlett-Packard Company)
indii.org/tintii (HKLM\...\tintii) (Version:  - )
iTunes (HKLM\...\{0F6F6876-6334-4977-B5DD-CFC12E193420}) (Version: 10.7.0.21 - Apple Inc.)
IZArc 4.1.6 (HKLM\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.6 - Ivan Zahariev)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
join.me (HKCU\...\JoinMe) (Version: 1.9.0.133 - LogMeIn, Inc.)
LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.)
LabelPrint (Version: 2.5.0926 - CyberLink Corp.) Hidden
LightScribe System Software  1.14.17.1 (HKLM\...\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}) (Version: 1.14.17.1 - LightScribe)
LightScribe Template Labeler (HKLM\...\{43523FEF-9D8E-4572-BB11-0E914D366E0A}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 97, Professional Edition (HKLM\...\Office8.0) (Version:  - )
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MPM (HKLM\...\{CD8C5C7F-7C58-4F85-8977-A6C08C087912}) (Version: 1.00.0000 - Hewlett-Packard)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee Reveal (HKLM\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.0.62 - WildTangent)
Namo WebEditor 8 (HKLM\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.52 - BVRP Software, Inc)
Network (Version: 130.0.579.000 - Hewlett-Packard) Hidden
NewsletterDesigner (HKLM\...\NewsletterDesigner_is1) (Version: Aktuelle Version - IN MEDIA KG)
Nokia Connectivity Cable Driver (HKLM\...\{4AA68A73-DB9C-439D-9481-981C82BD008B}) (Version: 7.1.69.0 - Nokia)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Officejet Pro 8500 A909 Series (HKLM\...\{D850BEF5-67AF-4071-9538-FA9AC725D62C}) (Version: 13.0 - HP)
OpenOffice.org 3.3 (HKLM\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Pano2VR - Garden Gnome Software (HKLM\...\Pano2VR) (Version:  - )
PanoramaStudio 2.6 Pro ((deinstallieren)) (HKLM\...\PanoramaStudio2Pro) (Version:  - )
PC Connectivity Solution (HKLM\...\{A2AA4204-C05A-4013-888A-AD153139297F}) (Version: 11.5.29.0 - Nokia)
PC Inspector File Recovery (HKLM\...\{0DD140D3-9563-481E-AA75-BA457CBDAEF2}) (Version: 4.0 - )
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Split And Merge Basic (HKLM\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.3 - Andrea Vacondio)
Phase 5 HTML-Editor (HKLM\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pop Art Studio 6.5 (HKLM\...\{AE48B3F0-0288-46CA-9859-3C2109E9BE7B}) (Version: 6.5 - Fotoview)
Portrait Professional Studio 9.0 (HKLM\...\Portrait Professional Studio 9_is1) (Version: 9.0 - Anthropics Technology Ltd.)
PortraitPro Studio 12.2 (HKLM\...\PortraitProStudio12_is1) (Version: 12.2 - Anthropics Technology Ltd.)
Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.)
Power2Go (Version: 6.0.2202 - CyberLink Corp.) Hidden
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.)
PowerDirector (Version: 7.0.2201 - CyberLink Corp.) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Realtek USB 2.0 Card Reader (HKLM\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 3.0.1.3 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RichKonverter (HKLM\...\de.derpunkt.richmediaplus.Konverter) (Version: 4.7 - UNKNOWN)
RichKonverter (Version: 4.7 - UNKNOWN) Hidden
RocketDock 1.3.5 (HKLM\...\RocketDock_is1) (Version:  - Punk Software)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
SoftOrbits Photo Retoucher 1.3 (HKLM\...\SoftOrbits Photo Retoucher_is1) (Version: 1.3 - SoftOrbits)
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE Creature Creator Trial Edition (HKLM\...\{ECEE0279-785F-4CB3-9F28-E69813234BF8}) (Version: 1.00.0000 - Electronic Arts)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
StreamTransport version: 1.0.2.2171 (HKLM\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics)
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version:  - )
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Messenger (HKLM\...\{279DB581-239C-4E13-97F8-0F48E40BE75C}) (Version: 8.1.0178.00 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\504244733D18C8F63FF584AEB290E3904E791693) (Version: 08/22/2008 7.0.0.0 - Nokia)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XnView 1.98.2 (HKLM\...\XnView_is1) (Version: 1.98.2 - Gougelet Pierre-e)
XnViewMP 0.61 (HKLM\...\XnViewMP_is1) (Version: 0.61 - Gougelet Pierre-e)
X-OOM Movie Clone 5 (HKLM\...\X-OOM Movie Clone_is1) (Version: 5 - X-OOM)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{047466F1-82AE-455A-AFC4-D3AC463FBF6B}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2602968799-2210533201-1949205912-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

05-11-2014 08:34:13 Installed PDF Split And Merge Basic

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2014-11-02 14:34 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0189B5E2-D027-475B-92C3-5BD30B45B5BC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0B3FAA9D-B9AD-43AA-8CE4-E8D5621CD5E6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {1027FE25-0662-44F6-BEFA-FE03BD2E88AF} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files\CHIP Updater\CHIPUpdater.exe
Task: {17D4CF18-1B36-49B8-B37A-1FE511DA6170} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {1AA37F21-EA1C-4E91-BE2A-542590832DEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {1D591226-2AD0-4166-8CFE-5AF5771A4509} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {5D6FA2BD-6BCD-4F63-A02F-DDCF530D9AAC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-25] (Piriform Ltd)
Task: {6FC93961-F7EF-4C2E-83EA-978636AFD9B2} - System32\Tasks\{2D04646A-6173-4B20-B08F-77BAE22E8D8F} => Chrome.exe 
Task: {7719501C-195E-4D96-BB87-F7B4F5846F70} - System32\Tasks\{A8796C35-190E-4BFF-A5B9-609BC6BE5DF5} => Chrome.exe 
Task: {9B841344-248D-425B-9E98-7F7687F29CB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {9E76933B-518B-4492-A98C-C4B1CBE9EDCE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9FE713D6-2BE1-4821-A2F6-FFA0670635A8} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
Task: {A7F4A989-0006-4B13-91A1-C4CA9CA26216} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {AEFDB7BB-5BD4-4D42-901F-A39E3D8E135A} - System32\Tasks\InternetServiceOffers => C:\Program Files\Hewlett-Packard\HP TCS\RemEngine.exe [2008-10-01] ()
Task: {B249A444-7CE8-41B0-949E-981AB3BAD597} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {B8C25482-F04D-49B2-8748-414697DE72B0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {D73C3837-DC35-433B-921E-D3960E5E5ED0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {DB12B18F-923A-4505-BA3A-D5BAA6DB355D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-30] (Google Inc.)
Task: {E1164DFF-D885-4FFB-ACC8-362D9F18738B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {E9D79F23-CC88-4F18-9F19-B47626B0AE73} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {F69E8D8E-6AE6-495A-ABA4-826E22489983} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {F9054B7A-31D3-4FA8-86C9-1273BB98C59A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job => C:\Users\Abra\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-16 09:22 - 2010-06-17 20:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2008-10-26 15:59 - 2008-10-06 09:54 - 00365952 _____ () C:\Program Files\SMINST\BLService.exe
2008-10-26 15:59 - 2008-10-06 09:54 - 00132480 _____ () C:\Program Files\SMINST\STWmiM.dll
2008-10-26 15:52 - 2008-09-15 15:13 - 00241734 _____ () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2014-10-28 15:33 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2014-10-28 15:33 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-10-28 15:33 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2014-10-28 15:33 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-04-18 12:21 - 2010-12-14 08:33 - 00398128 _____ () C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
2010-06-24 09:20 - 2007-09-02 12:57 - 00069632 _____ () C:\Program Files\RocketDock\RocketDock.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00057344 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2008-09-30 16:56 - 2008-09-30 16:56 - 00032768 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\Content.XmlSerializers.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00118784 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\ECLibrary.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00040960 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00005632 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00028672 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2008-09-30 16:51 - 2008-09-30 16:51 - 00010240 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll
2008-09-30 16:52 - 2008-09-30 16:52 - 00007168 _____ () C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 01581056 _____ () C:\Program Files\Common Files\LightScribe\QtCore4.dll
2007-08-14 12:59 - 2007-08-14 12:59 - 06365184 _____ () C:\Program Files\Common Files\LightScribe\QtGui4.dll
2007-07-12 12:55 - 2007-07-12 12:55 - 00131072 _____ () C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-06-29 05:13 - 2008-09-23 16:21 - 00066856 _____ () C:\Program Files\HP\QuickPlay\Kernel\Common\MCEMediaStatus.dll
2010-06-24 09:20 - 2007-09-02 12:58 - 00495616 _____ () C:\Program Files\RocketDock\RocketDock.exe
1998-05-31 23:00 - 1998-05-31 23:00 - 03792896 _____ () C:\Program Files\Microsoft Office\Office\MSO97.DLL
2014-11-05 08:24 - 2014-11-05 08:24 - 00043008 _____ () c:\users\abra\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqeqxd.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Abra\AppData\Roaming\Dropbox\bin\libcef.dll
2008-10-26 14:51 - 2008-04-11 09:04 - 00685360 _____ () C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
2011-01-17 16:19 - 2012-02-06 12:25 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2014-10-30 20:58 - 2014-10-30 20:58 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Users\Abra\AppData\Local\VcTuc86YT6Z:zuRfTVhHttXAFSR3lWD9nw9FH38
AlternateDataStreams: C:\ProgramData\Temp:3241321C
AlternateDataStreams: C:\ProgramData\Temp:810B9F0D
AlternateDataStreams: C:\ProgramData\Temp:B6AC352B
AlternateDataStreams: C:\ProgramData\Temp:B946D9EE

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AnyDVD => "C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

========================= Accounts: ==========================

Abra (S-1-5-21-2602968799-2210533201-1949205912-1000 - Administrator - Enabled) => C:\Users\Abra
Administrator (S-1-5-21-2602968799-2210533201-1949205912-500 - Administrator - Disabled)
Gast (S-1-5-21-2602968799-2210533201-1949205912-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2602968799-2210533201-1949205912-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/05/2014 03:10:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2014 03:10:26 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2014 03:08:41 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2014 03:08:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2014 03:08:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2014 03:07:07 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (11/05/2014 09:48:50 AM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: AssetServicesCS3class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Error: (11/05/2014 09:48:50 AM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: AssetServicesCS3class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Error: (11/05/2014 09:48:50 AM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: AssetServicesCS3class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)

Error: (11/05/2014 09:48:50 AM) (Source: Adobe Version Cue CS3) (EventID: 3) (User: )
Description: AssetServicesCS3class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)


System errors:
=============
Error: (11/04/2014 03:04:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (09/13/2012 08:44:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 880 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (09/13/2012 08:28:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4045 seconds with 1980 seconds of active time.  This session ended with a crash.

Error: (08/20/2012 02:58:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 726 seconds with 660 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Processor: AMD Athlon Dual-Core QL-65
Percentage of memory in use: 63%
Total physical RAM: 2814.43 MB
Available physical RAM: 1031.17 MB
Total Pagefile: 5628.85 MB
Available Pagefile: 3557.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1908.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.56 GB) (Free:13.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10.53 GB) (Free:1.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 627525ED)
Partition 1: (Active) - (Size=287.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Log FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Abra (administrator) on ARBEITSLAPTOP on 05-11-2014 17:31:38
Running from C:\Users\Abra\Downloads
Loaded Profile: Abra (Available profiles: Abra)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Nalpeiron Ltd.) C:\Windows\System32\ASTSRV.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
() C:\Program Files\SMINST\BLService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files\HP\QuickPlay\QPService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\RocketDock\RocketDock.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
(Dropbox, Inc.) C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1049896 2008-04-17] (Synaptics, Inc.)
HKLM\...\Run: [hpWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752 2008-04-15] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [QlbCtrl.exe] => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2008-08-01] ( Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [QPService] => C:\Program Files\HP\QuickPlay\QPService.exe [468264 2008-09-23] (CyberLink Corp.)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-12-24] (CyberLink Corp.)
HKLM\...\Run: [UpdateLBPShortCut] => C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdateP2GoShortCut] => C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePDIRShortCut] => C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [210216 2008-06-13] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] => C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2008-10-06] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] => C:\Program Files\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [7670592 2014-10-15] ()
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [972080 2008-09-30] (Hewlett-Packard)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [LightScribe Control Panel] => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2008-06-09] (Hewlett-Packard Company)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4810520 2014-09-25] (Piriform Ltd)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abra\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Shortcut-Leiste.lnk
ShortcutTarget: Microsoft Office Shortcut-Leiste.lnk -> C:\Program Files\Microsoft Office\Office\MSOFFICE.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft-Indexerstellung.lnk
ShortcutTarget: Microsoft-Indexerstellung.lnk -> C:\Program Files\Microsoft Office\Office\FINDFAST.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2602968799-2210533201-1949205912-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll (AOL LLC)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.tixuma.de/?ref=46589
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme_NEU\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Programme_NEU\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=1.1.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Abra\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Abra\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Abra\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Abra\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-11-02]
FF Extension: TinEye Reverse Image Search - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\tineye@ideeinc.com.xpi [2013-12-08]
FF Extension: Web Developer - C:\Users\Abra\AppData\Roaming\Mozilla\Firefox\Profiles\4dl4mn8n.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-10-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-10-30]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-10-30]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-09]
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-09-22]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files\Mein Gutscheincode Finder\Firefox

Chrome: 
=======
CHR Profile: C:\Users\Abra\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files\Mein Gutscheincode Finder\Chrome\chrome-extension.crx []
CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Abra\AppData\Local\Temp\tbch.crx []

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-07] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-07] (Avira Operations GmbH & Co. KG)
R2 astcc; C:\Windows\system32\astsrv.exe [57344 2009-05-29] (Nalpeiron Ltd.) [File not signed]
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [129992 2008-02-03] (EasyBits Sofware AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2010-06-03] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-23] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [656376 2014-10-15] ()
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-06-09] (Hewlett-Packard Company) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Recovery Service for Windows; C:\Program Files\SMINST\BLService.exe [365952 2008-10-06] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734 2008-09-15] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TVGOnlineUpdateSvc; C:\Program Files\TVG\OnlineUpdate\OnlineUpdateSvc.exe [398128 2010-12-14] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.) [File not signed]
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [103360 2008-11-12] (SlySoft, Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-02-02] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 crlscsi; C:\Windows\system32\Drivers\crlscsi.sys [6144 1995-11-07] (Corel Corporation) [File not signed]
S3 Dot4Scan; C:\Windows\System32\DRIVERS\Dot4Scan.sys [10752 2009-07-14] (Microsoft Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [24392 2008-07-21] (Elaborate Bytes AG)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-10-22] (RapidSolution Software AG)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-10-23] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39048 2012-10-22] (RapidSolution Software AG)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [360376 2014-07-10] (BitDefender S.R.L.)
R3 U2SP; C:\Windows\System32\DRIVERS\u2s2kxp.sys [23296 2004-05-05] (Magic Control Technology Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 catchme; \??\C:\Users\Abra\AppData\Local\Temp\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 17:31 - 2014-11-05 17:32 - 00023141 _____ () C:\Users\Abra\Downloads\FRST.txt
2014-11-05 17:18 - 2014-11-05 17:18 - 00854448 _____ () C:\Users\Abra\Downloads\SecurityCheck.exe
2014-11-05 09:57 - 2014-11-05 09:57 - 00000000 ____D () C:\Users\Abra\.pdfsam
2014-11-05 09:35 - 2014-11-05 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge Basic
2014-11-05 09:35 - 2014-11-05 09:35 - 00000000 ____D () C:\Program Files\PDF Split And Merge Basic
2014-11-04 15:19 - 2014-11-04 15:19 - 00000000 ____D () C:\Users\Abra\Downloads\FRST-OlderVersion
2014-11-04 14:49 - 2014-11-04 14:49 - 00000000 ____D () C:\Windows\ERUNT
2014-11-04 14:46 - 2014-11-04 14:47 - 01706359 _____ (Thisisu) C:\Users\Abra\Downloads\JRT.exe
2014-11-02 14:39 - 2014-11-02 14:39 - 00017468 _____ () C:\ComboFix.txt
2014-11-02 14:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-02 14:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-02 14:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-02 14:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-02 14:14 - 2014-11-02 14:39 - 00000000 ____D () C:\Qoobox
2014-11-02 14:13 - 2014-11-02 14:36 - 00000000 ____D () C:\Windows\erdnt
2014-11-02 14:06 - 2014-11-02 14:06 - 05591672 ____R (Swearware) C:\Users\Abra\Downloads\ComboFix.exe
2014-11-01 14:16 - 2014-11-05 17:31 - 00000000 ____D () C:\FRST
2014-11-01 14:15 - 2014-11-04 15:19 - 01106432 _____ (Farbar) C:\Users\Abra\Downloads\FRST.exe
2014-11-01 13:00 - 2014-11-01 13:00 - 02347384 _____ (ESET) C:\Users\Abra\Downloads\esetsmartinstaller_deu.exe
2014-10-31 08:38 - 2014-11-04 13:24 - 00001168 _____ () C:\Windows\PFRO.log
2014-10-30 20:58 - 2014-10-30 20:58 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-30 16:36 - 2014-10-30 16:36 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-30 16:36 - 2014-10-30 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-30 16:35 - 2014-11-05 16:40 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-30 16:34 - 2014-11-05 16:39 - 00001090 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-30 16:34 - 2014-10-30 16:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Google
2014-10-30 09:15 - 2014-10-30 09:15 - 00002503 _____ () C:\Users\Public\Desktop\Snapseed.lnk
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Users\Abra\AppData\Local\Nik Software
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Snapseed
2014-10-30 09:15 - 2014-10-30 09:15 - 00000000 ____D () C:\Program Files\Nik Software
2014-10-29 17:14 - 2014-11-05 17:06 - 05568634 _____ () C:\Windows\setupact.log
2014-10-29 17:14 - 2014-10-29 17:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-29 12:21 - 2014-10-29 12:21 - 00880272 _____ (Google Inc.) C:\Users\Abra\Downloads\ChromeSetup.exe
2014-10-28 18:16 - 2014-11-02 16:32 - 00000000 ____D () C:\Users\Abra\AppData\Local\CrashDumps
2014-10-28 16:03 - 2014-10-28 16:03 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-28 16:03 - 2014-10-28 16:03 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-28 15:59 - 2014-10-28 16:02 - 17318026 _____ () C:\Users\Abra\Downloads\RogueKiller_10.0.3.zip
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\Users\Abra\AppData\Local\Abelssoft
2014-10-28 15:45 - 2014-10-28 15:45 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-28 15:44 - 2014-10-28 15:52 - 00000000 ____D () C:\Program Files\CHIP Updater
2014-10-28 15:33 - 2014-11-02 14:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-10-28 15:33 - 2014-10-28 15:51 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-10-28 15:33 - 2014-10-28 15:33 - 00002135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2014-10-28 15:33 - 00002123 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-10-28 15:33 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-10-28 15:31 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-10-28 15:31 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-10-28 15:08 - 2014-10-28 15:09 - 01125200 _____ () C:\Users\Abra\Downloads\SpyBot Search Destroy - CHIP-Installer.exe
2014-10-28 15:03 - 2014-10-28 15:03 - 01998336 _____ () C:\Users\Abra\Downloads\adwcleaner_4.002.exe
2014-10-25 10:10 - 2014-10-25 10:11 - 00633265 _____ () C:\Users\Abra\Downloads\wirwarenunsterblich.epub
2014-10-24 15:36 - 2014-11-05 08:22 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-24 15:36 - 2014-10-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-24 15:33 - 2014-10-24 15:33 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-24 15:30 - 2014-10-24 15:30 - 01754248 _____ () C:\Users\Abra\Downloads\Adaware_Installer.exe
2014-10-24 15:25 - 2014-10-24 15:25 - 00006624 _____ () C:\Windows\system32\cc_20141024_162530.reg
2014-10-23 13:43 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Local\AquaSoft
2014-10-23 13:41 - 2014-10-23 13:43 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\AquaSoft
2014-10-23 12:59 - 2014-10-23 12:59 - 00320120 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys
2014-10-23 12:58 - 2014-10-23 12:58 - 00001129 _____ () C:\Users\Public\Desktop\DiaShow 9 Ultimate.lnk
2014-10-23 12:58 - 2014-10-23 12:58 - 00000000 __HDC () C:\ProgramData\{BEB9E475-E659-4956-9850-27F51DD50863}
2014-10-23 12:57 - 2014-10-23 12:57 - 00000000 ____D () C:\Program Files\Common Files\AquaSoft
2014-10-23 12:56 - 2014-10-23 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AquaSoft
2014-10-23 12:55 - 2014-10-23 12:55 - 00000000 ____D () C:\Program Files\AquaSoft
2014-10-22 10:01 - 2014-10-22 10:01 - 13074360 _____ (SoftOrbits ) C:\Users\Abra\Downloads\SORetoucher.exe
2014-10-21 13:29 - 2014-10-21 13:29 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-10-21 13:29 - 2014-10-21 13:27 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-21 13:28 - 2014-10-21 13:28 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-10-21 13:28 - 2014-10-21 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-21 13:28 - 2014-10-21 13:27 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-10-20 11:27 - 2014-10-20 11:27 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-10-18 13:34 - 2014-10-18 13:38 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-18 13:34 - 2014-10-18 13:34 - 00001989 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-10-17 21:52 - 2014-10-17 21:53 - 00034102 _____ () C:\Windows\system32\cc_20141017_225226.reg
2014-10-16 17:00 - 2014-11-04 10:37 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-16 17:00 - 2014-10-16 17:00 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-16 16:59 - 2014-10-16 16:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-10-16 16:59 - 2014-10-01 10:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-16 16:59 - 2014-10-01 10:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-16 16:54 - 2014-10-16 16:54 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Abra\Downloads\mbam-setup-2.0.3.1025_CB-DL-Manager [1].exe
2014-10-15 10:24 - 2014-10-15 10:24 - 00000000 ____D () C:\Program Files\Lavasoft
2014-10-15 10:02 - 2014-10-15 10:02 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-10-15 10:02 - 2014-10-15 10:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-15 10:00 - 2014-10-15 10:00 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\LavasoftStatistics
2014-10-15 09:56 - 2014-10-15 09:56 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Lavasoft
2014-10-15 09:54 - 2014-10-15 09:54 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-15 09:39 - 2014-10-15 09:39 - 04964488 _____ (Piriform Ltd) C:\Users\Abra\Downloads\ccsetup418.exe
2014-10-15 09:19 - 2014-10-15 09:19 - 00000000 ____D () C:\Windows\system32\Adobe
2014-10-15 09:05 - 2014-11-04 13:22 - 00000000 ____D () C:\AdwCleaner
2014-10-15 09:03 - 2014-09-29 01:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 09:02 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 09:02 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 09:02 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 09:02 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 09:02 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 09:02 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 09:02 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 09:02 - 2014-09-19 02:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 09:02 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 09:02 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 09:02 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 09:02 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 09:02 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 09:02 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 09:02 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 09:02 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 09:02 - 2014-09-19 01:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 09:02 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 09:02 - 2014-09-19 01:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 09:02 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 09:02 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 09:02 - 2014-09-19 01:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 09:02 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 09:02 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 09:02 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 09:02 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 09:02 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 09:02 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 09:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 09:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 09:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 09:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 09:01 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 09:01 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 09:01 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 09:01 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-15 09:01 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 09:00 - 2014-08-19 03:41 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 09:00 - 2014-08-19 03:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 09:00 - 2014-08-19 03:40 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 09:00 - 2014-08-19 02:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 09:00 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 09:00 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 09:00 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 09:00 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 09:00 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 09:00 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 09:00 - 2014-07-07 02:28 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 09:00 - 2014-06-28 01:21 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 09:00 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieUserList
2014-10-13 17:57 - 2014-10-13 17:57 - 00000000 __SHD () C:\Users\Abra\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-05 17:22 - 2013-12-06 15:36 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000UA.job
2014-11-05 10:22 - 2013-12-06 15:36 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2602968799-2210533201-1949205912-1000Core.job
2014-11-05 09:57 - 2010-05-13 17:19 - 00000000 ____D () C:\Users\Abra
2014-11-05 09:57 - 2009-08-03 15:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Adobe
2014-11-05 09:45 - 2009-08-05 21:10 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\XnView
2014-11-05 09:42 - 2012-05-16 09:54 - 00000000 ____D () C:\Users\Abra\AppData\Local\FreePDF_XP
2014-11-05 08:36 - 2010-05-13 18:05 - 01472407 _____ () C:\Windows\WindowsUpdate.log
2014-11-05 08:30 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-05 08:30 - 2010-05-13 17:14 - 00011440 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-05 08:25 - 2014-02-12 10:15 - 00000000 ___RD () C:\Users\Abra\Dropbox
2014-11-05 08:25 - 2014-02-12 10:11 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Dropbox
2014-11-05 08:23 - 2010-05-13 18:21 - 00000248 _____ () C:\ProgramData\hpqp.ini
2014-11-05 08:21 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 10:34 - 2010-05-13 18:20 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-02 21:58 - 2014-02-14 21:44 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\PanoramaStudio2Pro
2014-11-02 14:39 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-11-02 14:39 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public
2014-11-02 14:34 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2014-11-01 11:38 - 2011-12-04 12:40 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-01 11:38 - 2009-08-22 16:58 - 00000052 _____ () C:\Windows\system32\DOErrors.log
2014-11-01 11:25 - 2012-04-25 08:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-31 14:26 - 2014-04-13 16:35 - 00001062 _____ () C:\Users\Abra\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2014-10-30 16:35 - 2013-08-26 12:10 - 00000000 ____D () C:\Program Files\Google
2014-10-29 20:22 - 2009-10-06 09:59 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Mozilla
2014-10-29 17:38 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-29 09:25 - 2014-01-07 11:49 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-10-29 08:50 - 2009-07-14 05:33 - 01849920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-28 15:58 - 2010-05-13 18:21 - 00145216 _____ () C:\Users\Abra\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-28 15:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-10-28 15:35 - 2011-03-28 11:50 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-10-28 06:35 - 2009-10-03 10:10 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 10:30 - 2010-11-24 08:29 - 00000000 ____D () C:\Users\Abra\Documents\Eigene Scans
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\Common Files\ArcSoft
2014-10-23 14:37 - 2010-11-10 22:18 - 00000000 ____D () C:\Program Files\ArcSoft
2014-10-23 14:37 - 2008-10-26 14:35 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-10-21 13:29 - 2013-10-28 18:47 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-21 13:27 - 2008-10-26 15:55 - 00000000 ____D () C:\Program Files\Java
2014-10-20 11:32 - 2014-08-19 08:44 - 00000000 ____D () C:\Users\Abra\AppData\Local\Adobe
2014-10-18 13:34 - 2009-11-23 10:32 - 00000000 ____D () C:\Program Files\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-18 13:34 - 2008-10-26 15:42 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-10-16 11:41 - 2013-08-15 16:11 - 00000000 ____D () C:\Windows\rescache
2014-10-15 14:01 - 2008-10-26 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-15 13:56 - 2013-08-14 12:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 13:45 - 2010-05-14 09:40 - 100290944 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 10:18 - 2010-06-09 13:32 - 00000000 ____D () C:\Users\Abra\AppData\Roaming\Media Player Classic
2014-10-15 10:17 - 2010-05-15 17:02 - 00000000 ____D () C:\Windows\Minidump
2014-10-15 10:17 - 2010-05-14 03:08 - 00000000 ____D () C:\Windows\Panther
2014-10-14 10:50 - 2008-10-26 15:23 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-14 05:39 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-07 09:37 - 2013-10-14 10:33 - 00037384 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-07 09:37 - 2013-10-14 10:31 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Abra\AppData\Local\Temp\avgnt.exe
C:\Users\Abra\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqeqxd.dll
C:\Users\Abra\AppData\Local\Temp\Quarantine.exe
C:\Users\Abra\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 15:06

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Ich boote jetzt den Rechner neu und melde mich dann wieder, ob die Probleme bereinigt sind!

Hallo "Schrauber",

schade, das Problem ist immer noch da: Google Chrome läuft nicht!
Fehlermeldungen sind unverändert!

Was kann ich jetzt noch tun?

VG Andreas

Alt 06.11.2014, 10:33   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Java updaten.

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.11.2014, 08:33   #11
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Guten Morgen "Schrauber".

habe Java Update gemacht und mit dem Riva Uninstaller Chrome deinstalliert.
Dabei habe ich den Modus:
"Moderat - schließt den Gefahrlosmodus ein und startet ausführliche Scans zum Auffinden aller übrigen Anwendungeneinträge an den geläufigsten Stellen der Registry und Festplatten."
Dann habe ich Chrome neu installiert!

Schade, es hat sich nichts geändert - der Fehler ist immer noch da: Chrome läßt sich nicht öffnen (wie gehabt).

Habe ich was falsch gemacht oder gibt´s noch einen Tipp?

Danke und viele Grüße
Andreas

Alt 07.11.2014, 19:48   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Kommt ne Fehlermeldung wenn Du starten willst?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.11.2014, 20:18   #13
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Ja, immer noch die gleiche:
"Google Chrome ist abgestürtzt. Jetzt neu starten?"
Bei "Ja", geht ein Fenster auf:
" Chrome funktioniert nicht mehr. Es wird nach einer Lösung für das Problem gesucht." - dann nächstes Fenster "Das Programm wird aufgrund eines Problems nícht richtig ausgeführt. Das Programm wird geschlossen und Sie werden benachrichtigt, wenn eine Lösung verfügbar ist."

Alt 08.11.2014, 07:23   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Ist ja irgendwie unmöglich wenn komplett deinstalliert wurde. Versuch Chrome mal ohne Addons zu starten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.11.2014, 16:55   #15
speedy111
 
Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Standard

Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen



Soweit komme ich erst gar nicht!
Ich kann die Addons weder abstellen (Einstellungen/Erweiterungen - verwalten, deaktivieren)
noch in einem Inkognito-Fenster öffnen.
Der Browser Chrome startet erst gar nicht!
Habe es auch schon probiert, mit rechter Mouse-Taste auf Chrome-Logo und dann Inkognito-Fenster öffnen - kommt aber die gleiche Meldung "Google Chrome ist abgestürzt ..."
Oder gibt es einen anderen Weg, Chrome ohne Addons zu starten?

Antwort

Themen zu Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen
abelssoft, ccsetup, device driver, dvdvideosoft ltd., fehlercode 0x5, fehlercode 0xc0000005, fehlercode windows, launch, osx/chatzum.a, php/obfuscated.f, pup.optional.softonic.a, refresh, tr/patched.ren.gen



Ähnliche Themen: Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen


  1. AVIRA meldet regelmäßi dass TR/Patched.ren.gen auf eine temporäre Datei zugreifen will
    Plagegeister aller Art und deren Bekämpfung - 10.10.2015 (18)
  2. Nur Avira meldet TR/Patched.Ren.Gen (2) ESET,ADWcleaner, mbar.exe finden nichts
    Plagegeister aller Art und deren Bekämpfung - 21.09.2015 (11)
  3. Win 10: Chrome öffnet ungefragt Tabs; Virenscan läuft nicht mehr durch
    Log-Analyse und Auswertung - 25.08.2015 (12)
  4. Avira Antivir meldet Malware: PUA/DownlaodGuide.Gen und TR/Patched.Ren.Gen2
    Log-Analyse und Auswertung - 19.03.2015 (15)
  5. AVIRA professional startet nicht mehr, AVAST setup geht auch nicht Win7 64
    Log-Analyse und Auswertung - 09.12.2014 (23)
  6. Win7 - TR/Patched.Ren.Gen2 von AVIRA entdeckt
    Log-Analyse und Auswertung - 08.11.2014 (15)
  7. Laptop WIN7: funktioniert kein WLAN mehr, Mozilla spinnt rum, Intel RST Service läuft nicht, Meldungen im Wartungscenter
    Plagegeister aller Art und deren Bekämpfung - 03.11.2014 (37)
  8. Laptop WIN7: funktioniert kein WLAN mehr, Mozilla spinnt rum, Intel RST Service läuft nicht, Meldungen im Wartungscenter
    Alles rund um Windows - 07.10.2014 (1)
  9. AVIRA meldet TR/Crypt.ZPACK.96184 & Win7 64BitPro RegSvr32 Fehler
    Plagegeister aller Art und deren Bekämpfung - 13.09.2014 (11)
  10. WIN7: AVAST meldet Win32:Bprotect-D /-F /-H und weitere, Rechner läuft
    Log-Analyse und Auswertung - 05.06.2014 (12)
  11. Firefox startet nicht mehr, Avira meldet tr/boigy.j
    Log-Analyse und Auswertung - 11.07.2013 (11)
  12. Delta Search in Chrome geht nicht mehr weg und Avira meldete 8 Funde
    Log-Analyse und Auswertung - 13.04.2013 (15)
  13. bProtector auf dem Netbook meiner Tochter, Avira läuft auch nicht mehr, was tun ??
    Log-Analyse und Auswertung - 30.08.2012 (10)
  14. Avira meldet TR/ATRAPS.Gen, ...Gen2, W32/Patched.UA und TR/Jorik.Totem.vz
    Plagegeister aller Art und deren Bekämpfung - 15.08.2012 (1)
  15. avira antivirus premium meldet in c:\windows\system32\services.exe Virus w32/patched.ub
    Plagegeister aller Art und deren Bekämpfung - 05.07.2012 (22)
  16. Avira meldet W32/Patched.UA TR/ATRAPS.Gen2 und TR/Small.FI
    Log-Analyse und Auswertung - 27.06.2012 (29)
  17. Google Chrome läuft nicht mehr +Fehlermeldungen IE+WE
    Log-Analyse und Auswertung - 10.07.2010 (33)

Zum Thema Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen - Betriebssystem: Windows 7 Home Premium 32-Bit, Virenscanner Avira Personal Edition Das ganze ging los, dass sich Google Chrome nicht mehr starten lies und folgende Meldung kam: "Google Chrome ist abgestürtzt. - Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen...
Archiv
Du betrachtest: Win7: Chrome läuft nicht mehr - Avira meldet Fehler: TR/Patched.Ren.Gen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.